Linux Installation Guide

This document describes a simple setup for linux based systems with SELinux enabled, without root access uding the “.tar.gz” installation file. Root access is needed to create the Openfire user (jiveWF) and for the rc scripts.

This document is provided as-is. Don’t use the steps described here for your production servers.

Server without root access

If you can’t get root access then you should check whether you are allowed to run java programs.

Check whether you get enough memory, VPS or V-Servers (virtual servers) are known to cause problems.

You can install Java and Openfire in the same directory without problems.

Write a cron job or something like this which makes sure that Openfire is started after reboot.

VPS

Some VPS require that you create a file .hotspotrc with this single line for 64 MB:

MaxHeapSize=64000000

It’s not clear where to put it (…/openfire/bin/ or …/jre/bin/).

Some VPS providers have a firewall and allow only connections to port 80 and 443. So port 5222 and 9090 are blocked, don’t try to setup Openfire if this is the case. Every client expects to connect to port 5222.

VPS providers usually limit the number of threads and files, this can also become a big problem for your server.

Java Installation

Ignore this section if you know that you have a fine Java installation.

Run this as root:

## options: create a lv (logical volume) for Java, probably set its home directory to /opt/java
adduser java
passwd java

Login as java and get the current JDK or JRE, e.g. jdk-6u2-linux-i586.bin

export JAVA=jdk-6u2-linux-i586
chmod 700 /tmp/${JAVA}.bin
## install it in the current directory
cd ${HOME}
/tmp/${JAVA}.bin
## accept the license agreement
rm -f /tmp/${JAVA}.bin

You should now have java in /opt/java/jdk-6u2-linux-i586/jre/. Create a symlink for Openfire - if you want to update the java version later you just need to change the symlink here and nothing within your Openfire scripts.

cd /opt/java/
ln -s ${JAVA} Openfire

Openfire Securtiy

Openfire stores relevant information in conf/, embedded-db/ and resources/security/*. Make sure that these directories may only be read by Openfire (jiveWF in this example).

Openfire Installation

Make sure that the unix command “hostname” returns a valid name, for example “example.com” and that your /etc/hosts file does contain this name, for example in the first line together with “127.0.0.1 localhost example.com”. Or that you can resolve it using DNS. Actually the setup page after choosing your locale settings will return a HTTP 500 error if there is a problem.

If you have DNS problems startup may take long, verify /etc/resolv.conf and that “host example.com” work fine.

Run the install script in Simple Start Scripts as root after reviewing it and adjusting some variables.

See http://wiki.igniterealtime.org/display/WILDFIRE/Simple+Start+Script+for+Openfire for the rc script and for the OPENFIRE/bin/openfired script.

Login as jiveWF and get the current Openfire version, e.g. openfire_4_0_0.tar.gz.

export NEWVERSION=openfire_4_0_0
cd ${HOME}
tar -xzf /tmp/${NEWVERSION}.tar.gz
rm -f /tmp/${NEWVERSION}.tar.gz
# make sure that the next update will not overwrite this installation
mv openfire ${NEWVERSION}
ln -s ${NEWVERSION} OF

Start Openfire either as jiveWF with “/home/jiveWF/OF/bin/openfired start” or

as root with “/etc/rc.d/init.d/openfired start”.

Basic Openfire Installation: http://www.igniterealtime.org/builds/openfire/docs/latest/documentation/install- guide.html

Openfire Update

You don’t need root access any more, so you are always user jiveWF.

Login and get the current Openfire version, e.g. openfire_5_0_0.tar.gz.

export NEWVERSION=openfire_5_0_0
cd ${HOME}
tar -xzf /tmp/${NEWVERSION}.tar.gz
rm -f /tmp/${NEWVERSION}.tar.gz
mv openfire ${NEWVERSION}

Now you have the new version installed but not yet active, activate it like this:

Stop the current version with “/home/jiveWF/WF/bin/openfired stop”.

Make a backup of your database (not described here and not necessary for the embedded database).

Copy the current configuration and embedded database:

cd ${HOME}
mkdir -p ${NEWVERSION}/conf/ ${NEWVERSION}/embedded-db/ ${NEWVERSION}/plugins/
cp OF/conf/openfire.xml ${NEWVERSION}/conf/
cp OF/embedded-db/* ${NEWVERSION}/embedded-db/
cp OF/bin/openfired* ${NEWVERSION}/bin/
cp -i OF/plugins/*.jar ${NEWVERSION}/plugins/ # do not overwrite exiting files. # Relink openfire and rm -f OF
ln -s ${NEWVERSION} OF

Start Openfire with “/home/jiveWF/OF/bin/openfired start”

Openfire Start Script

Simple Start Scripts

JVM Settings

JVM Settings and Debugging

Linux Limits

Make sure to review the OS limits of Linux via ulimit -a. Openfire requires at least one file descriptor per concurrent user and the ability to create numerous Java threads. E.g. the default limits of CentOS 6.1 are 1024 for nofiles and nproc. These need to be set in /etc/security/limit.conf and /etc/security/. A clear indicator for JVM thread issues are “can’t create java native tthread” errors in the Openfire error.log.