Zimbra on Ubuntu x86-64

Document Actions

Submitted by ironstorm. on 2007-02-12 06:02. Java | Kubuntu/Ubuntu | Linux | Open Source | Tomcat

Zimbra is a pretty cool open source collaboration suite (exchange+outlook replacement) that makes use of Java + AJAX to deliver a very solid email and calendaring experience (live demo / flash demo). It's also remarkably easy to administer (flash tutorials)... About the only thing bad about Zimbra is how difficult it is to get it running on Ubuntu AMD64 (bins are all i386).

Let's do something about that shall we? :D

Plan B (plan A was to build from source, the repo is a mess, argh!) is to install Zimbra in a i386 chroot. Here's how we do it:

Mostly-Automated-Ubuntu-Dapper-Zimbra-Chroot Install Script [zimbra-install.sh] (last changed Feb 20, 2007)

Notes:

Read before running it.
Slicehost, my new hosting provider (use this sign-up link to give me a small referral kickback) starts me with Dapper... No need to upgrade, however if you do when you go to bootstrap the chroot, whatever the current distro is will be what is installed to the chroot.
base chroot + Zimbra install takes 1.7G+ before any user data
if you get errors like: /opt/zimbra/bin/zmshutil: eval: line 49: syntax error near unexpected token `(' during install.sh... exit the chroot rerun the mount proc and mount dev (see below), wipe out zimbra and rerun install (see bottom block)
Mysql is particular about localhost and localhost.domain, so make sure localhost entry proceeds everything else. Zimbra's MySQL won't start without a localhost entry.
Watch your ports, if you are running a web server or mail servers on the host system (outside the chroot), you'll want to tell Zimbra to find other ports to use then the defaults.
Check out the Zimbra setup and install logs in chroot's /tmp folder for errors

#!/bin/bash
#
# zimbra-install.sh - Mostly Automated Ubuntu Zimbra Chroot Install Script by Garth Dahlstrom (C) 2007
#   Developed to install Zimbra on an Ubuntu AMD64 host system inside a i386 chroot (Zimbra binaries are i386 only).
#
# License: GPL V2
# 
# DISCLAIMER: USE AT YOUR OWN RISK! AND ONLY IF YOU UNDERSTAND WHAT THE SCRIPT IS DOING!
#
# Kickstarting the script:
#   aptitude update && aptitude -y install curl nano && curl http://stacktrace.org/archive/.nanorc | tr -d '\r' > ~/.nanorc # get cURL, then use it to grab Nano syntax colouring file
#   nano zimbra-install.sh && clear && chmod +x zimbra-install.sh && bash -x ./zimbra-install.sh # paste the contents of this script into Nano and you're off

# set chroot directory
export CHROOT=/opt/zimbra-chroot # change this to where you want your zimbra ubuntu distro chroot to live
export CHROOT_LABEL=zimbra
export ZIMBRA_TGZ_URL=http://umn.dl.sourceforge.net/sourceforge/zimbra/zcs-4.5.1_GA_660.UBUNTU6.tgz

if [ -z "$CHROOT" ]; then echo -e '\E[31m'"\033[1m$0 - ERROR:\033[0m" CHROOT must be set otherwise the install will happen on the host system\! && sleep 20 && exit; fi
if [ `hostname|grep '\.'|wc -l` -eq 0 ]; then echo -e '\E[31m'"\033[1m$0 - ERROR:\033[0m" hostname must be a FQDN resolvable via DNS and/or hosts file \(use hostname to set it\) && sleep 20 && exit; fi

if [ ! -f /etc/timezone ]; then tzconfig; fi # configure timezone on host

# You must be root to complete this... `sudo su -`
if [ $UID -ne 0 ]; then echo -e '\E[31m'"\033[1m$0 - ERROR:\033[0m" You must be root to run this && sleep 20 && exit; fi

# halt if there's already a distro there... we won't be the ones to kill it 
if [ -f $CHROOT/etc/lsb-release ]; then echo -e '\E[31m'"\033[1m$0 - ERROR:\033[0m" A distribution already exists at the CHROOT target location \($CHROOT\).  Can not continue\! && sleep 20 && exit; fi

# Install Chroot
sed -ie "s/#*[ ]*deb \(.*\) universe$/deb \1 universe/" /etc/apt/sources.list # make sure 'universe' deb repository is enabled

export ZIMBRA_TGZ=`echo $ZIMBRA_TGZ_URL| rev | cut -d/ -f1 | rev`
if [ ! -f $ZIMBRA_TGZ ]; then
  echo && echo -e '\E[33m'"\033[1m$0 - NOTE:\033[0m" Starting Zimbra install tarball in the background w/ cURL, while Zimbra chroot is being prepped and bootstrapped && echo
  curl --silent --show-error --remote-name $ZIMBRA_TGZ_URL &
fi

aptitude update && aptitude -y install debootstrap dchroot libpam-chroot # once everything works, also consider installing 'fail2ban' to protect from attacks
if [ `grep $CHROOT /etc/dchroot.conf | wc -l` -eq 0 ]; then echo $CHROOT_LABEL $CHROOT >>/etc/dchroot.conf; fi

# build chroot
mkdir -p $CHROOT
debootstrap --arch i386 `grep DISTRIB_CODENAME /etc/lsb-release|cut -d= -f2` $CHROOT http://archive.ubuntu.com/ubuntu # Initalize Ubuntu chroot

if [ ! -d $CHROOT/dev ] || [ `mount | grep $CHROOT/dev | wc -l` -eq 0 ]; then # (re)mount dev for the chroot
  mkdir -p $CHROOT/dev # mount dev starts
  umount $CHROOT/dev
  sleep 2
  mount --bind /dev $CHROOT/dev # so that networking works inside chroot
fi

if [ ! -d $CHROOT/proc ] || [ `ls $CHROOT/proc | wc -l` -eq 0 ]; then # (re)mount proc for the chroot 
  mkdir -p $CHROOT/proc # mount proc starts
  umount $CHROOT/proc
  sleep 2
  mount -t proc proc $CHROOT/proc
fi

cp /etc/timezone $CHROOT/etc/timezone && cp /etc/localtime $CHROOT/etc/localtime # copy timezone info from host to chroot
rm $CHROOT/bin/sh && ln -s /bin/bash $CHROOT/bin/sh # Zimbra wants bash as default shell

echo 127.0.0.1 localhost >>$CHROOT/etc/hosts; # must be first for MySQL5 server to resolve DNS via localhost or Zimbra will not start!
# Set chroot hostname to be the same as the host environment
if [ `grep $(hostname) $CHROOT/etc/hosts|wc -l` -eq 0 ]; then
  echo `ifconfig eth0 | grep Bcast | cut -d: -f2 | cut -d' ' -f1` `hostname` >>$CHROOT/etc/hosts;
fi

if [ `ps aux | grep -v grep | grep $ZIMBRA_TGZ_URL | wc -l` -ge 1 ]; then echo -e '\E[33m'"\033[1m$0 - NOTE:\033[0m" cURL is still downloading... foregrounding cURL to wait for it to finish.; fg; fi # Must have whole Zimbra tarball before we can continue.

mkdir -p $CHROOT/opt/zimbra && cp $ZIMBRA_TGZ $CHROOT/opt/ && tar --directory=$CHROOT/opt -zxvf $ZIMBRA_TGZ

if [ `grep universe $CHROOT/etc/apt/sources.list|wc -l` -eq 0 ]; then echo deb http://archive.ubuntu.com/ubuntu `grep DISTRIB_CODENAME /etc/lsb-release | cut -d= -f2` universe>>$CHROOT/etc/apt/sources.list; fi # Enable Universe

curl http://stacktrace.org/archive/.nanorc | tr -d '\r' > $CHROOT/root/.nanorc && cp $CHROOT/root/.nanorc $CHROOT/opt/zimbra # Syntax highlighting for Nano

echo && echo -e '\E[33m'"\033[1m$0 - NOTE:\033[0m" Adding Zimbra group and Zimbra system user account to host and syncronizing /etc/passwd \& /etc/group with chroot
# Create Zimbra groups in host and mirror into chroot
export chroot_prefix=chroot-
for zimbra_group in ssl-cert postfix postdrop zimbra; do 
  addgroup --system ${chroot_prefix}${zimbra_group}
  dchroot -c $CHROOT_LABEL "addgroup --system --gid `cat /etc/group | grep ${chroot_prefix}${zimbra_group}: | cut -d: -f3` ${zimbra_group}"
done
# Create Zimbra users in host and mirror into chroot
adduser --system --disabled-password --disabled-login --no-create-home --home $CHROOT/var/lib/fetchmail --shell /bin/sh z-fetchm
adduser --system --disabled-password --disabled-login --no-create-home --home $CHROOT/var/spool/postfix --shell /bin/false z-postfi
adduser --system --disabled-password --no-create-home --home $CHROOT/opt/zimbra --shell /bin/bash --ingroup ${chroot_prefix}zimbra zimbra
# mirror users
dchroot -c $CHROOT_LABEL "adduser --system --disabled-password --disabled-login --no-create-home --home /var/lib/fetchmail --shell /bin/sh --uid $(cat /etc/passwd | grep z-fetchm: | cut -d: -f3) fetchmail"
dchroot -c $CHROOT_LABEL "adduser --system --disabled-password --disabled-login --no-create-home --home /var/spool/postfix --shell /bin/false --uid ` cat /etc/passwd | grep z-postfi: | cut -d: -f3` postfix"
dchroot -c $CHROOT_LABEL "adduser --system --disabled-password --no-create-home --home /opt/zimbra --shell /bin/bash --ingroup zimbra --uid ` cat /etc/passwd | grep zimbra: | cut -d: -f3` zimbra"
dchroot -c $CHROOT_LABEL "adduser zimbra postfix"

echo && echo -e '\E[33m'"\033[1m$0 - NOTE:\033[0m" If necessary $0 will add pam_chroot configurations to your sshd server.  SSHd will be restarted.
if [ `grep $CHROOT /etc/security/chroot.conf | wc -l` -eq 0 ]; then echo zimbra $CHROOT >>/etc/security/chroot.conf; fi
if [ `grep pam_chroot.so /etc/pam.d/ssh | wc -l` -eq 0 ]; then echo \# Set up user chroot from /etc/security/chroot.conf. >>/etc/pam.d/ssh && echo session required pam_chroot.so >>/etc/pam.d/ssh; fi
/etc/init.d/ssh restart

dchroot -c $CHROOT_LABEL "dpkg-reconfigure locales" # finish chroot set-up
echo -e '\E[33m'"\033[1m$0 - NOTE:\033[0m" Choose \"No Configuration\" for the chroot\'s MTA, if prompted by aptitude. && sleep 5
dchroot -c $CHROOT_LABEL "aptitude update && aptitude -y install nano wget slay patch psmisc cron openssh-client file libidn11 curl fetchmail libpcre3 libgmp3c2 libexpat1 libxml2 libstdc++6 openssl" # install zimbra prerequsites, skip MTA config

echo -e '\E[33m'"\033[1m$0 - NOTE:\033[0m" Starting Zimbra install in chroot... && sleep 2
dchroot -c $CHROOT_LABEL "cd /opt/zcs && ./install.sh" # Start the install

echo -e '\E[33m'"\033[1m$0 - NOTE:\033[0m" Restarting chroot syslogd \(required so /var/log/zimbra will be bigger then 0\)
dchroot -c $CHROOT_LABEL "/etc/init.d/sysklogd restart" # restart syslog to pick-up Zimbra config changes to /etc/syslog.conf

echo -e '\E[33m'"\033[1m$0 - NOTE:\033[0m" Patching Monitoring and Queue fixes and restarting Zimbra... 
dchroot -c $CHROOT_LABEL "cd /opt/zimbra/libexec && curl http://stacktrace.org/index_html/20070212-Zimbra-on-Ubuntu64/UbuntuMonitoringAndQueueFix.patch | patch --ignore-whitespace --forward; /etc/init.d/zimbra stop && sleep 10 && /etc/init.d/zimbra start" # Apply patch and restart Zimbra 

echo -e '\E[33m'"\033[1m$0 - NOTE:\033[0m" If you need to go back into the chroot to finish the install you can do so by typing \`export CHROOT=$CHROOT \&\& chroot $CHROOT\`

Other Stuff

During the install, I found it necessary + handy to wipe out and start over until I was able to eliminate the errors from the Zimbra setup/install logs and get everything running, if you need to do that here's the quickest way:

## See what's running
# ps aux|grep zimbra # see what is running as zimbra user

## Wiping out zimbra
# slay zimbra # kill all process running under zimbra user
# dpkg --get-selections | grep zimbra- | cut -f1 | xargs dpkg --purge # wipe out zimbra packages in dpkg
# rm -rf /opt/zimbra # wipe out all zimbra files
# slay zimbra && dpkg --get-selections | grep zimbra- | cut -f1 | xargs dpkg --purge && rm -rf /opt/zimbra # exterminate zimbra in 1 line

## Redo the install after wiping it out
cd /opt/zcs && ./install.sh

Post Install Fixes

Forward/Reply Buttons don't work because of a Javascript error: rule has no properties

This is a problem with Timezones on Windows machines, there is a patch from Microsoft (WindowsXP-KB928388-x86-ENU.exe). Details can be read about this problem here. There is an official Zimbra Bug here.

Fix Monitoring and Email Queues within zimbraAdmin (as of Feb 20 this patch is applied by the installer script automatically):

After applying the following patch you'll be able to see Email Queues in zimbraAdmin, if when clicking on the Monitoring->Mail Queues you get a pop-up error dialog complaining about a zimbraRemoteManagementPrivateKeyPath error message, then follow the steps in this thread (and specifically here).

/opt/zimbra/libexec/UbuntuMonitoringAndQueueFix.patch (created from instructions @ http://www.zimbra.com/forums/showthread.php?t=4950):

--- zmgengraphs.orig    2007-02-13 08:46:58.000000000 -0500
+++ zmgengraphs 2007-02-13 08:47:36.000000000 -0500
@@ -27,6 +27,7 @@
 use strict;
 use lib '/opt/zimbra/zimbramon/lib';
 use Zimbra::Util::Common;
+use lib '/opt/zimbra/zimbramon/lib/i386-linux-thread-multi';
 $|=1;
 # Exit if software-only node.
 exit(0) unless (-f '/opt/zimbra/conf/localconfig.xml');
--- zmlogprocess.orig   2007-02-13 08:45:43.000000000 -0500
+++ zmlogprocess        2007-02-13 08:46:36.000000000 -0500
@@ -28,7 +28,7 @@

 use lib "/opt/zimbra/zimbramon/lib";
 use Zimbra::Util::Common;
-
+use lib "/opt/zimbra/zimbramon/lib/i386-linux-thread-multi";
 use DBI;
 use Time::Local;

Apply the patch using this command:

cd /opt/zimbra/libexec && cat UbuntuMonitoringAndQueueFix.patch | patch --ignore-whitespace --forward; /etc/init.d/zimbra stop && sleep 10 && /etc/init.d/zimbra start # Apply patch and restart Zimbra

Enabling ZimbraAdmin on https

/opt/zimbra/apache-tomcat-5.5.15/conf/ZimbraAdminSSL.patch

--- zimbraAdmin.web.xml.in.orig 2007-02-01 22:00:58.000000000 -0500
+++ zimbraAdmin.web.xml.in      2007-02-17 19:06:31.000000000 -0500
@@ -11,7 +11,7 @@
        </context-param>
        <context-param>
                <param-name>admin.allowed.ports</param-name>
-               <param-value>7071</param-value>
+               <param-value>443, 7071</param-value>
        </context-param>

     <!-- =============
--- service.web.xml.in.orig     2007-02-17 18:59:55.000000000 -0500
+++ service.web.xml.in  2007-02-17 19:04:13.000000000 -0500
@@ -67,7 +67,7 @@
     <servlet-class>com.zimbra.soap.SoapServlet</servlet-class>
     <init-param>
       <param-name>allowed.ports</param-name>
-      <param-value>7071</param-value>
+      <param-value>443, 7071</param-value>
     </init-param>
     <!-- Admin servlet allows both admin and user commands -->
     <init-param>
@@ -152,7 +152,7 @@
     <servlet-class>com.zimbra.cs.service.StatsImageServlet</servlet-class>
     <init-param>
       <param-name>allowed.ports</param-name>
-      <param-value>7071</param-value>
+      <param-value>443, 7071</param-value>
     </init-param>
     <load-on-startup>7</load-on-startup>
   </servlet>