Difference between revisions of "BuildingOpenBSD"
m (add categories)
m (add categories)
|Line 275:||Line 275:|
Congratulations, you now have a working OpenBSD install! You can start installing [[#The Dependencies|The Dependencies]].
Congratulations, you now have a working OpenBSD install! You can start installing [[#The Dependencies|The Dependencies]].
Revision as of 22:45, 22 May 2013
At the end of this guide, you'll have Murmur running on OpenBSD. This guide is targeted at people who already have a working knowledge of ksh (or bash), but it should be reasonably easy to follow for people with very limited Linux/Unix experience. OpenBSD maintains pretty thorough documentation at http://www.openbsd.org/faq/index.html. Don't let the term FAQ fool you, it's way, way more than just a FAQ. This guide does not (yet?) contain instructions for building the Mumble client, nor does it include instructions for getting ICE (for which there is no OpenBSD port) working with Mumble on OpenBSD.
A server that'll work nicely for a handful of people (and probably many more) can be run on a VM with OpenBSD and as little as 64MB of memory and negligible cpu usage. You'll need a slightly more memory (a whopping 256MB is fine) to actually build murmur, but after it's built the memory allocated to the VM can be dropped.
Very few. All you need a working OpenBSD install. If you don't have one (but have somewhere to install it, like VirtualBox), see Installing OpenBSD.
Murmur depends heavily on qt4 and protobuf, and uses boost for it's build system. We'll be using git to check out the latest sources. So, to install all the necessary dependencies (as root):
pkg_add -iv git qt4 protobuf boost
One of git's dependencies is rsync, which has two flavors. Chose the one with iconv.
Ambiguous: choose dependency for git-188.8.131.52: a 0: rsync-3.0.9p2 1: rsync-3.0.9p2-iconv Your choice: 1
Getting and Building Murmur
We'll get the source code for murmur from git:
git clone -b after-1.2.4 git://github.com/mumble-voip/mumble.git mumble
We'll be configuring murmur to not build in support for DBUS or ICE. If you need these, remove the appropriate parts of the line below and install the appropriate packages. To just get a quick server running, though, they're not necessary. If you're using any sort of 3rd party management tool, you'll probably want them.
cd mumble && qmake4 CONFIG+=no-client CONFIG+=no-dbus CONFIG+=no-ice -recursive main.pro
qmake should print out a message about reading murmur.pro and return you back
to the bash prompt. We're finally at where we can build murmur.
Configuring the System
While it's building (you can wait untill it's finished if you really want), we can set up the rest of the system. We'll be using Avahi to announce the server on the local network. To have it start at boot, add the following lines to /etc/rc.conf.local. You'll need to be root.
pkg_scripts="dbus_daemon avahi_daemon" dbus_daemon_flags= avahi_daemon_flags=
If you want murmur to start at boot, you can add it to /etc/rc.local
if [ -x /usr/local/sbin/murmurd ]; then echo 'Starting murmurd'; /usr/local/sbin/murmurd -ini /etc/murmur.ini fi
By now, hopefully murmur is done compiling. If it's finished, we can copy it (as root) to /usr/local/sbin. If not, just wait. As long as it gets copied before the VM is rebooted, it'll work just fine.
cp ./release/murmurd /usr/local/sbin chmod u+x /usr/local/sbin/murmurd
If you don't want to run murmur from /usr/local/sbin, you can put it anywhere you want as long as you modify /etc/rc.local accordingly.
Now that we have murmur compiled and installed along with its dependencies, the last thing to do before we configure it is test and make sure it'll run. As the (non-root, right?) user you compiled it with, we'll start it with default everything in debug mode.
./release/murmurd -v -fg
If all has gone well, we'll get a few messages saying the server is running and it'll give us the password for the "SuperUser" (read: server admin) account. At this point, if there's a message saying there's not enough file descriptors, you can safely ignore it. Also look for a message about Bonjour.
<W>2013-02-16 19:32:47.258 Initializing settings from /home/murmur/.murmurd/murmur.ini (basepath /home/murmur/.murmurd) <W>2013-02-16 19:32:47.290 OpenSSL: OpenSSL 1.0.1c 10 May 2012 <W>2013-02-16 19:32:47.402 ServerDB: Opened SQLite database /home/murmur/murmur.sqlite <W>2013-02-16 19:32:47.412 Generating new tables... <W>2013-02-16 19:32:47.421 Murmur 1.2.4 (Compiled Feb 16 2013 15:23:22) running on X11: OpenBSD 5.3: Booting servers <W>2013-02-16 19:32:47.434 1 => Password for 'SuperUser' set to 'r4nd0mC|-|4ract3rS' <W>2013-02-16 19:32:47.485 1 => Server listening on [::]:64738 <W>2013-02-16 19:32:47.489 1 => Server listening on 0.0.0.0:64738 <W>2013-02-16 19:32:47.493 1 => Server: Failed to set TOS for UDP Socket <W>2013-02-16 19:32:47.497 1 => Generating new server certificate. <W>2013-02-16 19:32:47.669 1 => Announcing server via bonjour <W>2013-02-16 19:32:47.713 1 => Not registering server as public
When you're satisfied it's working, kill it. Next up, configuring your new server.
If there's a message about file descriptors like the one below, you may have problems if you run a particularly busy server.
<C>2013-02-16 19:32:47.713 Current booted servers require minimum 1030 file descriptors when all slots are full, but only 1024 file descriptors are allowed for this process. Your server will crash and burn; read the FAQ for details.
The FAQ has more details. To increase the number of file descriptors available to daemons, run the following perl one-liner as root to update
perl -i -pe '$_.=("\x20"x8).":openfiles-max=1030:\\\n" if /^daemon:/' login.conf
Note the spaces are there to keep everything in
/etc/login.conf neatly aligned.
All that's left is to configure the server. This takes the form of a config file located at
/etc/murmur.ini. You'll have to create it as root and change the owner to the user to which murmur will drop its privileges.
touch /etc/murmur.ini chown murmur:murmur /etc/murmur.ini
Below are some lines worth adding to murmur's config file. It's pretty minimal, but will get you up and running. Have a look at http://mumble.sourceforge.net/Murmur.ini for more options.
You can set a password here. If you're going to publicly list your server, there must be nothing after the =
You don't have to set this, but if you set it to 0, logs kept in murmur's database will never be removed.
registerName=I Followed a HowTo registerPassword=changeme registerUrl=http://www.openbsd.org registerHostname=changeme
The above four lines pertain to listing your server publicly. registerName is how your server will show up in the server list. registerPassword is used to uniquely identify your server behind the scenes. Please don't leave it as changeme. registerURL isn't critical. It's presented to people browsing the list of servers when they right-click on a server. registerHostname is needed if your server is behind a firewall or other NAT device. It must resolve to your external IP address. You may be able to leave this unset if OpenBSD is getting a routeable IP. Failing all that, get a dynamic hostname from no-ip.org and use that.
Use Bonjour (Avahi) to announce your server on the local network.
OpenBSD stores it's root certificate cache in a location that murmur won't look by default. If this is not set, registration will fail.
Drop privileges to murmur (the user) from root. This is done so if some day an exploit is found for murmur, the damage will be less severe.
adduser murmur will add a new user named murmur.
Require clients to have a certificate to join the server. This isn't strictly necessary, but it'll make administration easier.
Where murmur logs. This will need to be writable by murmur, so we'll have to create it and give murmur write permissions.
Here's the config all in one (copy/pastable) block:
serverpassword= logdays=0 registerName=I Followed a HowTo registerPassword=changeme registerUrl=http://www.openbsd.org registerHostname=changeme bonjour=True sslCA=/etc/ssl/cert.pem uname=murmur certrequired=True logfile=/var/log/murmurd.log
Once you've looked at the above lines in /etc/murmur.ini and made any other changes you want it's time to set the server in motion. To test it, first manually create a log file writeable by the user that murmur will run as and then start everything (as root, of course).
touch /var/log/murmurd.log chown murmur:murmur /var/log/murmurd.log chmod 600 /var/log/murmurd.log /etc/rc.d/dbus_daemon start /etc/rc.d/avahi_daemon start pkill murmurd /usr/local/sbin/murmurd -ini /etc/murmur.ini
Give it a few seconds, and check if it's running.
This lists running processes. You should see something like
18227 ?? S 0:42.62 /usr/local/sbin/murmurd -ini /etc/murmur.ini
If it's there, so far so good. Your SuperUser password should be in /var/log/murmur.log. Grep for it, you'll probably want it later.
grep "Password for \'SuperUser\'" /var/log/murmurd.log
The final check to perform is to see if murmur is listening like we expect it to be.
fstat | grep murmurd | grep internet
This lists open files (and sockets). You should see murmur listening
murmur murmurd 18227 13* internet6 stream tcp 0xfffffe8002ce0d20 *:64700 murmur murmurd 18227 14* internet stream tcp 0xfffffe80024c8008 *:64700 murmur murmurd 18227 15* internet6 dgram udp *:64700 murmur murmurd 18227 16* internet dgram udp *:64700
If all of the above looks good, your murmur server is up and running. You can leave it up, but unless uptime in a concern to you, it's a good idea to shut it down and restart it to make sure it'll come up like you expect in case of a power failure or some other reason your server restarts.
shutdown -h now
Check if it's running and listening for new connections after you restart the machine.
ps ax fstat | grep murmurd | grep internet
If everything went well, you'll see a line similar to the one above in ps's output, and a handful of listening sockets in the output of fstat.
Congratulations, you're the proud owner of the Internet's newest Murmur server.
This section contains a guide to getting OpenBSD up and running. It's not a comprehensive install guide by any means, but it should be enough to get you started. You'll need somewhere to install OpenBSD, and an OpenBSD install CD. You can get the latest install CD image from any OpenBSD Mirror. The images are usually named something along the lines of installXY.iso. The latest release (as of 2012-03-28 for i386 is install53.iso (install53.iso for amd64). This section assumes you're installing OpenBSD to a VM, but you certainly don't have to.
Fire up your VM and boot off the OpenBSD install image. The install will start and give you a few choices. Most of the time, the default options are fine. The ones that require attenion are below:
(I)nstall, (U)pgrade or (S)hell? i
You want to install, of course.
System hostname? (short form, e.g. 'foo') murmur-headless
You should replace
murmur-headless with whatever you want your VM's hostname to be.
mys00p3r1337s3rv3r, and so on work just fine.
Available network interfaces are: vio0 vlan0 Which one do you wish to configure? (or 'done') [vio0]
Usually the default's fine here. The interfaces you have will depend on what network card your VM is emulating. Your interface may be
re0, or something totally different. As long as you're not configuring
vlan0, you're good. In this howto we'll be using vio0.
IPv4 address for vio0? (or 'dhcp' or 'none') [dhcp]
If all the people who are going to be using the server are on the same network, DHCP is fine. If you're going to have a public-facing murmur server, you may want to specify the IP address. If you set an IP address and want to use DHCP later or choose DHCP and want to set a static address later, it's easy to change.
IPv6 address for vio0? (or 'rtsol' or 'none') [none] rtsol
If your network supports IPv6, specify
rtsol to have it configure itself automagically. Even if it doesn't, you can still say rtsol here and it won't hurt anything.
Password for root account? (will not echo)
Choose a password here. Make it a strong one. Keep it somewhere secure. You'll have to type it twice. Note that nothing will appear when you type the password. This is normal. Type it and hit enter.
Start ntpd(8) by default? [no] yes
VMs often have lousy clocks. This'll help that. You can leave it off if you have a compelling reason to.
Do you expect to run the X Window System? [yes] no
This is for people who want a GUI for something. No point for a headless server.
Setup a user? (enter a lower-case loginname, or 'no') [no] murmur
This is the user that'll run the murmur server. Running as root isn't such a great idea. Give him a password when prompted. Don't reuse root's password.
What timezone are you in? ('?' for a list) [EST5EDT] ?
If you're not in the time zone displayed (in this case
? for a list. Chose a time zone that looks right to you. It probably won't matter too hugely much, but your logs will look funny.
Location of sets? (cd disk ftp http or 'done') [cd]
If you got the install CD today, especially if it's one of the stable releases (like install52.iso) use that for the install. Sets are tarballs containing installation files. You can change this to http, it'll just add an extra few minutes to your install and some network traffic for you and the server that you pull the sets from. cd is a better choice. Leave the next few options as their defaults.
At this point (assuming you've left everything else default), a list of sets should appear on your screen, along with progress bars, and timers. When they're all done installing:
Location of sets? (cd disk ftp http or 'done') [done]
At this point, all the work you need to do to install OpenBSD is done. Hit enter, wait for a few messages that the installer will give you, and read the nice Congratulations message.
The OpenBSD prompt is slightly less exciting than most other OS's. Once it reboots, you can either SSH in or use your VM's console. The IP address can usually be seen in the messages OpenBSD prints when it starts up. Look for something like
bound to 192.168.11.100 -- renewal in 3600 seconds.
if you used DHCP. Alternatively, you can try using the hostname you set in the installer. An added benefit of using SSH is the ability to multitask.
You now have a fresh OpenBSD install at our disposal. Before you can get to installing mumble (specifically, its dependencies), you'll have to tell OpenBSD where to look for installable packages. Fortunately, OpenBSD makes this very easy. The first step is becoming root.
Use the root password, of course. Once root, add the PKG_PATH variable to root's .profile with the address of a mirror near you. A list of OpenBSD mirrors can be found at http://www.openbsd.org/ftp.html. Be sure you give the right path for the packages specific to the version of OpenBSD you installed. The following line points to packages for the OpenBSD 5.3, i386 (32-bit):
echo 'export PKG_PATH=http://mirrors.syringanetworks.net/pub/OpenBSD/5.3/packages/i386/' >> ~/.profile
and amd64 (64-bit):
echo 'export PKG_PATH=http://mirrors.syringanetworks.net/pub/OpenBSD/5.3/packages/amd64/' >> ~/.profile
Add the appropriate line to root's .profile and load the changes.
Congratulations, you now have a working OpenBSD install! You can start installing The Dependencies.