Policyd

From vpsget wiki
Jump to: navigation, search

How to install Policyd on Centos. Source: http://wiki.policyd.org/installing

Install epel repository:

rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm 

Install required software:

yum install perl-Net-Server perl-Config-IniFiles perl-Cache-FastMmap perl-Mail-SPF php php-pdo php-mysqli nano

Download the package from the official web site: http://policyd.org/content/download

#cd
#wget http://download.policyd.org/v2.0.14/cluebringer-v2.0.14.tar.gz
#tar -zxvf cluebringer-v2.0.14.tar.gz
#cd cluebringer-v2.0.14/database/

Build policyd.sql:

#for i in core.tsql access_control.tsql quotas.tsql amavis.tsql checkhelo.tsql checkspf.tsql greylisting.tsql accounting.tsql
 do
 ./convert-tsql mysql $i
 done > policyd.sql

Create user and database:

#mysql -p
#CREATE USER 'policyd'@'localhost' IDENTIFIED BY 'password';
#CREATE DATABASE policyd;
#GRANT ALL PRIVILEGES ON policyd.* TO 'policyd'@'localhost' WITH GRANT OPTION;
#FLUSH PRIVILEGES;
#exit

Import policyd.sql to MySQL:

#mysql -u root -p policyd < policyd.sql

Copy files:

#mkdir /usr/local/lib/cbpolicyd-2.1
#cp -r cbp /usr/local/lib/cbpolicyd-2.1/
#cp cbpadmin /usr/local/bin/
#cp cbpolicyd /usr/local/sbin/
#cp cluebringer.conf /etc/

Create system directories:

#mkdir /var/log/cbpolicyd
#mkdir /var/run/cbpolicyd

Open conf file:

nano /etc/cluebringer.conf

Find and configure database in the file:

 [database]
#DSN=DBI:SQLite:dbname=policyd.sqlite
DSN=DBI:mysql:database=policyd;host=localhost
Username=policyd
Password=password
#

Do the same for webif conf:

nano /var/www/html/webui/includes/config.php

Conf example:

$DB_DSN="mysql:host=localhost;dbname=policyd";    
$DB_USER="policyd";
$DB_PASS="password";

Open postfix conf file:

#nano /etc/postfix/main.cf

Add the following Postfix config setting in BOTH smtpd_recipient_restrictions and smtpd_end_of_data_restrictions:

check_policy_service inet:127.0.0.1:10031

It's recommended to add these parameters first, i.e.:

smtpd_recipient_restrictions = check_policy_service inet:127.0.0.1:10031, permit_mynetworks, ..., ...

Start service:

#cd ~/cluebringer-v2.0.14
#cbpolicyd

Web interface:

http://IPaddress/webui/