How to install OTRS 3.1 on CentOS 6.2 - Part 1
OTRS is the leading open-source Help Desk and IT Service Management (ITSM) solution used by thousands of organizations worldwide. This guide explains the steps involved in installing the latest OTRS release on a minimal CentOS 6.2 installation.
CentOS (Community ENTerprise Operating System) is an Enterprise-class Linux Distribution derived from sources freely provided to the public by a prominent North American Enterprise Linux vendor.
Due to the length of this guide, it had to be split in two parts. The first part will focus on getting CentOS 6.2 ready for the OTRS 3.1 installation, while the second part will be about installing and extending OTRS 3.1.
Part 1 – A minimal CentOS 6.2 install
Head over to http://isoredirect.centos.org/centos/6/isos/i386/ and pick a nearby mirror. Download the CentOS-6.2-i386-minimal.iso installation media.
Verify the download against the provided md5 or sha1 checksum, the files are located in the same directory as the iso files (md5sum.txt and sha1sum.txt).
md5sum CentOS-6.2-i386-minimal.iso | grep "cc4fbd16bd305f5bf6731b4b10f8fd18" cc4fbd16bd305f5bf6731b4b10f8fd18 CentOS-6.2-i386-minimal.iso sha1sum CentOS-6.2-i386-minimal.iso | grep "353d7e070a4cfc34148f9610b05cf1c55ad4fa57" 353d7e070a4cfc34148f9610b05cf1c55ad4fa57 CentOS-6.2-i386-minimal.iso
The download is valid if the checksums on line 2 and 5 are shown, if you get no result then the image is corrupt.
Boot the installation media and choose Install or upgrade an existing system.
Test the media, or skip and head directly to the installation.
Installation commences.
Select your language of choice.
Select your keyboard layout.
Choose installation device. Select the basic storage option (unless you know you have an enterprise storage solution that is).
Storage device warning. This message will trigger by blank, unpartitioned or virtual devices. If that’s you then it’s safe to discard any data.
Choose a hostname for your system and click the “Configure Network” button.
Network configuration. The network connection will obviously depend on your network but in this (common) scenario we’re configuring the wired interface eth0. Click on the edit button for eth0 and tick the connect automatically option. Configure the IPv4 settings by selecting “Method”: Manual, then click “Add” to fill out the “Address”, “Netmask” and “Gateway” details. Finally add your DNS servers, and if applicable, domains.
Select your timezone from the map.
Set the root password.
Select type of installation. Select the “Use all space” alternative if you’re not dual booting other systems on the same device.
Write changes to disk. If you made any mistakes, this is the last point of return.
CentOS 6.2 is installing, refill empty cups of coffee now.
We’re done, reboot to fire up your new system.
Part 1.1 – CentOS 6.2 firewall / SELinux and additional packages
When the installation is finished, lets update the system by running the command:
yum update
Import the CentOS-6 GPG key when asked.
Disabling Security-Enhanced Linux (SELinux) is a requirement to get OTRS running, and I won’t be debating the topic further.
Edit the SELinux configuration with the command:
vi /etc/selinux/config
Change the directive SELINUX=enforcing to SELINUX=disabled. Then reboot the system to replace the current policy. Type the command:
sestatus
which should now return the message: SELinux status: disabled
Install some programs and utilities that will be needed to further configure CentOS and OTRS with the command:
yum install system-config-firewall-tui mlocate wget vixie-cron logwatch make gcc gd gd-devel # system-config-firewall-tui-1.2.27-5.el6.noarch : A text interface for basic firewall setup # mlocate-0.22.2-3.el6.i686 : An utility for finding files by name # wget-1.12-1.4.el6.i686 : A utility for retrieving files using the HTTP or FTP protocols # crontabs-1.10-33.el6.noarch : Root crontab files used to schedule the execution of programs # cronie-1.4.4-7.el6.i686 : Cron daemon for executing programs at set times # logwatch-7.3.6-49.el6.noarch : A log file analysis program # sendmail-8.14.4-8.el6.i686 : A widely used Mail Transport Agent (MTA) # procmail-3.22-25.1.el6.i686 : Mail processing program # make-3.81-19.el6.i686 : A GNU tool which simplifies the build process for users # gcc-4.4.6-3.el6.i686 : Various compilers (C, C++, Objective-C, Java, …) # gd-2.0.35-10.el6.i686 : A graphics library for quick creation of PNG or JPEG images # gd-devel-2.0.35-10.el6.i686 : The development libraries and header files for gd
Configuring the firewall
The only inbound services we want to allow are ssh and apache, everything else will be closed down.
Let’s use the recently installed text interface for basic firewall configuration. Run the command:
system-config-firewall-tui
Make sure the firewall is enabled and select “Customize”.
Trusted services, select SSH and WWW (HTTP). Navigate by using
/ and select with Other ports, we have no need for additional ports so continue forward.
Trusted interfaces, do not select any trusted interfaces as that will allow full access to the system for that interface.
Masquerading, not needed with this configuration.
Port forwarding, not needed with this configuration.
ICMP filter, no need to change anything.
Custom rules, not needed with this configuration.
Finish the firewall configuration by clicking “OK” when returned to the main screen, and select “Yes” to install the new rules.
Part 1.2 – Configuring services for CentOS 6.2
Lets start the cron daemon with the command:
service crond start
Update the file name database by running the command:
updatedb
Configure logwatch, system log analyzer and reporter by running the command:
vi /usr/share/logwatch/default.conf/logwatch.conf
and set the directives:
MailTo = you@yourhost.com
Detail = 10 (the most detailed report)
Install the MySQL server
We’ll be using the chkconfig utility to configure which services are to be started in selected runlevels.
Code Information 0 Halt 1 Single-User mode 2 Multi-user mode console logins only (without networking) 3 Multi-User mode, console logins only 4 Not used/User-definable 5 Multi-User mode, with display manager as well as console logins (X11) 6 Reboot
The next four commands will take care of the following steps:
- Install the MySQL server.
- Configure the runlevels.
- Start the MySQL server.
- Secure the MySQL installation.
yum install mysql-server chkconfig --levels 235 mysqld on service mysqld start /usr/bin/mysql_secure_installation
When securing the MySQL installation, just set a root password and answer yes to the rest of the questions.
Install the Apache web server
The next tree commands will take care of the following steps:
- Install the Apache web server.
- Configure the runlevels.
- Start the web server.
yum install httpd chkconfig --levels 235 httpd on service httpd start
Add our fqdn (fully qualified domain name) to /etc/hosts
Use the command
vi /etc/hosts
For the domain otrs.paranoidpenguin.net the entry should look like this:
xxx.xxx.80.99 otrs.paranoidpenguin.net otrs
This is necessary for certain programs to operate correctly and should match the output of the command: hostname -f
. Alternatively you might check the contents of the file /etc/sysconfig/network
Configuring Sendmail
This is not really needed as OTRS will be happy using an external SMTP server, so if you don’t want to use sendmail then just skip this step.
Sendmail is already installed due to dependencies, but we’ll need to install the configuration files with the command:
yum install sendmail-cf
I want to use a smart relay since the outgoing messages in my case will pass through a spam filter.
Lets edit the sendmail macro config file with the command:
vi /etc/mail/sendmail.mc
Edit the SMART_HOST directive with your outgoing (external) mail server.
The entry should be in this format:
define(`SMART_HOST', `smtp.bluehost.com')dnl
That’s all there is to it. Now run the following commands to update the sendmail configuration and to restart the sendmail server.
/etc/mail/make service sendmail restart
Check your new configuration by sending a test mail:
mail -s "Hello from your new server" you@yourdomain.com <Enter> Text for body goes here <Enter> <Ctrl +D>