RT with RHEL4

Has anybody had any luck with RHEL4 & RT? I’ve only setup RT with
Debian, where it’s just somewhat plug & play.
with RHEL4 I’m not having so much luck. using CPAN to install all of
the requisite perl modules has left me in a
state of perl-module version purgatory, especially with MIME::Entity and
Test::WWW:Mechanize … Is there a special
magic to this installation?

BitPusher, LLC
http://www.bitpusher.com/
1.888.9PUSHER
(415) 724.7998 - Mobile

Yep, ran into the same problem with Fedora Core 3. Can¹t remember off the
top of my head but essentially there¹s 2 ways of installing CPAN modules and
you need to use the one not mentioned on the install guide on Wiki.

Baxter Shepperson
Network Administrator
www.cerebra.com
baxter@cerebra.com
Cell 760-812-0191From: “Michael T. Halligan” michael@halligan.org
Date: Thu, 2 Jun 2005 18:47:37 -0700
To: rt-users@lists.bestpractical.com
Subject: [rt-users] RT with RHEL4

Has anybody had any luck with RHEL4 & RT? I’ve only setup RT with
Debian, where it’s just somewhat plug & play.
with RHEL4 I’m not having so much luck. using CPAN to install all of
the requisite perl modules has left me in a
state of perl-module version purgatory, especially with MIME::Entity and
Test::WWW:Mechanize … Is there a special
magic to this installation?

BitPusher, LLC
http://www.bitpusher.com/
1.888.9PUSHER
(415) 724.7998 - Mobile

http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users

Be sure to check out the RT Wiki at http://wiki.bestpractical.com

Has anybody had any luck with RHEL4 & RT? I’ve only setup RT with
Debian, where it’s just somewhat plug & play. with RHEL4 I’m not
having so much luck. using CPAN to install all of the requisite
perl modules has left me in a state of perl-module version purgatory

I usually just install a perl into /opt/perl, where it can do whatever
it likes and not have to play nice with the versioned OS one. cpan and
package management just don’t play well together.

seph

What options/flags do you use when building your /opt/perl?

jbw

seph wrote:

Are you using FastCGI and MySQL? Should be a cakewalk; just follow the instructions here:

http://wiki.bestpractical.com/index.cgi?RHEL4InstallGuide

MIME::Entity won’t install without MIME::Base64, so install that first:

perl -MCPAN -e ‘install MIME::Base64’

Now install MIME::Entity:

perl -MCPAN -e ‘install MIME::Entity’

Now install Log::Dispatch:

perl -MCPAN -e ‘install Log::Dispatch’

-WcH-----Original Message-----
From: Michael T. Halligan [mailto:michael@halligan.org]
Sent: Thu 6/2/2005 9:47 PM
To: rt-users@lists.bestpractical.com
Cc:
Subject: [rt-users] RT with RHEL4
Has anybody had any luck with RHEL4 & RT? I’ve only setup RT with
Debian, where it’s just somewhat plug & play.
with RHEL4 I’m not having so much luck. using CPAN to install all of
the requisite perl modules has left me in a
state of perl-module version purgatory, especially with MIME::Entity and
Test::WWW:Mechanize … Is there a special
magic to this installation?

BitPusher, LLC
http://www.bitpusher.com/
1.888.9PUSHER
(415) 724.7998 - Mobile

http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users

Be sure to check out the RT Wiki at http://wiki.bestpractical.com

Michael T. Halligan wrote:

Has anybody had any luck with RHEL4 & RT?

You bet. Easy as pie. Here’s my install notes, heavily based on the wiki:
Installing RT on RHEL 4 with FastCGI and MySQL:

RHEL4 INSTALL
Boot from RHEL4 CD 1

When partitioning, click "Configure advanced boot loader options"
add vga=773 (or whatever) to kernal parms

Firewall on, allow SSH, HTTP & HTTPS, SMTP
SELINUX=disabled

Customize software packages to be installed
Pick “minimal” set of packages

reboot

SETUP up2date

rpm --import /usr/share/rhn/RPM-GPG-KEY

upgrade all (you’ll be prompted to accept rhndefault
settings, and for your rhn user info)

up2date -u

add needed stuff

up2date \

httpd-devel
mod_ssl
mysql
mysqlclient10
mysql-server
mysql-devel
gcc
system-switch-mail
postfix

add stuff I like

up2date \

screen
rcs
vim-enhanced

Now we switch from Sendmail to Postscript

system-switch-mail

start screen (if you like)

screen

Install FastCGI…

cd /usr/local/src

wget http://www.fastcgi.com/dist/mod_fastcgi-2.4.2.tar.gz

gunzip mod_fastcgi-2.4.2.tar.gz

tar -xvf mod_fastcgi-2.4.2.tar

cd mod_fastcgi-2.4.2

cp Makefile.AP2 Makefile

edit Makefile:

 ###Modify for location of apache 2 installation:
 top_dir      = /etc/httpd

make

make install

FastCGI wants to have a place to put its logs, and permission to do so:

mkdir /etc/httpd/logs/fastcgi

mkdir /etc/httpd/logs/fastcgi/dynamic

chown apache:apache /etc/httpd/logs/fastcgi

chown apache:apache /etc/httpd/logs/fastcgi/dynamic

Do initial configure for apache

cd /etc/httpd/conf

ci -l httpd.conf

vim httpd.conf

rcsdiff httpd.conf

RCS file: httpd.conf,v
retrieving revision 1.1
diff -r1.1 httpd.conf
189a190

LoadModule fastcgi_module modules/mod_fastcgi.so

Start apache

service httpd start

Check Apache logs to make sure fastcgi started

  • Should see no lines with [error] referencing FastCGI
  • Should see one line indicating a [notice] and the pid of FastCGI
    [notice] FastCGI: process manager initialized (pid 3478)

cat /var/log/httpd/error_log

If it worked…

ci -u /etc/httpd/conf/httpd.conf

NOTE: always check the group ownership and permissions of files after
you perform rcs operations on them… I think your effective ID can
screw things up, and then you’ve got to chgrp or whatever.

Set apache and mysql to start automatically

chkconfig httpd on

chkconfig mysqld on

Turn on MySQL server, set MySQL root password…

service mysqld start

mysqladmin -u root password some_new_password

Do initial CPAN setup

cd

perl -MCPAN -e shell

Policy on building prerequisites (follow, ask or ignore)? [ask] follow

cpan> install Bundle::CPAN
cpan> quit

RT Pre-Install…
RT requires its own group, so let’s add it now lest we forget:

groupadd rt

RT gets initiated by apache, so add apache to the rt group:

vim /etc/group

grep ^rt /etc/group

rt:x:500:apache

Confirm selinux is disabled

grep ^SELINUX= /etc/selinux/config

SELINUX=disabled

Change permissions on /etc/httpd/logs from within
$ cd /etc/httpd/logs
$ chmod 755 .

Install latest RT

cd /usr/local/src

wget http://download.bestpractical.com/pub/rt/release/rt-3.4.2.tar.gz

gunzip rt.tar.gz

tar -xvf rt.tar

cd rt-3.4.2/

Set up the makefile for us with the proper settings:

./configure \

 --with-web-user=apache \
 --with-web-group=apache \
 --with-mysql \
 --with-fastcgi

Show us what’s missing and what’s not:

perl sbin/rt-test-dependencies --with-mysql --with-fastcgi --verbose

Try to install what’s missing for us through CPAN:

perl sbin/rt-test-dependencies --with-mysql --with-fastcgi --install

Test again and only show us the MISSING items this time:

perl sbin/rt-test-dependencies --with-mysql --with-fastcgi --verbose \

| grep MISSING

MIME::Entity won’t install without MIME::Base64, so install that first

perl -MCPAN -e ‘install MIME::Base64’

Now install MIME::Entity:

perl -MCPAN -e ‘install MIME::Entity’

Try to install anything else missing for us:

perl sbin/rt-test-dependencies --with-mysql --with-fastcgi --install

Test again and make sure nothing is MISSING:

perl sbin/rt-test-dependencies --with-mysql --with-fastcgi --verbose \

| grep MISSING

NOTE: I chose to skip running the Apache test suite to
simplify things. YMMV.

Assuming everything is present and it’s a go, install and intialize
database…

make install

Make a copy of the dist config file to edit:

cp /opt/rt3/etc/RT_Config.pm /opt/rt3/etc/RT_SiteConfig.pm

Edit your RT config file for your purposes:

cd /opt/rt3/etc

ci -l RT_SiteConfig.pm

vim RT_SiteConfig.pm

rcsdiff RT_SiteConfig.pm

RCS file: RT_SiteConfig.pm,v
retrieving revision 1.1
diff -r1.1 RT_SiteConfig.pm
27c27
< Set($rtname , “example.com”);

Set($rtname , “rt”);
33c33
< Set($Organization , “example.com”);
Set($Organization , “foo.edu”);
66c66
< Set($DatabasePassword , ‘rt_pass’);
Set($DatabasePassword , ‘foo’);
122c122
< Set($ParseNewMessageForTicketCcs , undef);
Set($ParseNewMessageForTicketCcs , 1);
127c127
< Set($RTAddressRegexp , ‘^rt@example.com$’);
Set($RTAddressRegexp , ‘(?i)rt.bar.Foo.EDU$’);
215c215
< Set($UseFriendlyToLine , 0);
Set($UseFriendlyToLine , 1);
274c274
< Set($WebPath , “”);
Set($WebPath , “/rt”);
279c279
< Set($WebBaseURL , “http://RT::WebBaseURL.not.configured:80”);
Set($WebBaseURL , “http://rt.bar.foo.edu:80”);
303c303
< Set($MessageBoxWrap, “HARD”);
Set($MessageBoxWrap, “SOFT”);

Initialize Database

cd /usr/local/src/rt-3.4.2

make initialize-database

Now edit your Apache config file some more:

cd /etc/httpd/conf

co -l httpd.conf

vim httpd.conf

rcsdiff httpd.conf

RCS file: httpd.conf,v
retrieving revision 1.2
diff -r1.2 httpd.conf
1023a1024,1040

NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin root
DocumentRoot /var/www/html/

Adding the following for RT (the ticket tracker)

AddHandler fastcgi-script fcgi
<Directory “/opt/rt3/share/html”>
Options FollowSymLinks ExecCGI
AllowOverride None

Pass through requests to display images

Alias /NoAuth/images/ /opt/rt3/share/html/NoAuth/images/

FastCgiServer /opt/rt3/bin/mason_handler.fcgi -idle-timeout 120
ScriptAlias /rt /opt/rt3/bin/mason_handler.fcgi

Restart Apache and test:

service httpd restart

Assuming it works:

ci -u /opt/rt3/etc/RT_SiteConfig.pm

ci -u /etc/httpd/conf/httpd.conf

Set up SSL cert

cd /etc/httpd/conf

openssl genrsa \

-des3                            \
-out ssl.key/rt.bar.foo.edu.key  \
1024

Note the password you used for this key!

openssl req \

-new                             \
-key ssl.key/rt.bar.foo.edu.key  \
-out ssl.csr/rt.bar.foo.edu.csr

Self-sign

openssl x509 \

-req                                 \
-in       ssl.csr/rt.bar.foo.edu.csr \
-signkey  ssl.key/rt.bar.foo.edu.key \
-out      ssl.crt/rt.bar.foo.edu.crt

Edit ssl.conf…

cd /etc/httpd/conf.d

ci -l ssl.conf

vim ssl.conf

Here’s the skinny

grep -v ^# ssl.conf | grep -v ^$

LoadModule ssl_module modules/mod_ssl.so
Listen 443
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLPassPhraseDialog builtin
SSLSessionCache shmcb:/var/cache/mod_ssl/scache(512000)
SSLSessionCacheTimeout 300
SSLMutex default
SSLRandomSeed startup file:/dev/urandom 256
SSLRandomSeed connect builtin
SSLCryptoDevice builtin

DocumentRoot "/opt/rt3/share/html"
ServerName rt.bar.foo.edu:443
ErrorLog /var/log/httpd/rt.bar.foo.edu_error
CustomLog /var/log/httpd/rt.bar.foo.edu-access_log common
LogLevel warn
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
SSLCertificateFile /etc/httpd/conf/ssl.crt/rt.bar.foo.edu.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/rt.bar.foo.edu.key
<Files ~ “.(cgi|shtml|phtml|php3?)$”>
SSLOptions +StdEnvVars

<Directory “/var/www/cgi-bin”>
SSLOptions +StdEnvVars

<Directory “/opt/rt3/share/html”>
SSLOptions +StdEnvVars
Options FollowSymLinks ExecCGI
AllowOverride None

SetEnvIf User-Agent “.MSIE.
nokeepalive ssl-unclean-shutdown
downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request_log
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x “%r” %b"
Alias /NoAuth/images/ /opt/rt3/share/html/NoAuth/images/
AddHandler fastcgi-script fcgi
ScriptAlias / /opt/rt3/bin/mason_handler.fcgi/

AddDefaultCharset UTF-8

cd /etc/httpd/conf

co -l httpd.conf

vim httpd.conf

tail -n 7 httpd.conf

FastCgiServer /opt/rt3/bin/mason_handler.fcgi -idle-timeout 120
NameVirtualHost *:80
<VirtualHost :80>
RewriteEngine on
RewriteCond %{SERVER_PORT} ^80$
RewriteRule ^/(.
) https://%{SERVER_NAME}/$1 [R,L]

Modify RT config to now serve out of root dir

cd /opt/rt3/etc/

vim RT_SiteConfig.pm

rcsdiff RT_SiteConfig.pm

RCS file: RT_SiteConfig.pm,v
retrieving revision 1.2
diff -r1.2 RT_SiteConfig.pm
274c274
< Set($WebPath , “/rt”);

Set($WebPath , “”);

Makes sure your firewall is ready for HTTPS

iptables -L

system-config-securitylevel-tui

test it out (you’ll be prompted for your .key file passphrase)

service httpd restart

Assuming it all worked

ci -u /etc/httpd/conf.d/ssl.conf

ci -u /etc/httpd/conf/httpd.conf

ci -u /opt/rt3/etc/RT_SiteConfig.pm

MAIL SETUP
edit config files

cd /etc/postfix

ci -l main.cf

vim main.cf

rcsdiff main.cf

RCS file: main.cf,v
retrieving revision 1.1
diff -r1.1 main.cf
106c106
< #inet_interfaces = all

inet_interfaces = all
109c109
< inet_interfaces = localhost
#inet_interfaces = localhost
200c200,201
< #local_recipient_maps =
local_recipient_maps =
virtual_alias_maps = hash:/etc/mail/virtusertable
437c438
< #mailbox_command = /some/where/procmail
mailbox_command = /usr/bin/procmail

cd /etc/mail

ci -l virtusertable

vim virtusertable

cat virtusertable

postmaster@rt.bar.foo.edu postmaster
@rt.bar.foo.edu rt_dispatcher

ci -l local-host-names

vim local-host-names

cat local-host-names

rcsdiff local-host-names

RCS file: local-host-names,v
retrieving revision 1.1
diff -r1.1 local-host-names
1a2

rt.BAR.Foo.EDU

rt-mailgate will be talking with RT over HTTPS, so we need Crypt::SSLeay

up2date perl-Crypt-SSLeay

per http://www.geert.triple-it.nl/node/rt_procmail.html
Create an account which is to gather all RT-mail.

useradd rt_dispatcher -G rt

Create utility perl scripts and the .procmailrc

su - rt_dispatcher

$ vim get_action.pl
$ cat get_action.pl
#!/usr/bin/env perl

@arr = ;
$action = “correspond”;
foreach (@arr) {
if (/\s*.<([^@]+)-comment@.>/g) {
$action = “comment”;
} else {
if (/\s*([^@]+)-comment@.*/g) {
$action = “comment”;
}
}
}
print “$action”;
$ chmod 700 get_action.pl
$ ci -u get_action.pl

$ vim get_queue.pl
$ cat get_queue.pl
#!/usr/bin/env perl

@arr = ;
$queue = ‘general’;
foreach (@arr) {
if (/\s*.<([^@]+)@.>/g) {
$queue = $1;
} else {
if (/\s*([^@]+)@./g) {
$queue= $1;
}
}
}
if ($queue =~ /(.
)-comment/)
{
$queue = $1;
}
print “$queue”;
$ chmod 700 get_queue.pl
$ ci -u get_queue.pl

$ vim .procmailrc
$ cat .procmailrc
#Preliminaries
SHELL=/bin/bash
MAILDIR=${HOME}
LOGFILE=${MAILDIR}/procmail.log
LOG="— Logging ${LOGFILE} for ${LOGNAME}, “
VERBOSE=yes
MAILDOMAIN=rt.bar.foo.edu
RT_MAILGATE=”/opt/rt3/bin/rt-mailgate"
RT_URL=“https://rt.bar.foo.edu

LOGABSTRACT=all

:0
{

the following line extracts the recipient from Received-headers.

Simply using the To: does not work, as tickets are often created

by sending a CC/BCC to RT

TO=formail -c -xReceived: |grep $MAILDOMAIN |sed -e 's/.*for *<*\(.*\)>* *;.*$/\1/'
QUEUE=echo $TO| $HOME/get_queue.pl
ACTION=echo $TO| $HOME/get_action.pl
:0 Wa
| $RT_MAILGATE --queue $QUEUE --action $ACTION --url $RT_URL
}
$ chmod 600 .procmailrc
$ ci -u .procmailrc
$ exit

service postfix restart

postmap hash:/etc/mail/virtusertable

Now, using a web browser, log into RT as root (pass: password) and:

  • CHANGE the password!

  • create a test queue, e.g.
    Queue Name: test_queue
    Description: Queue for Testing
    Reply Address: test_queue
    Comment Address: test_queue-comment

  • create a test user with an email address that you control

  • Create group ‘FOO Staff’

  • Configuration | Global | Group Rights
    Everyone:
    CreateTicket
    ModifySelf
    ReplyToTicket
    SeeQueue

    Requestor:
    ShowTicket
    FOO Staff:
    AssignCustomFields
    CommentOnTicket
    CreateSavedSearch
    DeleteTicket
    EditSavedSearches
    LoadSavedSearch
    ModifyCustomField
    ModifyTicket
    OwnTicket
    ReplyToTicket
    SeeCustomField
    SeeGroup
    ShowOutgoingEmail
    ShowSavedSearches
    ShowTicket
    ShowTicketComments
    StealTicket
    TakeTicket
    Watch

  • send an email to test_queue@rt.bar.foo.edu from the test user’s
    email account

There’s loads more after this, but it starts to get real specific to our
customizations.

Well, I’ve made some progress (mainly, more proof that RedHat sucks).

My main problem that I"m running into is this error :

Couldn’t untar
/root/.cpan/sources/authors/id/M/MS/MSCHWERN/Test-Inline-0.16.tar

that happens when I run : perl sbin/rt-test-dependencies --with-mysql
–with-fastcgi --install

Does anybody have an idea what’s happening here? It happens on every
module, and apparently
request tracker needs about 80 modules to work.

Is there not a better way (besides switching to debian)

Phil Lawrence wrote:

Michael T. Halligan wrote:

Has anybody had any luck with RHEL4 & RT?

You bet. Easy as pie. Here’s my install notes, heavily based on the
wiki:
Installing RT on RHEL 4 with FastCGI and MySQL:

RHEL4 INSTALL
Boot from RHEL4 CD 1

When partitioning, click "Configure advanced boot loader options"
add vga=773 (or whatever) to kernal parms

Firewall on, allow SSH, HTTP & HTTPS, SMTP
SELINUX=disabled

Customize software packages to be installed
Pick “minimal” set of packages

reboot

SETUP up2date

rpm --import /usr/share/rhn/RPM-GPG-KEY

upgrade all (you’ll be prompted to accept rhndefault
settings, and for your rhn user info)

up2date -u

add needed stuff

up2date \

httpd-devel
mod_ssl
mysql
mysqlclient10
mysql-server
mysql-devel
gcc
system-switch-mail
postfix

add stuff I like

up2date \

screen
rcs
vim-enhanced

Now we switch from Sendmail to Postscript

system-switch-mail

start screen (if you like)

screen

Install FastCGI…

cd /usr/local/src

wget http://www.fastcgi.com/dist/mod_fastcgi-2.4.2.tar.gz

gunzip mod_fastcgi-2.4.2.tar.gz

tar -xvf mod_fastcgi-2.4.2.tar

cd mod_fastcgi-2.4.2

cp Makefile.AP2 Makefile

edit Makefile:

###Modify for location of apache 2 installation:
top_dir      = /etc/httpd

make

make install

FastCGI wants to have a place to put its logs, and permission to do so:

mkdir /etc/httpd/logs/fastcgi

mkdir /etc/httpd/logs/fastcgi/dynamic

chown apache:apache /etc/httpd/logs/fastcgi

chown apache:apache /etc/httpd/logs/fastcgi/dynamic

Do initial configure for apache

cd /etc/httpd/conf

ci -l httpd.conf

vim httpd.conf

rcsdiff httpd.conf

===================================================================
RCS file: httpd.conf,v
retrieving revision 1.1
diff -r1.1 httpd.conf
189a190

LoadModule fastcgi_module modules/mod_fastcgi.so

Start apache

service httpd start

Check Apache logs to make sure fastcgi started

  • Should see no lines with [error] referencing FastCGI
  • Should see one line indicating a [notice] and the pid of FastCGI
    [notice] FastCGI: process manager initialized (pid 3478)

cat /var/log/httpd/error_log

If it worked…

ci -u /etc/httpd/conf/httpd.conf

NOTE: always check the group ownership and permissions of files after
you perform rcs operations on them… I think your effective ID can
screw things up, and then you’ve got to chgrp or whatever.

Set apache and mysql to start automatically

chkconfig httpd on

chkconfig mysqld on

Turn on MySQL server, set MySQL root password…

service mysqld start

mysqladmin -u root password some_new_password

Do initial CPAN setup

cd

perl -MCPAN -e shell

Policy on building prerequisites (follow, ask or ignore)? [ask] follow

cpan> install Bundle::CPAN
cpan> quit

RT Pre-Install…
RT requires its own group, so let’s add it now lest we forget:

groupadd rt

RT gets initiated by apache, so add apache to the rt group:

vim /etc/group

grep ^rt /etc/group

rt:x:500:apache

Confirm selinux is disabled

grep ^SELINUX= /etc/selinux/config

SELINUX=disabled

Change permissions on /etc/httpd/logs from within
$ cd /etc/httpd/logs
$ chmod 755 .

Install latest RT

cd /usr/local/src

wget http://download.bestpractical.com/pub/rt/release/rt-3.4.2.tar.gz

gunzip rt.tar.gz

tar -xvf rt.tar

cd rt-3.4.2/

Set up the makefile for us with the proper settings:

./configure \

--with-web-user=apache \
--with-web-group=apache \
--with-mysql \
--with-fastcgi

Show us what’s missing and what’s not:

perl sbin/rt-test-dependencies --with-mysql --with-fastcgi --verbose

Try to install what’s missing for us through CPAN:

perl sbin/rt-test-dependencies --with-mysql --with-fastcgi --install

Test again and only show us the MISSING items this time:

perl sbin/rt-test-dependencies --with-mysql --with-fastcgi --verbose \

| grep MISSING

MIME::Entity won’t install without MIME::Base64, so install that first

perl -MCPAN -e ‘install MIME::Base64’

Now install MIME::Entity:

perl -MCPAN -e ‘install MIME::Entity’

Try to install anything else missing for us:

perl sbin/rt-test-dependencies --with-mysql --with-fastcgi --install

Test again and make sure nothing is MISSING:

perl sbin/rt-test-dependencies --with-mysql --with-fastcgi --verbose \

| grep MISSING

NOTE: I chose to skip running the Apache test suite to
simplify things. YMMV.

Assuming everything is present and it’s a go, install and intialize
database…

make install

Make a copy of the dist config file to edit:

cp /opt/rt3/etc/RT_Config.pm /opt/rt3/etc/RT_SiteConfig.pm

Edit your RT config file for your purposes:

cd /opt/rt3/etc

ci -l RT_SiteConfig.pm

vim RT_SiteConfig.pm

rcsdiff RT_SiteConfig.pm

===================================================================
RCS file: RT_SiteConfig.pm,v
retrieving revision 1.1
diff -r1.1 RT_SiteConfig.pm
27c27
< Set($rtname , “example.com”);

Set($rtname , “rt”);
33c33
< Set($Organization , “example.com”);


Set($Organization , “foo.edu”);
66c66
< Set($DatabasePassword , ‘rt_pass’);


Set($DatabasePassword , ‘foo’);
122c122
< Set($ParseNewMessageForTicketCcs , undef);


Set($ParseNewMessageForTicketCcs , 1);
127c127
< Set($RTAddressRegexp , ‘^rt@example.com$’);


Set($RTAddressRegexp , ‘(?i)rt.bar.Foo.EDU$’);
215c215
< Set($UseFriendlyToLine , 0);


Set($UseFriendlyToLine , 1);
274c274
< Set($WebPath , “”);


Set($WebPath , “/rt”);
279c279
< Set($WebBaseURL , “http://RT::WebBaseURL.not.configured:80”);


Set($WebBaseURL , “http://rt.bar.foo.edu:80”);
303c303
< Set($MessageBoxWrap, “HARD”);


Set($MessageBoxWrap, “SOFT”);

Initialize Database

cd /usr/local/src/rt-3.4.2

make initialize-database

Now edit your Apache config file some more:

cd /etc/httpd/conf

co -l httpd.conf

vim httpd.conf

rcsdiff httpd.conf

===================================================================
RCS file: httpd.conf,v
retrieving revision 1.2
diff -r1.2 httpd.conf
1023a1024,1040

NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin root
DocumentRoot /var/www/html/

Adding the following for RT (the ticket tracker)

AddHandler fastcgi-script fcgi
<Directory “/opt/rt3/share/html”>
Options FollowSymLinks ExecCGI
AllowOverride None

Pass through requests to display images

Alias /NoAuth/images/ /opt/rt3/share/html/NoAuth/images/

FastCgiServer /opt/rt3/bin/mason_handler.fcgi -idle-timeout 120
ScriptAlias /rt /opt/rt3/bin/mason_handler.fcgi

Restart Apache and test:

service httpd restart

Assuming it works:

ci -u /opt/rt3/etc/RT_SiteConfig.pm

ci -u /etc/httpd/conf/httpd.conf

Set up SSL cert

cd /etc/httpd/conf

openssl genrsa \

-des3
-out ssl.key/rt.bar.foo.edu.key
1024
Note the password you used for this key!

openssl req \

-new
-key ssl.key/rt.bar.foo.edu.key
-out ssl.csr/rt.bar.foo.edu.csr

Self-sign

openssl x509 \

-req
-in ssl.csr/rt.bar.foo.edu.csr
-signkey ssl.key/rt.bar.foo.edu.key
-out ssl.crt/rt.bar.foo.edu.crt

Edit ssl.conf…

cd /etc/httpd/conf.d

ci -l ssl.conf

vim ssl.conf

Here’s the skinny

grep -v ^# ssl.conf | grep -v ^$

LoadModule ssl_module modules/mod_ssl.so
Listen 443
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLPassPhraseDialog builtin
SSLSessionCache shmcb:/var/cache/mod_ssl/scache(512000)
SSLSessionCacheTimeout 300
SSLMutex default
SSLRandomSeed startup file:/dev/urandom 256
SSLRandomSeed connect builtin
SSLCryptoDevice builtin

DocumentRoot "/opt/rt3/share/html"
ServerName rt.bar.foo.edu:443
ErrorLog /var/log/httpd/rt.bar.foo.edu_error
CustomLog /var/log/httpd/rt.bar.foo.edu-access_log common
LogLevel warn
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
SSLCertificateFile /etc/httpd/conf/ssl.crt/rt.bar.foo.edu.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/rt.bar.foo.edu.key
<Files ~ “.(cgi|shtml|phtml|php3?)$”>
SSLOptions +StdEnvVars

<Directory “/var/www/cgi-bin”>
SSLOptions +StdEnvVars

<Directory “/opt/rt3/share/html”>
SSLOptions +StdEnvVars
Options FollowSymLinks ExecCGI
AllowOverride None

SetEnvIf User-Agent “.MSIE.
nokeepalive ssl-unclean-shutdown
downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request_log
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x “%r” %b"
Alias /NoAuth/images/ /opt/rt3/share/html/NoAuth/images/
AddHandler fastcgi-script fcgi
ScriptAlias / /opt/rt3/bin/mason_handler.fcgi/

AddDefaultCharset UTF-8

cd /etc/httpd/conf

co -l httpd.conf

vim httpd.conf

tail -n 7 httpd.conf

FastCgiServer /opt/rt3/bin/mason_handler.fcgi -idle-timeout 120
NameVirtualHost *:80
<VirtualHost :80>
RewriteEngine on
RewriteCond %{SERVER_PORT} ^80$
RewriteRule ^/(.
) https://%{SERVER_NAME}/$1 [R,L]

Modify RT config to now serve out of root dir

cd /opt/rt3/etc/

vim RT_SiteConfig.pm

rcsdiff RT_SiteConfig.pm

===================================================================
RCS file: RT_SiteConfig.pm,v
retrieving revision 1.2
diff -r1.2 RT_SiteConfig.pm
274c274
< Set($WebPath , “/rt”);

Set($WebPath , “”);

Makes sure your firewall is ready for HTTPS

iptables -L

system-config-securitylevel-tui

test it out (you’ll be prompted for your .key file passphrase)

service httpd restart

Assuming it all worked

ci -u /etc/httpd/conf.d/ssl.conf

ci -u /etc/httpd/conf/httpd.conf

ci -u /opt/rt3/etc/RT_SiteConfig.pm

MAIL SETUP
edit config files

cd /etc/postfix

ci -l main.cf

vim main.cf

rcsdiff main.cf

===================================================================
RCS file: main.cf,v
retrieving revision 1.1
diff -r1.1 main.cf
106c106
< #inet_interfaces = all

inet_interfaces = all
109c109
< inet_interfaces = localhost


#inet_interfaces = localhost
200c200,201
< #local_recipient_maps =


local_recipient_maps =
virtual_alias_maps = hash:/etc/mail/virtusertable
437c438
< #mailbox_command = /some/where/procmail


mailbox_command = /usr/bin/procmail

cd /etc/mail

ci -l virtusertable

vim virtusertable

cat virtusertable

postmaster@rt.bar.foo.edu postmaster
@rt.bar.foo.edu rt_dispatcher

ci -l local-host-names

vim local-host-names

cat local-host-names

rcsdiff local-host-names

===================================================================
RCS file: local-host-names,v
retrieving revision 1.1
diff -r1.1 local-host-names
1a2

rt.BAR.Foo.EDU

rt-mailgate will be talking with RT over HTTPS, so we need Crypt::SSLeay

up2date perl-Crypt-SSLeay

per http://www.geert.triple-it.nl/node/rt_procmail.html
Create an account which is to gather all RT-mail.

useradd rt_dispatcher -G rt

Create utility perl scripts and the .procmailrc

su - rt_dispatcher

$ vim get_action.pl
$ cat get_action.pl
#!/usr/bin/env perl

@arr = ;
$action = “correspond”;
foreach (@arr) {
if (/\s*.<([^@]+)-comment@.>/g) {
$action = “comment”;
} else {
if (/\s*([^@]+)-comment@.*/g) {
$action = “comment”;
}
}
}
print “$action”;
$ chmod 700 get_action.pl
$ ci -u get_action.pl

$ vim get_queue.pl
$ cat get_queue.pl
#!/usr/bin/env perl

@arr = ;
$queue = ‘general’;
foreach (@arr) {
if (/\s*.<([^@]+)@.>/g) {
$queue = $1;
} else {
if (/\s*([^@]+)@./g) {
$queue= $1;
}
}
}
if ($queue =~ /(.
)-comment/)
{
$queue = $1;
}
print “$queue”;
$ chmod 700 get_queue.pl
$ ci -u get_queue.pl

$ vim .procmailrc
$ cat .procmailrc
#Preliminaries
SHELL=/bin/bash
MAILDIR=${HOME}
LOGFILE=${MAILDIR}/procmail.log
LOG="— Logging ${LOGFILE} for ${LOGNAME}, “
VERBOSE=yes
MAILDOMAIN=rt.bar.foo.edu
RT_MAILGATE=”/opt/rt3/bin/rt-mailgate"
RT_URL=“https://rt.bar.foo.edu

LOGABSTRACT=all

:0
{

the following line extracts the recipient from Received-headers.

Simply using the To: does not work, as tickets are often created

by sending a CC/BCC to RT

TO=formail -c -xReceived: |grep $MAILDOMAIN |sed -e 's/.*for *<*\(.*\)>* *;.*$/\1/'
QUEUE=echo $TO| $HOME/get_queue.pl
ACTION=echo $TO| $HOME/get_action.pl
:0 Wa
| $RT_MAILGATE --queue $QUEUE --action $ACTION --url $RT_URL
}
$ chmod 600 .procmailrc
$ ci -u .procmailrc
$ exit

service postfix restart

postmap hash:/etc/mail/virtusertable

Now, using a web browser, log into RT as root (pass: password) and:

  • CHANGE the password!

  • create a test queue, e.g.
    Queue Name: test_queue
    Description: Queue for Testing
    Reply Address: test_queue
    Comment Address: test_queue-comment

  • create a test user with an email address that you control

  • Create group ‘FOO Staff’

  • Configuration | Global | Group Rights
    Everyone:
    CreateTicket
    ModifySelf
    ReplyToTicket
    SeeQueue

    Requestor:
    ShowTicket
    FOO Staff:
    AssignCustomFields
    CommentOnTicket
    CreateSavedSearch
    DeleteTicket
    EditSavedSearches
    LoadSavedSearch
    ModifyCustomField
    ModifyTicket
    OwnTicket
    ReplyToTicket
    SeeCustomField
    SeeGroup
    ShowOutgoingEmail
    ShowSavedSearches
    ShowTicket
    ShowTicketComments
    StealTicket
    TakeTicket
    Watch

  • send an email to test_queue@rt.bar.foo.edu from the test user’s
    email account

There’s loads more after this, but it starts to get real specific to
our customizations.


http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users

Be sure to check out the RT Wiki at http://wiki.bestpractical.com

BitPusher, LLC
http://www.bitpusher.com/
1.888.9PUSHER
(415) 724.7998 - Mobile

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I’ve been experimenting with building a local perl install for RT on
RHEL3, and ran into the same problem after all but three of the modules
had installed. I have no idea what the problem was since the tarball
was untared. I manually installed the the modules using:

/path/to/perl -MCPAN -eshell

install

Joby Walker
ITI SSG, University of Washington


PGP key: https://staff.washington.edu/joby/joby-u-pub.asc

Michael T. Halligan wrote:

Well, I’ve made some progress (mainly, more proof that RedHat sucks).

My main problem that I"m running into is this error :

Couldn’t untar
/root/.cpan/sources/authors/id/M/MS/MSCHWERN/Test-Inline-0.16.tar

that happens when I run : perl sbin/rt-test-dependencies --with-mysql
–with-fastcgi --install

Does anybody have an idea what’s happening here? It happens on every
module, and apparently
request tracker needs about 80 modules to work.

Is there not a better way (besides switching to debian)

Phil Lawrence wrote:

Michael T. Halligan wrote:

Has anybody had any luck with RHEL4 & RT?

You bet. Easy as pie. Here’s my install notes, heavily based on the
wiki:
Installing RT on RHEL 4 with FastCGI and MySQL:

RHEL4 INSTALL
Boot from RHEL4 CD 1

When partitioning, click "Configure advanced boot loader options"
add vga=773 (or whatever) to kernal parms

Firewall on, allow SSH, HTTP & HTTPS, SMTP
SELINUX=disabled

Customize software packages to be installed
Pick “minimal” set of packages

reboot

SETUP up2date

rpm --import /usr/share/rhn/RPM-GPG-KEY

upgrade all (you’ll be prompted to accept rhndefault
settings, and for your rhn user info)

up2date -u

add needed stuff

up2date \

httpd-devel
mod_ssl
mysql
mysqlclient10
mysql-server
mysql-devel
gcc
system-switch-mail
postfix

add stuff I like

up2date \

screen
rcs
vim-enhanced

Now we switch from Sendmail to Postscript

system-switch-mail

start screen (if you like)

screen

Install FastCGI…

cd /usr/local/src

wget http://www.fastcgi.com/dist/mod_fastcgi-2.4.2.tar.gz

gunzip mod_fastcgi-2.4.2.tar.gz

tar -xvf mod_fastcgi-2.4.2.tar

cd mod_fastcgi-2.4.2

cp Makefile.AP2 Makefile

edit Makefile:

###Modify for location of apache 2 installation:
top_dir      = /etc/httpd

make

make install

FastCGI wants to have a place to put its logs, and permission to do so:

mkdir /etc/httpd/logs/fastcgi

mkdir /etc/httpd/logs/fastcgi/dynamic

chown apache:apache /etc/httpd/logs/fastcgi

chown apache:apache /etc/httpd/logs/fastcgi/dynamic

Do initial configure for apache

cd /etc/httpd/conf

ci -l httpd.conf

vim httpd.conf

rcsdiff httpd.conf

===================================================================
RCS file: httpd.conf,v
retrieving revision 1.1
diff -r1.1 httpd.conf
189a190

LoadModule fastcgi_module modules/mod_fastcgi.so

Start apache

service httpd start

Check Apache logs to make sure fastcgi started

  • Should see no lines with [error] referencing FastCGI
  • Should see one line indicating a [notice] and the pid of FastCGI
    [notice] FastCGI: process manager initialized (pid 3478)

cat /var/log/httpd/error_log

If it worked…

ci -u /etc/httpd/conf/httpd.conf

NOTE: always check the group ownership and permissions of files after
you perform rcs operations on them… I think your effective ID can
screw things up, and then you’ve got to chgrp or whatever.

Set apache and mysql to start automatically

chkconfig httpd on

chkconfig mysqld on

Turn on MySQL server, set MySQL root password…

service mysqld start

mysqladmin -u root password some_new_password

Do initial CPAN setup

cd

perl -MCPAN -e shell

Policy on building prerequisites (follow, ask or ignore)? [ask] follow

cpan> install Bundle::CPAN
cpan> quit

RT Pre-Install…
RT requires its own group, so let’s add it now lest we forget:

groupadd rt

RT gets initiated by apache, so add apache to the rt group:

vim /etc/group

grep ^rt /etc/group

rt:x:500:apache

Confirm selinux is disabled

grep ^SELINUX= /etc/selinux/config

SELINUX=disabled

Change permissions on /etc/httpd/logs from within
$ cd /etc/httpd/logs
$ chmod 755 .

Install latest RT

cd /usr/local/src

wget http://download.bestpractical.com/pub/rt/release/rt-3.4.2.tar.gz

gunzip rt.tar.gz

tar -xvf rt.tar

cd rt-3.4.2/

Set up the makefile for us with the proper settings:

./configure \

--with-web-user=apache \
--with-web-group=apache \
--with-mysql \
--with-fastcgi

Show us what’s missing and what’s not:

perl sbin/rt-test-dependencies --with-mysql --with-fastcgi --verbose

Try to install what’s missing for us through CPAN:

perl sbin/rt-test-dependencies --with-mysql --with-fastcgi --install

Test again and only show us the MISSING items this time:

perl sbin/rt-test-dependencies --with-mysql --with-fastcgi --verbose \

| grep MISSING

MIME::Entity won’t install without MIME::Base64, so install that first

perl -MCPAN -e ‘install MIME::Base64’

Now install MIME::Entity:

perl -MCPAN -e ‘install MIME::Entity’

Try to install anything else missing for us:

perl sbin/rt-test-dependencies --with-mysql --with-fastcgi --install

Test again and make sure nothing is MISSING:

perl sbin/rt-test-dependencies --with-mysql --with-fastcgi --verbose \

| grep MISSING

NOTE: I chose to skip running the Apache test suite to
simplify things. YMMV.

Assuming everything is present and it’s a go, install and intialize
database…

make install

Make a copy of the dist config file to edit:

cp /opt/rt3/etc/RT_Config.pm /opt/rt3/etc/RT_SiteConfig.pm

Edit your RT config file for your purposes:

cd /opt/rt3/etc

ci -l RT_SiteConfig.pm

vim RT_SiteConfig.pm

rcsdiff RT_SiteConfig.pm

===================================================================
RCS file: RT_SiteConfig.pm,v
retrieving revision 1.1
diff -r1.1 RT_SiteConfig.pm
27c27
< Set($rtname , “example.com”);

Set($rtname , “rt”);
33c33
< Set($Organization , “example.com”);


Set($Organization , “foo.edu”);
66c66
< Set($DatabasePassword , ‘rt_pass’);


Set($DatabasePassword , ‘foo’);
122c122
< Set($ParseNewMessageForTicketCcs , undef);


Set($ParseNewMessageForTicketCcs , 1);
127c127
< Set($RTAddressRegexp , ‘^rt@example.com$’);


Set($RTAddressRegexp , ‘(?i)rt.bar.Foo.EDU$’);
215c215
< Set($UseFriendlyToLine , 0);


Set($UseFriendlyToLine , 1);
274c274
< Set($WebPath , “”);


Set($WebPath , “/rt”);
279c279
< Set($WebBaseURL , “http://RT::WebBaseURL.not.configured:80”);


Set($WebBaseURL , “http://rt.bar.foo.edu:80”);
303c303
< Set($MessageBoxWrap, “HARD”);


Set($MessageBoxWrap, “SOFT”);

Initialize Database

cd /usr/local/src/rt-3.4.2

make initialize-database

Now edit your Apache config file some more:

cd /etc/httpd/conf

co -l httpd.conf

vim httpd.conf

rcsdiff httpd.conf

===================================================================
RCS file: httpd.conf,v
retrieving revision 1.2
diff -r1.2 httpd.conf
1023a1024,1040

NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin root
DocumentRoot /var/www/html/

Adding the following for RT (the ticket tracker)

AddHandler fastcgi-script fcgi
<Directory “/opt/rt3/share/html”>
Options FollowSymLinks ExecCGI
AllowOverride None

Pass through requests to display images

Alias /NoAuth/images/ /opt/rt3/share/html/NoAuth/images/

FastCgiServer /opt/rt3/bin/mason_handler.fcgi -idle-timeout 120
ScriptAlias /rt /opt/rt3/bin/mason_handler.fcgi

Restart Apache and test:

service httpd restart

Assuming it works:

ci -u /opt/rt3/etc/RT_SiteConfig.pm

ci -u /etc/httpd/conf/httpd.conf

Set up SSL cert

cd /etc/httpd/conf

openssl genrsa \

-des3
-out ssl.key/rt.bar.foo.edu.key
1024
Note the password you used for this key!

openssl req \

-new
-key ssl.key/rt.bar.foo.edu.key
-out ssl.csr/rt.bar.foo.edu.csr

Self-sign

openssl x509 \

-req
-in ssl.csr/rt.bar.foo.edu.csr
-signkey ssl.key/rt.bar.foo.edu.key
-out ssl.crt/rt.bar.foo.edu.crt

Edit ssl.conf…

cd /etc/httpd/conf.d

ci -l ssl.conf

vim ssl.conf

Here’s the skinny

grep -v ^# ssl.conf | grep -v ^$

LoadModule ssl_module modules/mod_ssl.so
Listen 443
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLPassPhraseDialog builtin
SSLSessionCache shmcb:/var/cache/mod_ssl/scache(512000)
SSLSessionCacheTimeout 300
SSLMutex default
SSLRandomSeed startup file:/dev/urandom 256
SSLRandomSeed connect builtin
SSLCryptoDevice builtin

DocumentRoot "/opt/rt3/share/html"
ServerName rt.bar.foo.edu:443
ErrorLog /var/log/httpd/rt.bar.foo.edu_error
CustomLog /var/log/httpd/rt.bar.foo.edu-access_log common
LogLevel warn
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
SSLCertificateFile /etc/httpd/conf/ssl.crt/rt.bar.foo.edu.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/rt.bar.foo.edu.key
<Files ~ “.(cgi|shtml|phtml|php3?)$”>
SSLOptions +StdEnvVars

<Directory “/var/www/cgi-bin”>
SSLOptions +StdEnvVars

<Directory “/opt/rt3/share/html”>
SSLOptions +StdEnvVars
Options FollowSymLinks ExecCGI
AllowOverride None

SetEnvIf User-Agent “.MSIE.
nokeepalive ssl-unclean-shutdown
downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request_log
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x “%r” %b"
Alias /NoAuth/images/ /opt/rt3/share/html/NoAuth/images/
AddHandler fastcgi-script fcgi
ScriptAlias / /opt/rt3/bin/mason_handler.fcgi/

AddDefaultCharset UTF-8

cd /etc/httpd/conf

co -l httpd.conf

vim httpd.conf

tail -n 7 httpd.conf

FastCgiServer /opt/rt3/bin/mason_handler.fcgi -idle-timeout 120
NameVirtualHost *:80
<VirtualHost :80>
RewriteEngine on
RewriteCond %{SERVER_PORT} ^80$
RewriteRule ^/(.
) https://%{SERVER_NAME}/$1 [R,L]

Modify RT config to now serve out of root dir

cd /opt/rt3/etc/

vim RT_SiteConfig.pm

rcsdiff RT_SiteConfig.pm

===================================================================
RCS file: RT_SiteConfig.pm,v
retrieving revision 1.2
diff -r1.2 RT_SiteConfig.pm
274c274
< Set($WebPath , “/rt”);

Set($WebPath , “”);

Makes sure your firewall is ready for HTTPS

iptables -L

system-config-securitylevel-tui

test it out (you’ll be prompted for your .key file passphrase)

service httpd restart

Assuming it all worked

ci -u /etc/httpd/conf.d/ssl.conf

ci -u /etc/httpd/conf/httpd.conf

ci -u /opt/rt3/etc/RT_SiteConfig.pm

MAIL SETUP
edit config files

cd /etc/postfix

ci -l main.cf

vim main.cf

rcsdiff main.cf

===================================================================
RCS file: main.cf,v
retrieving revision 1.1
diff -r1.1 main.cf
106c106
< #inet_interfaces = all

inet_interfaces = all
109c109
< inet_interfaces = localhost


#inet_interfaces = localhost
200c200,201
< #local_recipient_maps =


local_recipient_maps =
virtual_alias_maps = hash:/etc/mail/virtusertable
437c438
< #mailbox_command = /some/where/procmail


mailbox_command = /usr/bin/procmail

cd /etc/mail

ci -l virtusertable

vim virtusertable

cat virtusertable

postmaster@rt.bar.foo.edu postmaster
@rt.bar.foo.edu rt_dispatcher

ci -l local-host-names

vim local-host-names

cat local-host-names

rcsdiff local-host-names

===================================================================
RCS file: local-host-names,v
retrieving revision 1.1
diff -r1.1 local-host-names
1a2

rt.BAR.Foo.EDU

rt-mailgate will be talking with RT over HTTPS, so we need Crypt::SSLeay

up2date perl-Crypt-SSLeay

per http://www.geert.triple-it.nl/node/rt_procmail.html
Create an account which is to gather all RT-mail.

useradd rt_dispatcher -G rt

Create utility perl scripts and the .procmailrc

su - rt_dispatcher

$ vim get_action.pl
$ cat get_action.pl
#!/usr/bin/env perl

@arr = ;
$action = “correspond”;
foreach (@arr) {
if (/\s*.<([^@]+)-comment@.>/g) {
$action = “comment”;
} else {
if (/\s*([^@]+)-comment@.*/g) {
$action = “comment”;
}
}
}
print “$action”;
$ chmod 700 get_action.pl
$ ci -u get_action.pl

$ vim get_queue.pl
$ cat get_queue.pl
#!/usr/bin/env perl

@arr = ;
$queue = ‘general’;
foreach (@arr) {
if (/\s*.<([^@]+)@.>/g) {
$queue = $1;
} else {
if (/\s*([^@]+)@./g) {
$queue= $1;
}
}
}
if ($queue =~ /(.
)-comment/)
{
$queue = $1;
}
print “$queue”;
$ chmod 700 get_queue.pl
$ ci -u get_queue.pl

$ vim .procmailrc
$ cat .procmailrc
#Preliminaries
SHELL=/bin/bash
MAILDIR=${HOME}
LOGFILE=${MAILDIR}/procmail.log
LOG="— Logging ${LOGFILE} for ${LOGNAME}, “
VERBOSE=yes
MAILDOMAIN=rt.bar.foo.edu
RT_MAILGATE=”/opt/rt3/bin/rt-mailgate"
RT_URL=“https://rt.bar.foo.edu

LOGABSTRACT=all

:0
{

the following line extracts the recipient from Received-headers.

Simply using the To: does not work, as tickets are often created

by sending a CC/BCC to RT

TO=formail -c -xReceived: |grep $MAILDOMAIN |sed -e 's/.*for *<*\(.*\)>* *;.*$/\1/'
QUEUE=echo $TO| $HOME/get_queue.pl
ACTION=echo $TO| $HOME/get_action.pl
:0 Wa
| $RT_MAILGATE --queue $QUEUE --action $ACTION --url $RT_URL
}
$ chmod 600 .procmailrc
$ ci -u .procmailrc
$ exit

service postfix restart

postmap hash:/etc/mail/virtusertable

Now, using a web browser, log into RT as root (pass: password) and:

  • CHANGE the password!

  • create a test queue, e.g.
    Queue Name: test_queue
    Description: Queue for Testing
    Reply Address: test_queue
    Comment Address: test_queue-comment

  • create a test user with an email address that you control

  • Create group ‘FOO Staff’

  • Configuration | Global | Group Rights
    Everyone:
    CreateTicket
    ModifySelf
    ReplyToTicket
    SeeQueue
    Requestor:
    ShowTicket
    FOO Staff:
    AssignCustomFields
    CommentOnTicket
    CreateSavedSearch
    DeleteTicket
    EditSavedSearches
    LoadSavedSearch
    ModifyCustomField
    ModifyTicket
    OwnTicket
    ReplyToTicket
    SeeCustomField
    SeeGroup
    ShowOutgoingEmail
    ShowSavedSearches
    ShowTicket
    ShowTicketComments
    StealTicket
    TakeTicket
    Watch

  • send an email to test_queue@rt.bar.foo.edu from the test user’s
    email account

There’s loads more after this, but it starts to get real specific to
our customizations.


http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users

Be sure to check out the RT Wiki at http://wiki.bestpractical.com

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFCpft1gA0gpghkf88RAvIFAJ99u74eGN49OXTn4i6lFAJAqFgtxgCeNA/V
mOfZGqpDBfY4uxBskdh5Bn8=
=q7p7
-----END PGP SIGNATURE-----

Well, the error states it can’t utar the specified file. Does the file exist? And if so, can you untar it manually?

I think its more an issue with CPAN than with RedHat being the distro.

Can you install the module manually?
perl -MCPAN -e ‘install Test::Inline’

Can you install any module manually?
perl -MCPAN -e 'install MIME::Base64’From: Michael T. Halligan [mailto:michael@halligan.org]
Sent: Tuesday, June 07, 2005 3:47 PM
To: Phil Lawrence
Cc: rt-users@lists.bestpractical.com
Subject: Re: [rt-users] RT with RHEL4

Well, I’ve made some progress (mainly, more proof that RedHat sucks).

My main problem that I"m running into is this error :

Couldn’t untar
/root/.cpan/sources/authors/id/M/MS/MSCHWERN/Test-Inline-0.16.tar

that happens when I run : perl sbin/rt-test-dependencies --with-mysql
–with-fastcgi --install

Does anybody have an idea what’s happening here? It happens on every
module, and apparently
request tracker needs about 80 modules to work.

Is there not a better way (besides switching to debian)

Phil Lawrence wrote:

Michael T. Halligan wrote:

Has anybody had any luck with RHEL4 & RT?

You bet. Easy as pie. Here’s my install notes, heavily based on the
wiki:
Installing RT on RHEL 4 with FastCGI and MySQL:

RHEL4 INSTALL
Boot from RHEL4 CD 1

When partitioning, click "Configure advanced boot loader options"
add vga=773 (or whatever) to kernal parms

Firewall on, allow SSH, HTTP & HTTPS, SMTP
SELINUX=disabled

Customize software packages to be installed
Pick “minimal” set of packages

reboot

SETUP up2date

rpm --import /usr/share/rhn/RPM-GPG-KEY

upgrade all (you’ll be prompted to accept rhndefault
settings, and for your rhn user info)

up2date -u

add needed stuff

up2date \

httpd-devel
mod_ssl
mysql
mysqlclient10
mysql-server
mysql-devel
gcc
system-switch-mail
postfix

add stuff I like

up2date \

screen
rcs
vim-enhanced

Now we switch from Sendmail to Postscript

system-switch-mail

start screen (if you like)

screen

Install FastCGI…

cd /usr/local/src

wget http://www.fastcgi.com/dist/mod_fastcgi-2.4.2.tar.gz

gunzip mod_fastcgi-2.4.2.tar.gz

tar -xvf mod_fastcgi-2.4.2.tar

cd mod_fastcgi-2.4.2

cp Makefile.AP2 Makefile

edit Makefile:

###Modify for location of apache 2 installation:
top_dir      = /etc/httpd

make

make install

FastCGI wants to have a place to put its logs, and permission to do so:

mkdir /etc/httpd/logs/fastcgi

mkdir /etc/httpd/logs/fastcgi/dynamic

chown apache:apache /etc/httpd/logs/fastcgi

chown apache:apache /etc/httpd/logs/fastcgi/dynamic

Do initial configure for apache

cd /etc/httpd/conf

ci -l httpd.conf

vim httpd.conf

rcsdiff httpd.conf

===================================================================
RCS file: httpd.conf,v
retrieving revision 1.1
diff -r1.1 httpd.conf
189a190

LoadModule fastcgi_module modules/mod_fastcgi.so

Start apache

service httpd start

Check Apache logs to make sure fastcgi started

  • Should see no lines with [error] referencing FastCGI
  • Should see one line indicating a [notice] and the pid of FastCGI
    [notice] FastCGI: process manager initialized (pid 3478)

cat /var/log/httpd/error_log

If it worked…

ci -u /etc/httpd/conf/httpd.conf

NOTE: always check the group ownership and permissions of files after
you perform rcs operations on them… I think your effective ID can
screw things up, and then you’ve got to chgrp or whatever.

Set apache and mysql to start automatically

chkconfig httpd on

chkconfig mysqld on

Turn on MySQL server, set MySQL root password…

service mysqld start

mysqladmin -u root password some_new_password

Do initial CPAN setup

cd

perl -MCPAN -e shell

Policy on building prerequisites (follow, ask or ignore)? [ask] follow

cpan> install Bundle::CPAN
cpan> quit

RT Pre-Install…
RT requires its own group, so let’s add it now lest we forget:

groupadd rt

RT gets initiated by apache, so add apache to the rt group:

vim /etc/group

grep ^rt /etc/group

rt:x:500:apache

Confirm selinux is disabled

grep ^SELINUX= /etc/selinux/config

SELINUX=disabled

Change permissions on /etc/httpd/logs from within
$ cd /etc/httpd/logs
$ chmod 755 .

Install latest RT

cd /usr/local/src

wget http://download.bestpractical.com/pub/rt/release/rt-3.4.2.tar.gz

gunzip rt.tar.gz

tar -xvf rt.tar

cd rt-3.4.2/

Set up the makefile for us with the proper settings:

./configure \

--with-web-user=apache \
--with-web-group=apache \
--with-mysql \
--with-fastcgi

Show us what’s missing and what’s not:

perl sbin/rt-test-dependencies --with-mysql --with-fastcgi --verbose

Try to install what’s missing for us through CPAN:

perl sbin/rt-test-dependencies --with-mysql --with-fastcgi --install

Test again and only show us the MISSING items this time:

perl sbin/rt-test-dependencies --with-mysql --with-fastcgi --verbose \

| grep MISSING

MIME::Entity won’t install without MIME::Base64, so install that first

perl -MCPAN -e ‘install MIME::Base64’

Now install MIME::Entity:

perl -MCPAN -e ‘install MIME::Entity’

Try to install anything else missing for us:

perl sbin/rt-test-dependencies --with-mysql --with-fastcgi --install

Test again and make sure nothing is MISSING:

perl sbin/rt-test-dependencies --with-mysql --with-fastcgi --verbose \

| grep MISSING

NOTE: I chose to skip running the Apache test suite to
simplify things. YMMV.

Assuming everything is present and it’s a go, install and intialize
database…

make install

Make a copy of the dist config file to edit:

cp /opt/rt3/etc/RT_Config.pm /opt/rt3/etc/RT_SiteConfig.pm

Edit your RT config file for your purposes:

cd /opt/rt3/etc

ci -l RT_SiteConfig.pm

vim RT_SiteConfig.pm

rcsdiff RT_SiteConfig.pm

===================================================================
RCS file: RT_SiteConfig.pm,v
retrieving revision 1.1
diff -r1.1 RT_SiteConfig.pm
27c27
< Set($rtname , “example.com”);

Set($rtname , “rt”);
33c33
< Set($Organization , “example.com”);


Set($Organization , “foo.edu”);
66c66
< Set($DatabasePassword , ‘rt_pass’);


Set($DatabasePassword , ‘foo’);
122c122
< Set($ParseNewMessageForTicketCcs , undef);


Set($ParseNewMessageForTicketCcs , 1);
127c127
< Set($RTAddressRegexp , ‘^rt@example.com$’);


Set($RTAddressRegexp , ‘(?i)rt.bar.Foo.EDU$’);
215c215
< Set($UseFriendlyToLine , 0);


Set($UseFriendlyToLine , 1);
274c274
< Set($WebPath , “”);


Set($WebPath , “/rt”);
279c279
< Set($WebBaseURL , “http://RT::WebBaseURL.not.configured:80”);


Set($WebBaseURL , “http://rt.bar.foo.edu:80”);
303c303
< Set($MessageBoxWrap, “HARD”);


Set($MessageBoxWrap, “SOFT”);

Initialize Database

cd /usr/local/src/rt-3.4.2

make initialize-database

Now edit your Apache config file some more:

cd /etc/httpd/conf

co -l httpd.conf

vim httpd.conf

rcsdiff httpd.conf

===================================================================
RCS file: httpd.conf,v
retrieving revision 1.2
diff -r1.2 httpd.conf
1023a1024,1040

NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin root
DocumentRoot /var/www/html/

Adding the following for RT (the ticket tracker)

AddHandler fastcgi-script fcgi
<Directory “/opt/rt3/share/html”>
Options FollowSymLinks ExecCGI
AllowOverride None

Pass through requests to display images

Alias /NoAuth/images/ /opt/rt3/share/html/NoAuth/images/

FastCgiServer /opt/rt3/bin/mason_handler.fcgi -idle-timeout 120
ScriptAlias /rt /opt/rt3/bin/mason_handler.fcgi

Restart Apache and test:

service httpd restart

Assuming it works:

ci -u /opt/rt3/etc/RT_SiteConfig.pm

ci -u /etc/httpd/conf/httpd.conf

Set up SSL cert

cd /etc/httpd/conf

openssl genrsa \

-des3
-out ssl.key/rt.bar.foo.edu.key
1024
Note the password you used for this key!

openssl req \

-new
-key ssl.key/rt.bar.foo.edu.key
-out ssl.csr/rt.bar.foo.edu.csr

Self-sign

openssl x509 \

-req
-in ssl.csr/rt.bar.foo.edu.csr
-signkey ssl.key/rt.bar.foo.edu.key
-out ssl.crt/rt.bar.foo.edu.crt

Edit ssl.conf…

cd /etc/httpd/conf.d

ci -l ssl.conf

vim ssl.conf

Here’s the skinny

grep -v ^# ssl.conf | grep -v ^$

LoadModule ssl_module modules/mod_ssl.so
Listen 443
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLPassPhraseDialog builtin
SSLSessionCache shmcb:/var/cache/mod_ssl/scache(512000)
SSLSessionCacheTimeout 300
SSLMutex default
SSLRandomSeed startup file:/dev/urandom 256
SSLRandomSeed connect builtin
SSLCryptoDevice builtin

DocumentRoot "/opt/rt3/share/html"
ServerName rt.bar.foo.edu:443
ErrorLog /var/log/httpd/rt.bar.foo.edu_error
CustomLog /var/log/httpd/rt.bar.foo.edu-access_log common
LogLevel warn
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
SSLCertificateFile /etc/httpd/conf/ssl.crt/rt.bar.foo.edu.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/rt.bar.foo.edu.key
<Files ~ “.(cgi|shtml|phtml|php3?)$”>
SSLOptions +StdEnvVars

<Directory “/var/www/cgi-bin”>
SSLOptions +StdEnvVars

<Directory “/opt/rt3/share/html”>
SSLOptions +StdEnvVars
Options FollowSymLinks ExecCGI
AllowOverride None

SetEnvIf User-Agent “.MSIE.
nokeepalive ssl-unclean-shutdown
downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request_log
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x “%r” %b"
Alias /NoAuth/images/ /opt/rt3/share/html/NoAuth/images/
AddHandler fastcgi-script fcgi
ScriptAlias / /opt/rt3/bin/mason_handler.fcgi/

AddDefaultCharset UTF-8

cd /etc/httpd/conf

co -l httpd.conf

vim httpd.conf

tail -n 7 httpd.conf

FastCgiServer /opt/rt3/bin/mason_handler.fcgi -idle-timeout 120
NameVirtualHost *:80
<VirtualHost :80>
RewriteEngine on
RewriteCond %{SERVER_PORT} ^80$
RewriteRule ^/(.
) https://%{SERVER_NAME}/$1 [R,L]

Modify RT config to now serve out of root dir

cd /opt/rt3/etc/

vim RT_SiteConfig.pm

rcsdiff RT_SiteConfig.pm

===================================================================
RCS file: RT_SiteConfig.pm,v
retrieving revision 1.2
diff -r1.2 RT_SiteConfig.pm
274c274
< Set($WebPath , “/rt”);

Set($WebPath , “”);

Makes sure your firewall is ready for HTTPS

iptables -L

system-config-securitylevel-tui

test it out (you’ll be prompted for your .key file passphrase)

service httpd restart

Assuming it all worked

ci -u /etc/httpd/conf.d/ssl.conf

ci -u /etc/httpd/conf/httpd.conf

ci -u /opt/rt3/etc/RT_SiteConfig.pm

MAIL SETUP
edit config files

cd /etc/postfix

ci -l main.cf

vim main.cf

rcsdiff main.cf

===================================================================
RCS file: main.cf,v
retrieving revision 1.1
diff -r1.1 main.cf
106c106
< #inet_interfaces = all

inet_interfaces = all
109c109
< inet_interfaces = localhost


#inet_interfaces = localhost
200c200,201
< #local_recipient_maps =


local_recipient_maps =
virtual_alias_maps = hash:/etc/mail/virtusertable
437c438
< #mailbox_command = /some/where/procmail


mailbox_command = /usr/bin/procmail

cd /etc/mail

ci -l virtusertable

vim virtusertable

cat virtusertable

postmaster@rt.bar.foo.edu postmaster
@rt.bar.foo.edu rt_dispatcher

ci -l local-host-names

vim local-host-names

cat local-host-names

rcsdiff local-host-names

===================================================================
RCS file: local-host-names,v
retrieving revision 1.1
diff -r1.1 local-host-names
1a2

rt.BAR.Foo.EDU

rt-mailgate will be talking with RT over HTTPS, so we need Crypt::SSLeay

up2date perl-Crypt-SSLeay

per http://www.geert.triple-it.nl/node/rt_procmail.html
Create an account which is to gather all RT-mail.

useradd rt_dispatcher -G rt

Create utility perl scripts and the .procmailrc

su - rt_dispatcher

$ vim get_action.pl
$ cat get_action.pl
#!/usr/bin/env perl

@arr = ;
$action = “correspond”;
foreach (@arr) {
if (/\s*.<([^@]+)-comment@.>/g) {
$action = “comment”;
} else {
if (/\s*([^@]+)-comment@.*/g) {
$action = “comment”;
}
}
}
print “$action”;
$ chmod 700 get_action.pl
$ ci -u get_action.pl

$ vim get_queue.pl
$ cat get_queue.pl
#!/usr/bin/env perl

@arr = ;
$queue = ‘general’;
foreach (@arr) {
if (/\s*.<([^@]+)@.>/g) {
$queue = $1;
} else {
if (/\s*([^@]+)@./g) {
$queue= $1;
}
}
}
if ($queue =~ /(.
)-comment/)
{
$queue = $1;
}
print “$queue”;
$ chmod 700 get_queue.pl
$ ci -u get_queue.pl

$ vim .procmailrc
$ cat .procmailrc
#Preliminaries
SHELL=/bin/bash
MAILDIR=${HOME}
LOGFILE=${MAILDIR}/procmail.log
LOG="— Logging ${LOGFILE} for ${LOGNAME}, “
VERBOSE=yes
MAILDOMAIN=rt.bar.foo.edu
RT_MAILGATE=”/opt/rt3/bin/rt-mailgate"
RT_URL=“https://rt.bar.foo.edu

LOGABSTRACT=all

:0
{

the following line extracts the recipient from Received-headers.

Simply using the To: does not work, as tickets are often created

by sending a CC/BCC to RT

TO=formail -c -xReceived: |grep $MAILDOMAIN |sed -e 's/.*for *<*\(.*\)>* *;.*$/\1/'
QUEUE=echo $TO| $HOME/get_queue.pl
ACTION=echo $TO| $HOME/get_action.pl
:0 Wa
| $RT_MAILGATE --queue $QUEUE --action $ACTION --url $RT_URL
}
$ chmod 600 .procmailrc
$ ci -u .procmailrc
$ exit

service postfix restart

postmap hash:/etc/mail/virtusertable

Now, using a web browser, log into RT as root (pass: password) and:

  • CHANGE the password!

  • create a test queue, e.g.
    Queue Name: test_queue
    Description: Queue for Testing
    Reply Address: test_queue
    Comment Address: test_queue-comment

  • create a test user with an email address that you control

  • Create group ‘FOO Staff’

  • Configuration | Global | Group Rights
    Everyone:
    CreateTicket
    ModifySelf
    ReplyToTicket
    SeeQueue

    Requestor:
    ShowTicket
    FOO Staff:
    AssignCustomFields
    CommentOnTicket
    CreateSavedSearch
    DeleteTicket
    EditSavedSearches
    LoadSavedSearch
    ModifyCustomField
    ModifyTicket
    OwnTicket
    ReplyToTicket
    SeeCustomField
    SeeGroup
    ShowOutgoingEmail
    ShowSavedSearches
    ShowTicket
    ShowTicketComments
    StealTicket
    TakeTicket
    Watch

  • send an email to test_queue@rt.bar.foo.edu from the test user’s
    email account

There’s loads more after this, but it starts to get real specific to
our customizations.


http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users

Be sure to check out the RT Wiki at http://wiki.bestpractical.com

BitPusher, LLC
http://www.bitpusher.com/
1.888.9PUSHER
(415) 724.7998 - Mobile

http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users

Be sure to check out the RT Wiki at http://wiki.bestpractical.com