Revision [2597]

This is an old revision of fredregistry made by JulianDemarchi on 2011-08-22 20:02:28.

 

FRED Registry HOWTO


I will attempt explain how to correctly setup a server to run the FRED registry backend[0]. I will also briefy run over the basic usage off FRED. I would like to point out at this early stage that I am no expert in FRED. This howto is a complication of my notes I made while installing FRED. The sections on FRED's usage is only my limited expereince and their might be better ways to preform the operations I go through. The OS used in the howto is Debian lenny, but the instructions should fit other flavours.

Install required packages

FRED requires the system to have a number of install packages on the system, otherwise FRED will fail to compile or operate correctly.

Debian based
On the system we issue the following command;
apt-get install apache2 postgresql gcc autoconf make bison build-essential libpq-dev omniidl4 omniidl4-python libomniorb4-dev libomnithread3-dev libdaemon-dev libboost-dev libboost-thread-dev libboost-date-time-dev libboost-program-options-dev libboost-regex-dev python-imaging python-reportlab tinyerp-server xsltproc apache2-threaded-dev liborbit2-dev libxml2-dev python-cherrypy3 python-simpletal python-omniorb2 omniidl4-python libapache2-mod-python omniorb4-nameserver omniorb4 python-clearsilver python-dnspython python-pygresql fpdns whois openssl libidn11 libidn11-dev python-trml2pdf ttf-freefont python-simplejson php5 sendmail ldnsutils

Answer any questions asked during install. If you're unsure of the answer, select the default option.

Debian Wheezy
apt-get install apache2 postgresql gcc autoconf make bison build-essential libpq-dev omniidl omniidl-python libomniorb4-dev libomnithread3-dev libdaemon-dev libboost-dev libboost-thread-dev libboost-date-time-dev libboost-program-options-dev libboost-regex-dev python-imaging python-reportlab xsltproc apache2-threaded-dev liborbit2-dev libxml2-dev python-cherrypy3 python-simpletal python-omniorb omniidl-python libapache2-mod-python omniorb-nameserver omniorb python-clearsilver python-dnspython python-pygresql fpdns whois openssl libidn11 libidn11-dev python-trml2pdf ttf-freefont python-simplejson php5 sendmail ldnsutils

wget http://ftp.de.debian.org/debian/pool/main/t/tinyerp-server/tinyerp-server_4.2.3.4.orig.tar.gz
**Gentoo**
//omniORBpy-3.6// has to be installed via sources, portage does not include it and layman's overlay (science) does not compile successfully.
download at: http://sourceforge.net/projects/omniorb/files/omniORBpy/

$ tar xjf *bz2; cd omni*
$ ./configure --prefix=/usr/ --with-omniorb=/usr/; make
$ sudo make install
USE flags

dev-db/postgresql-server doc python perl
dev-libs/libxslt python
media-libs/gd truetype jpeg fontconfig
dev-libs/libxml2 python
media-gfx/graphviz python
dev-libs/boost python
dev-util/boost-build python
dev-libs/clearsilver python
net-misc/omniORB ssl
net-libs/ldns python ssl
Keywords

net-dns/fpdns ~amd64
app-office/openerp-server ~amd64
dev-python/simpletal ~amd64
net-libs/ldns python ssl
Packages

net-misc/omniORB \ # robust, high-performance CORBA 2 ORB

Basic Build tools
gcc autoconf make bison \ # Basic build tools
dev-libs/openssl

Libs
dev-libs/clearsilver \ # fast, powerful, and language-neutral HTML template system
dev-libs/boost \
dev-libs/libdaemon \
media-fonts/freefont-ttf \ # TrueType Unicode fonts
dev-libs/libxml2 \ # library to manipulate XML files
net-dns/libidn \ # Internationalized Domain Names (IDN) implementation

Webserver
www-servers/apache dev-lang/php \ # Webserver
www-apache/mod_python \ # Apache2 module providing an embedded Python

Nameserver
bind bind-tools \ # Nameserver

net-dns/fpdns \ # Fingerprinting DNS servers
net-dns/ldns-utils \ # Set of utilities to simplify various dns(sec) tasks.

Databases
dev-db/postgresql-server

Misc
app-doc/doxygen \ # documentation system
app-office/openerp-server \ # Open Source ERP & CRM
app-xemacs/xslt-process \ # XSLT processing support
net-misc/whois \ # improved Whois Client

Python
dev-python/pyorbit \ # ORBit2 bindings for Python
dev-db/pygresql \ # A Python interface for the PostgreSQL database
dev-python/simplejson \ # JSON encoder/decoder for Python
dev-python/cherrypy \ # pythonic, object-oriented HTTP framework
dev-python/simpletal:4 \ # Python implementation of the TAL, TALES and METAL specifications - python2, use :5 for python3
dev-python/dnspython \ # DNS toolkit for Python
dev-python/imaging \ # Python Imaging Library (PIL)
dev-python/reportlab \ # Tools for generating printable PDF documents from any data source
//Oneliner//

emerge -n net-misc/omniORB gcc autoconf make bison dev-libs/openssl dev-libs/clearsilver dev-libs/boost dev-libs/libdaemon media-fonts/freefont-ttf dev-libs/libxml2 net-dns/libidn www-servers/apache dev-lang/php www-apache/mod_python bind bind-tools net-dns/fpdns net-dns/ldns-utils dev-db/postgresql-server app-doc/doxygen app-office/openerp-server app-xemacs/xslt-process net-misc/whois dev-python/pyorbit dev-db/pygresql dev-python/simplejson dev-python/cherrypy dev-python/simpletal:4 dev-python/dnspython dev-python/imaging dev-python/reportlab -vp
===Install FRED===

To run FRED correctly it should be run as it's own user. Create a user called fred on your system. Ensure that the user belongs to the postgres group.

Add 'fred'

# useradd fred -U -G postgres,cron,
# mkdir /home/fred; chown fred:fred /home/fred
# su - fred
FRED-Manager

$ wget http://fred.nic.cz/sources/fred-manager; chmod +x fred-manager
$ ./fred-manager download
$ ./fred-manager configure
$ ./fred-manager install
Once fred-manager has compiled and installed all the components of FRED without any errors you may try and start it. 

Test
check if fred is working at all at this point:

$ ./fred-manager start
SUCCESS: Starting PostgreSQL
SUCCESS: Starting omniNames...
SUCCESS: Starting FRED central registry CORBA servers...
SUCCESS: Starting Apache...
SUCCESS: Starting FRED webadmin HTTP server...
SUCCESS: Starting named...
===Add a TLD===

To add a TLD to fred, the fred-admin command is used. Below is the script I use to add TLDs;

cat bin/fred_add_tld.sh
#!/bin/bash

ADMIN="/home/fred/root/sbin/fred-admin"

if | ! $2 || ! $3; then
echo "Usage:" basename $0 "<TLD> <hostmaster@email.tld> <nameserver_FQDN>"
else
$ADMIN --zone_add \
--zone_fqdn=$1 \
--ex_period_min=12 \
--ex_period_max=120 \
--ttl=18000 \
--hostmaster=$2 \
--refresh=10600 \
--update_retr=3600 \
--expiry=1209600 \
--minimum=7200 \
--ns_fqdn=$3
Below is the script I use to add an extra NS to a TLD; (will be updated soon)

#!/bin/sh
ADMCMD=/srv/fred/root/sbin/fred-admin
$ADMCMD --zone_ns_add \
--zone_fqdn=$1 --ns_fqdn=ns1.opennic.glue
$ADMCMD --zone_ns_add \
--zone_fqdn=free --ns_fqdn=ns2.opennic.glue
$ADMCMD --zone_ns_add \
--zone_fqdn=free --ns_fqdn=ns5.opennic.glue
$ADMCMD --zone_ns_add \
--zone_fqdn=free --ns_fqdn=ns6.opennic.glue
$ADMCMD --zone_ns_add \
--zone_fqdn=free --ns_fqdn=ns7.opennic.glue
$ADMCMD --zone_ns_add \
--zone_fqdn=free --ns_fqdn=ns21.opennic.glue
$ADMCMD --zone_ns_add \
--zone_fqdn=free --ns_fqdn=ns21.opennic.glue
===Add a registrar===

In order to register domains in the TLD just created, a registrar needs to be added to the system, given the correct permissions and an SSL cert needs to be created.

To add a user, use the script below;

cat bin/fred_add_registrar.sh
#!/bin/bash

ADMIN="/home/fred/root/sbin/fred-admin"

if | ! $2 || ! $3 || ! $4 || ! $5; then
echo "Usage:" basename $0 "<HANDLE> <Country> <Organisation> <Registrar name> <URL>"
echo "Example:" basename $0 "foo DE fubarorg 'Fu Bar' domain.tld"
else
$ADMIN --registrar_add \
--handle=$1 \
--country=$2 \
--organization=$3 \
--reg_name=$4 \
--url=$5
fi
Now the following script gives the registrar permissions to add domains to a TLD;

cat bin/fred_permission.sh
#!/bin/bash

ADMIN="/home/fred/root/sbin/fred-admin"

if | ! $2; then
echo "Usage:" basename $0 "<HANDLE> <FQDN>"
else
$ADMIN --registrar_add_zone \
--handle=$1 \
--zone_fqdn=$2 \
--from_date=$(date +%Y-%m-%d)
fi
For FRED to verify ssl certs, you first need to create  CA authority;

http://www.tc.umn.edu/~brams006/selfsign.html : a great link which shows how to create one and sign your SSL cert


Create CA

$ openssl genrsa -des3 -out ca.key 4096
$ openssl req -new -x509 -days 365 -key ca.key -out ca.crt
Create CSR

$ openssl genrsa -des3 -out client.key 4096
$ openssl req -new -key client.key -out client.csr
Sign CSR/Create CRT

$ openssl x509 -req -days 365 -in client.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out client.crt
Remove Passphrase

$ openssl rsa -in client.key -out client-nopass.key
To complete adding the new user, the MD5 fingerprint and users password needs to be entered into FRED. The following script will do this;

cat bin/fred_acl_mod.sh
#!/bin/bash

ADMIN="/home/fred/root/sbin/fred-admin"

if | ! $2 || ! $3; then
echo "Usage:" basename $0 "<cert> <HANDLE> <password>"
else
MD5=`openssl x509 -noout -fingerprint -md5 -in $1 | awk -F'=' '{ print $2 }'`
$ADMIN --registrar_acl_add \
--handle=$2 \
--certificate=$MD5 \
--password=$3
===Using the QT FRED client===

On your Linux desktop of choice, download the FRED client package. The location of it is http://<fred-server-name>:22354/fred-client-2.1.4.zip. If the URL does not work[1], double check FRED is running. Unzip the downloaded package into your home dir. Then issue the following commands inside the unzipped archive;

python ./setup.py build & python ./setup.py install
The config file for the client lives in ./fred-client-2.1.4/data_files/conf/fred/fred-client.conf. The SSL certs live in ./fred-client-2.1.4/ssl/. To setup fred modify thhe following lines in fred-client.conf;

[...]
[connect]
dir=/path/to/fred-client-2.1.4/ssl
host = <fred-server-name>
port = 22351
;ssl_cert = %(dir)s/test-cert.pem
;ssl_key = %(dir)s/test-key.pem
ssl_cert = path/to/client.crt
ssl_key = path/to/client-nopass.key
username = <HANDLE>
password = <PASSWORD>
[...]
Once done you can start either the CLI or QT version of the client. In this howto we will use the QT version. To start it issue;

./fred-client-2.1.4fred-client-qt4.pyw
You will know if it worked as next to status it will say "ONLINE: username@fredserver".


----
0 - http://fred.nic.cz
1 - Troubleshooting

**find relevant logfiles**
$ find root/ -iname '*log'

**Problem: fred-webadmin/fred-pyfred won't start, when executing 'sbin/fred-webadmin' the following debug message appears**

/home/fred/root/sbin/fred-webadmin
KEEP LOGGING TO /home/fred/root/var/log/fred-webadmin/fred-webadmin-20110807.log
/usr/lib64/python2.6/site-packages/cherrypy/lib/http.py:4: DeprecationWarning: cherrypy.lib.http has been deprecated and will be removed in CherryPy 3.3 use cherrypy.lib.httputil instead.
DeprecationWarning)
Traceback (most recent call last):
File "/home/fred/root/sbin/fred-webadmin", line 9, in <module>
from fred_webadmin import adif
File "/home/fred/root/lib/python2.6/site-packages/fred_webadmin/adif.py", line 54, in <module>
from webwidgets.templates.pages import (
File "/home/fred/root/lib/python2.6/site-packages/fred_webadmin/webwidgets/templates/pages.py", line 4, in <module>
from fred_webadmin.webwidgets.forms.filterforms import get_filter_forms_javascript
File "/home/fred/root/lib/python2.6/site-packages/fred_webadmin/webwidgets/forms/filterforms.py", line 11, in <module>
from forms import Form
File "/home/fred/root/lib/python2.6/site-packages/fred_webadmin/webwidgets/forms/forms.py", line 10, in <module>
from fields import Field
File "/home/fred/root/lib/python2.6/site-packages/fred_webadmin/webwidgets/forms/fields.py", line 715, in <module>
class MultiValueField(Field):
File "/home/fred/root/lib/python2.6/site-packages/fred_webadmin/webwidgets/forms/fields.py", line 767, in MultiValueField
value = LateBindingProperty(_get_value, _set_value)
File "/home/fred/root/lib/python2.6/site-packages/fred_webadmin/utils.py", line 35, in init
property.init(self, fget, fset, fdel, doc)
TypeError: readonly attribute
//Solution//

comment out line 26 in /home/fred/root/lib/python2.6/site-packages/fred_webadmin/utils.py

# doc = property.dict['doc'] # see bug #576990
%%
There are no comments on this page.
Valid XHTML :: Valid CSS: :: Powered by WikkaWiki