The Kolab Groupware Solution lets you synchronize your contacts and calenders over multiple devices and easily share them selectively with other users. It is a 100% Free Software and historically close to the KDE community, but you can also use it with a multitude of different clients such as Thunderbird. Ever since the first alpha version of the brand new Kolab 3.0 Groupware Solution was released, I wanted to give it a try. The new features and especially the freshly skinned webclient based on Roundcube got me excited. I’m still running an old Kolab 2.2 server on Debian for personal use and hope to be able to switch to 3.0 as soon as Debian packages are ready. So far the best system to run Kolab on is CentOS, because native packages exist. Even though I have virtually no experience with CentOS, I tried a test install in a virtual machine. Read on for my experiences.
Installing CentOS in VirtualBox
Being an advanced user, I started to follow the quick howto from kolab.org. So at first I had to download an ISO image of CentOS from a mirror. I decided to use VirtualBox because it has a nice GUI and is fairly easy to setup. Then I created a new VM called “Kolab Server” with Redhat GNU/Linux 64bit as an operating system because that was closest to CentOS. Afterward, I hooked in the ISO image as a virtual CD drive and booted the VM.
It booted right into a graphical GNOME environment showing me a button to install CentOS to the hard drive. Pressing that button a couple of times didn’t produce any result, so I figured out what the button was actually starting and ran that command from the terminal. There I was told that there wasn’t enough RAM available to execute the graphical installer. Thankfully the terminal installer was started right away for me and I could get going.
The install was quite easy. Just a few questions here and there. I decided to disable the firewall completely to not run into any trouble with that later. As soon as the installation was complete I didn’t want to work with the cumbersome VM window anymore and was looking into ways to access the VM with ssh. Turned out, I just had to configure Port Forwarding for the VM. So in VM Settings I selected “Attached to: NAT” in the “Network” tab. In “Advanced” I configured “Port Forwarding” as follows:
Name | Protocol | Host IP | Host Port | Guest IP | Guest Port guestssh | TCP | | 2222 | | 22
This allowed me to login with ssh from the host machine using
ssh -p 2222 root@localhost
Installing and Setting Up Kolab
Then I continued to follow the quick installation howto. Since the URL of the release package changed since the howto was written, I had to look up the proper URL by clicking on the provided link. The installation of Kolab itself took some time, but it went through without errors. Starting
setup-kolab resulted in the following warning:
WARNING: The Fully Qualified Domain Name or FQDN for this system is incorrect. Falling back to 'localdomain'.
Since I had already heard about problems with incorrect domain names, I decided to take the warning seriously and abort the setup by pressing Ctrl+C. To get some more advanced help on the issue I moved over to docs.kolab.org for the extensive installation guide. It told me that the setup “requires that the Fully Qualified Domain Name (FQDN) for the system resolves back to the system”. So in
/etc/sysconfig/network I added
HOSTNAME=kolab.example.org and in
/etc/hosts I added
10.0.2.15 kolab.example.org since 10.0.2.15 was the IP address of the VM. Apparently, it is important not to use 127.0.0.1 here. Then I had to reboot for the hostname change to take effect.
After the VM came back up, I logged into ssh and ran again:
This time, it started without warnings and asked me to provide many many passwords. You can see that Kolab still takes security seriously. I’ll post the output of setup-kolab below.
Please supply a password for the LDAP administrator user 'admin', used to login to the graphical console of 389 Directory server. Administrator password [ZqtSz8nIQI6f4hR]: Please supply a password for the LDAP Directory Manager user, which is the administrator user you will be using to at least initially log in to the Web Admin, and that Kolab uses to perform administrative tasks. Directory Manager password [KzHd2dVQ2o9JkXr]: Please choose the system user and group the service should use to run under. These should be existing, unprivileged, local system POSIX accounts with no shell. User [nobody]: Group [nobody]: This setup procedure plans to set up Kolab Groupware for the following domain name space. This domain name is obtained from the reverse DNS entry on your network interface. Please confirm this is the appropriate domain name space. example.org [Y/n]: n Domain name to use: kolab.example.org The standard root dn we composed for you follows. Please confirm this is the root dn you wish to use. dc=kolab,dc=example,dc=org [Y/n]: Setup is now going to set up the 389 Directory Server. This may take a little while (during which period there is no output and no progress indication). Shutting down dirsrv: kolab... [ OK ] Starting dirsrv: kolab... [ OK ] Please supply a Cyrus Administrator password. This password is used by Kolab to execute administrative tasks in Cyrus IMAP. You may also need the password yourself to troubleshoot Cyrus IMAP and/or perform other administrative tasks against Cyrus IMAP directly. Cyrus Administrator password [kplMHHzS_U3QRP2]: Please supply a Kolab Service account password. This account is used by various services such as Postfix, and Roundcube, as anonymous binds to the LDAP server will not be allowed. Kolab Service password [IWx-2tE0QoC-VcZ]: Shutting down postfix: [ OK ] Starting postfix: [ OK ] Shutting down amavisd: The amavisd daemon is apparently not running, no PID file /var/run/amavisd/amavisd.pid [FAILED] Starting amavisd: [ OK ] Stopping clamd.amavisd: [FAILED] Starting clamd.amavisd: LibClamAV Warning: ************************************************** LibClamAV Warning: *** The virus database is older than 7 days! *** LibClamAV Warning: *** Please update it as soon as possible. *** LibClamAV Warning: ************************************************** [ OK ] Stopping wallaced: [FAILED] Starting wallaced: [ OK ] Initializing MySQL database: [ OK ] Starting mysqld: [ OK ] Please supply a root password for MySQL. This password will be the administrative user for this MySQL server, and it should be kept a secret. After this setup process has completed, Kolab is going to discard and forget about this password, but you will need it for administrative tasks in MySQL. MySQL root password [gOZS47jIzy8HOXy]: Please supply a password for the MySQL user 'kolab'. This password will be used by Kolab services, such as the Web Administration Panel. MySQL kolab password [gsc5FFDJOgGGsOX]: Please supply the timezone PHP should be using. Timezone ID [UTC]: CEST Please supply a password for the MySQL user 'roundcube'. This password will be used by the Roundcube webmail interface. MySQL roundcube password [j_dvolYPbVVfT8I]: Stopping httpd: [FAILED] Starting httpd: [ OK ] Shutting down cyrus-imapd: [FAILED] Starting cyrus-imapd: [ OK ] Stopping kolab-saslauthd: [FAILED] Starting kolab-saslauthd: [ OK ] Stopping kolabd: [FAILED] Starting kolabd: [ OK ]
At first I was afraid seeing these
[FAILED] services, but then I realized that stopping services that haven’t been started yet will of course fail. There’s already an enhancement request for suppressing this and other unnecessary output from the setup script. Feel free to work on this request. It is a simple python script, so that should be an easy exercise.
Trying out Kolab
So now Kolab was installed and setup. Surprised by how smoothly that went I was asking myself “What now?”. So I looked in the documentation which pointed me to first login in the web-based administration panel. Since I had no graphical environment installed on the server, I had to forward ports again, to be able to access it from the host machine.
Name | Protocol | Host IP | Host Port | Guest IP | Guest Port guesthttp | TCP | | 8080 | | 80
So now I could go to http://localhost:8080/kolab-webadmin/ and login with
cn=Directory Manager and the password
KzHd2dVQ2o9JkXr that was supplied during the setup process. The login worked well and I could see the shiny webadmin. I was only surprised to find no way to add users, so I asked in IRC. There I was pointed to the documentation again. Since I used the quick install guide, I completely missed the section “Preparing the System”. There was a paragraph on SELinux that says “Not all components of Kolab Groupware are currently completely compatible with running under SELinux enforcing the targeted policy”. So in
/etc/selinux/config I had to change
SELINUX=permissive. This way SELinux just prints a warning, but doesn’t enforce the policy. I again restarted VM, reloaded the webadmin page and had still no links to add users. It turned out that I just had to terminate the current webadmin session by logging out and in again, and there the link appeared.
Now I created a test user and ran the following to verify that it was created successfully.
# kolab list-mailboxes firstname.lastname@example.org user/test.test/Archive@kolab.example.org user/test.test/Calendar@kolab.example.org user/test.test/Calendar/Personal Calendar@kolab.example.org user/test.test/Configuration@kolab.example.org user/test.test/Contacts@kolab.example.org user/test.test/Contacts/Personal Contacts@kolab.example.org user/test.test/Drafts@kolab.example.org user/test.test/Journal@kolab.example.org user/test.test/Notes@kolab.example.org user/test.test/Sent@kolab.example.org user/test.test/Spam@kolab.example.org user/test.test/Tasks@kolab.example.org user/test.test/Trash@kolab.example.org
Great! It worked. Now I moved on to try the webmailer based on Roundcube by going to http://localhost:8080/roundcubemail. I was quite pleased by what I saw. It looke quite nice, a lot better than the old Roundcube skin and seemed to work flawlessly. Only when I sent a test mail to the test user, I noticed that there was a ServerError when checking for new mails. A look in
/var/log/httpd/error_log indicated that I had foolishly specified the wrong timezone during setup. So I had to change it in
date.timezone=Europe/Berlin and restart apache with
# service httpd restart
From now on everything went smoothly and I had a working Kolab server running. Overall I was quite pleased how easy and fast the installation went. Configuration also improved significantly compared to the old Kolab release in Debian. There were a few problems during the installation, but all of them were caused by mistakes on my side and by not starting with the full documentation.
So if you are interested in Kolab, please give it a try and let me know about your experiences!