To follow up on my previous post about DAViCal, I’ve built and published RPMs for DAViCal itself and the php-awl dependency.
These are based off provided spec files from the project and tweaked somewhat to be more suitable for RHEL 5 & 6.
RHEL 5 & PostgreSQL 8.1 Note
Whilst DAViCal is intended (and for normal operation, does) work with PostgreSQL 8.1 or later, this version is too old for the LDAP authentication module to work, as it uses some PostgreSQL 8.4 version queries.
Fortunately RHEL & CentOS ship with both PostgreSQL 8.1 and PostgreSQL 8.4 now available, so you can fix the solution by installing with:
# yum install davical postgresql84-server
RHEL 5 & 6 Installation Instructions
These instructions assume you have confirmed the Amberdms RHEL 5 “amberdms-os” repository at minimum – or you can go and pull the specific RPM files you want – php-awl and davical and add them to your own repository.
Once the repositories are setup, simply install with:
# yum install davical
DAViCal uses PostgreSQL, if this is a new/first PostgreSQL installation, you will need to start and possibly initilise the DB:
# service postgresql start /var/lib/pgsql/data is missing. Use "service postgresql initdb" to initialize the cluster first. [FAILED] # service postgresql initdb Initializing database: [ OK ] # service postgresql start Starting postgresql service: [ OK ]
We need to edit the PostgreSQL user authentication configuration to allow local-only password-less access for the DAViCal application. Optionally you can configure MD5, ident or other desired methods. Add the two lines below to the configuration file, above any existing lines.
# vi /var/lib/pgsql/data/pg_hba.conf # trust davical local davical davical_app trust local davical davical_dba trust
Restart PostgreSQL for the changes to take effect:
# service postgresql restart
Install the database:
# cd /tmp/ # su postgres -c /usr/share/davical/dba/create-database.sh Supported locales updated. Updated view: dav_principal.sql applied. CalDAV functions updated. RRULE functions updated. Database permissions updated. NOTE ==== * The password for the 'admin' user has been set to 'EXAMPLE' Thanks for trying DAViCal! Check in /usr/share/doc/davical/examples/ for some configuration examples. For help, visit #davical on irc.oftc.net.
Adjust the access rules for Apache & restart it:
# vi /etc/httpd/conf.d/davical.conf # service httpd restart
Test access at http://localhost/davical/or whatever your appropriate server URL is. Any 403 errors probably suggest fault with the /etc/httpd/conf.d/davical.conf IP ACL configuration.
RHEL 5 & 6 Upgrade Instructions
Using the packages I have provided, the DAViCal PostgreSQL DB will be updated on any new releases when installing newer RPMs.
This uses the /usr/share/davical/dba/update-davical-database script supplied with DAViCal and shouldn’t require any manual execution or options normally.
LDAP Authentication
To configure LDAP authentication, edit the configuration file and define the external authentication settings.
vi /etc/davical/config.php
See the notes in the file about LDAP configuration or consult the quite reliable source of documentation at the DAViCal wiki.
You will also need to have php-ldap installed – it’s not one of the default package dependencies – if it’s missing, you will get this clear message on the login screen:
"drivers_ldap : function ldap_connect not defined, check your php_ldap module"
To install, run:
# yum install php-ldap # service httpd restart
If authentication still fails to work, try the following
- Check the version of PostgreSQL used – must be 8.4 or later, not 8.1, as per my note at the start of this document.
- Check Apache error logs (typically /var/log/httpd/error_log)
- Check the LDAP server logs
Hi, I’m trying to follow your tutorial. But I get stuck at the step “Install the database”.
I run CentOS 6 and I already had Postgresql running.
Running the command from the step “Install the database” requests a password. Which password?
I tried using empty or an admin password to no avail. Could you please help?
Thank you in advance.
[user@testmail tmp]$ su postgres -c /usr/share/davical/dba/create-database.sh
Password:
psql: fe_sendauth: no password supplied
Password:
Password:
Password:
createdb: database creation failed: ERROR: database "davical" already exists
Unable to create database
[user@testmail tmp]$
hi Josep,
Looks like your PostgreSQL database is expecting a password for the PostgreSQL admin user and when entered it’s failing since there’s already a database for davical?
Does psql -l show a davical database as already existing?
If you had a test/failed install from a previous attempt, you might need to drop the davical database that is currently in there before being able to create the new one.
regards,
jethro
Hi Jethro,
Thanks for answering.
Following your advice, I removed the davical database and all davical_* users from my PostgreSQL and I started from scratch.
I tried again, and the database creator script appears stuck here:
[root@testmail tmp]# su postgres -c /usr/share/davical/dba/create-database.sh
Password:
Password:
Password:
Password:
Password:
Password:
I run ps ax and I noticed the following process getting stuck: no changes in 15 minutes.
21439 pts/0 S+ 0:00 | \_ su postgres -c /usr/share/davical/dba/create-database.sh
21440 ? Ss 0:00 | \_ /bin/sh /usr/share/davical/dba/create-database.sh
21474 ? S 0:00 | \_ /bin/sh /usr/share/davical/dba/create-database.sh
21475 ? S 0:00 | \_ psql -U davical_dba -qXAt -c SELECT usename FROM pg_user; davical
Checked PostgreSQL processes for table davical an there is one process:
SELECT * FROM pg_catalog.pg_stat_activity
WHERE datname=’davical’ ORDER BY usename, procpid
Any idea?
Thanks in advance,
Josep
It looks to me like your PostgreSQL server is trying to authenticate the create-database.sh’s SQL connection attempts using trust authentication (password based checks).
In file /var/lib/pgsql/data/pg_hba.conf, do your davical lines look like:
local davical davical_app trust
local davical davical_dba trust
Note that I’m not certain, but I suspect that pg_hba.conf may be order specific, so move these up above any other definitions already in that file.
You’ll have to restart PostgreSQL following that change.
Essentially this configuration tells PostgreSQL to trust any user authentication as user “davical” without a password if the authentication attempt is coming from the localhost only.
If you have other untrusted applications on the server you may want to look at other methods such as password/pam/ldap authentication for the DB users, but it complicates the setup somewhat.
Hi Jethro,
Hah! How about that! Now it worked:
su postgres -c /usr/share/davical/dba/create-database.sh
Password:
Password:
Password:
Password:
Password:
Password:
Password:
Supported locales updated.
Updated view: dav_principal.sql applied.
CalDAV functions updated.
RRULE functions updated.
Database permissions updated.
NOTE
====
* You will need to edit the PostgreSQL pg_hba.conf to allow the
‘davical_dba’ database user access to the ‘davical’ database.
* You will need to edit the PostgreSQL pg_hba.conf to allow the
‘davical_app’ database user access to the ‘davical’ database.
* The password for the ‘admin’ user has been set to ‘KzFqjKnX’
Thanks for trying DAViCal! Check in /usr/share/doc/davical/examples/ for
some configuration examples. For help, visit #davical on irc.oftc.net.
Now, on to keep working on it.
Thank you very much,
Regards
FYI, the stuck process shown in ps is probably a symptom of the script being stuck waiting for a valid password before it can process, rather than a hang in the script or PostgreSQL.
Yup, that was it.
After the script finished properly (after moving davical trust lines to the top of /var/lib/pgsql/data/pg_hba.conf and restarting PostgreSQL) , there was no stuck process .
Thank you again,
Josep
Awesome, glad I was able to assist :-)