Installing Bedework
Privilege Separation
Bedework comes as an all in one self contained system in the style of the old school Unix days. However, given the large number of moving parts, this isn't a bad plan. In order to prevent any other processes using anything in the bedework zone of operations, and vice versa, bedework has it's own user account and group, the files all go in the bedework home directory, to which only the bedework user has access.
All of the following is based on procedures from The Bedework Manual
Create the group
# groupadd -r bedework
Find out the gid
# getent group bedework bedework:x:508:
A local system account with a home directory in /var/lib and that gid
# useradd -r -g 508 -c "Bedework User" -d /var/lib/bedework -m -s /bin/bash bedework
Check the account
# fgrep bede /etc/passwd bedework:x:542:508:Bedework User:/var/lib/bedework:/bin/bash
No need for a password, this user will be accessed either from root, or by ssh key.
Separate Data Volume
This thing is pretty big an has potential to get bigger still, so separate to a new filesystem.
Check what volume groups are present ... in this case vgs_webhost is SSD based disk and vgd_webhost is hard drives
[root@webhost ~]# pvscan PV /dev/vdb1 VG vgd_webhost lvm2 [3.90 GiB / 3.90 GiB free] PV /dev/vda2 VG vgs_webhost lvm2 [31.00 GiB / 7.18 GiB free] Total: 2 [34.90 GiB] / in use: 2 [34.90 GiB] / in no VG: 0 [0 ]
Peel off a logical volume from the hard drive surce
[root@webhost ~]# lvcreate -L 2G -n bedework vgd_webhost Logical volume "bedework" created.
Make the filesystem
[root@webhost ~]# mkfs /dev/mapper/vgd_webhost-bedework mke2fs 1.42.9 (28-Dec-2013) Filesystem label= OS type: Linux Block size=4096 (log=2) Fragment size=4096 (log=2) Stride=0 blocks, Stripe width=0 blocks 131072 inodes, 524288 blocks 26214 blocks (5.00%) reserved for the super user First data block=0 Maximum filesystem blocks=536870912 16 block groups 32768 blocks per group, 32768 fragments per group 8192 inodes per group Superblock backups stored on blocks: 32768, 98304, 163840, 229376, 294912
Allocating group tables: done Writing inode tables: done Writing superblocks and filesystem accounting information: done
Download and install
Login as user bedework
Fetch the zipfile, warning, it's 350+ Megabytes
[bedework@webhost ~]$ wget "http://dev.bedework.org/downloads/3.10.2/quickstart-3.10.2.zip" --2015-12-03 23:52:50-- http://dev.bedework.org/downloads/3.10.2/quickstart-3.10.2.zip Resolving dev.bedework.org (dev.bedework.org)... 128.113.2.72 Connecting to dev.bedework.org (dev.bedework.org)|128.113.2.72|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 383332167 (366M) [application/zip] Saving to: ‘quickstart-3.10.2.zip’
100%[=============================================================================>] 383,332,167 860KB/s in 6m 39s
2015-12-03 23:59:29 (939 KB/s) - ‘quickstart-3.10.2.zip’ saved [383332167/383332167]
Then unpack it