Installing ZoneMinder on Gentoo Full Guide ENGLISH + ITALIAN

[ZioPRoTo]

I wrote a little bit of documentation, I guess this might be good for the Community.

ZioPRoTo (Saverio Proto)

http://zioproto.ninux.org/howto/ZoneMin ... V1pre2.pdf
http://zioproto.ninux.org/howto/ZoneMin ... V1pre2.pdf



This document tells you how to make a ZoneMinder Server on Gentoo Linux
I spent a couple of days reading the ZoneMinder Forum to have a nice ZoneMinder installation on
Gentoo, so in this thread I'm trying to write down the complete guide
Few easy steps to install ZoneMinder on Gentoo
First of all install Gentoo
I used version 2006.1 to write the HowTo
Grab the Live CD and make a networkless installation, installing no extra packages. Just the base
system.
Once installed modify the file /etc/make.conf
You must set ACCEPT_KEYWORDS="~x86" because ZoneMinder is still not stable in the
Portage. This will change in the future, keep in mind this document is dated October 2006
SYNC and GENTOO_MIRRORS are just to have faster download sources.
Here is my Make.conf example:
------------------------------------------------------------------------------------------
# These settings were set by the catalyst build script that
automatically built this stage
# Please consult /etc/make.conf.example for a more detailed
example
#CFLAGS="-O2 -march=i686 -pipe"
CFLAGS="-march=i686 -O2 -pipe"
CHOST="i686-pc-linux-gnu"
CXXFLAGS="${CFLAGS}"
MAKEOPTS=""
ACCEPT_KEYWORDS="~x86"
USE="-cups mpeg apache2 php mysql -X java samba -gtk swat png tiff
gif jpeg -opengl alsa -firefox -kde dvdr encode mp3 vorbis -gnome
-new-login xml graphviz bzip2 bash-completion"
FEATURES=""
SYNC="rsync://rsync.namerica.gentoo.org/gentoo-portage"
GENTOO_MIRRORS="ftp://ftp.unina.it/pub/linux/distributions/gentoo"
LINGUAS="it"
--------------------------------------------------------------------------------------------
Now you can go ahead and use emerge to install what you need:
emerge --sync update list of packets
emerge portage update portage
emerge --update world update all system
etc-update update config files
emerge libpcre If you dont install this manually now, later on
zoneminder will complain about this in the syslog.
emerge zoneminder zoneminder, automatically this will also install apache2
mysql and php
When emerge is done, last few lines on the console will show how to modify /etc/zm.conf and how
to prepare the mysql database.
Let’s see now these two steps:
I used apache2, with apache2 may be a little different
/etc/zm.conf
-------------------------------------------------------
ZM_PATH_BUILD = /usr/share/zoneminder
ZM_PATH_WEB = /var/www/localhost/htdocs/zoneminder
ZM_PATH_CGI = /var/www/localhost/cgi-bin
# ZoneMinder database hostname or ip address
ZM_DB_HOST=localhost
# ZoneMinder database name
ZM_DB_NAME=zm
# ZoneMinder database user
ZM_DB_USER=zm
# ZoneMinder database password
ZM_DB_PASS=zm
---------------------------------------------------------
Now run mysql_install_db if this is your first mysql startup.
And then mysql /etc/init.d/mysql start
Now we create the database tables needed by zoneminder:
mysql -u root < /usr/share/zoneminder/db/zm_create.sql
Into /etc/zm.conf just use root as your DB user so you dont have to create a user. Of course it
is better to create a user, but I’m not explaining this here now.
Now let’s start apache2 /etc/init.d/apache2 start. Point your browser at
http://IP/zoneminder and we should see the ZoneMinder console.
We are almost done, just a few things to fix:
to make everything start automatically when the machine boots:
rc-update add apache2 default
rc-update add mysql default
rc-update add zoneminder default
Now modify /etc/sysctl.conf inserting these two lines:
kernel.shmall = 134217728
kernel.shmmax = 134217728
If you dont do this, ZoneMinder won’t have enough shared memory and will not work with images
bigger than 320x240.
The Start/Stop script provided with the package is not working, so on the ZoneMinder forum I
found information about how to fix the problem:
Modify /etc/passwd
Replace:
apache81:81:added by portage for apache:/var/www:/usr/sbin/nologin
with:
apache81:81:added by portage for apache:/var/www:/bin/bash
We let the apache user execute commando (warning this is a securty threat!)
We put this brand new file /etc/init.d/zoneminder:
---------------------------------------------------------------------------------------------------
#!/sbin/runscript
# Start and stop zoneminder (for Gentoo)
opts="start stop status"
depend() {
use mysql apache2
}
prog=ZoneMinder
ZM_PATH_BIN="/usr/bin"
command="$ZM_PATH_BIN/zmpkg.pl"
start() {
ebegin "Starting $prog"
$command start
eend $? "Failed to start $prog"
}
stop() {
ebegin "Stopping $prog"
$command stop
eend $? "Failed to stop $prog"
}
status() {
result=`$command status`
if [ "$result" = "running" ]; then
echo "ZoneMinder is running"
RETVAL=0
else
echo "ZoneMinder is stopped"
RETVAL=1
fi
exit ${RETVAL}
}
--------------------------------------------------------------------------------------------------------
Start/stop script is fixed.
Last patches:
cd /var/www/localhost/htdocs/zoneminder
chmod 777 events/
mkdir temp/
chmod 777 temp/
I hope this will be useful to someone until ZoneMinder becames a stable package for Gentoo 
ZioPRoTo (Saverio Proto)

[zoneminder]

Many thanks for taking the time to post this. Do you think you could add it to the Wiki also? It's quite easy and any forum user can do it without any further registration.

[jameswilson]

wiki'd

[ZioPRoTo]

Thanks for the cut&paste in the wiki
I truly did not think about it

I just now added in the wiki Contents page the "Gentoo-specific" link under the "help" list, so the page is more easy to find.

Should we rewrite the documentation and make it consistent with this link from the wiki?

http://www.zoneminder.com/wiki/index.php/Gentoo_Install
??

I hope users will not get confused with overdocumentation..

ZioPRoTo (Saverio Proto)

[anest]

Thanks a lot, ZioPRoTo! You did it!
but i have just one think about security: may will be better way to create a new user as 'zoneminder' in system, with bash? i don't really think what that is good idea to give bash to the apache. any ideas?

[ZioPRoTo]

Hi

I just wanted things to work quickly because my server is in a private intranet. I didn't worry too much about security.

I used a lot of stuff from this Forum, because I was not able myself to create a ZoneMinder start/stop script.
So that script worked that way Very bad about security...

I already used the gentoo bugs website (http://bugs.gentoo.org ) to notify the bug, so that in the next ebuild we have the perfect start stop script

http://bugs.gentoo.org/show_bug.cgi?id=155844

That was the best I could possibly do

Best Regards !

ZioPRoTo (Saverio Proto)

[anest]

Just tiny an amendment: for unmask zoneminder you must *NOT* to unmask *every* potentially unstable packages by ACCEPT_KEYWORDS="~x86". To do this just simple as:

Code: Select all

echo "www-misc/zoneminder ~x86" >> /etc/portage/package.keywords

ps: it is not criticism, but just a tip. may be you (or someone else) did not know about this 'gentoo-way'. anyway, Thanks again for great job men!

[anest]

zoneminder, what you think about to add new user in system for solve the security problem? anyway, i think what to add new _special_ user in system will be good deal, what you think?
may create new user 'zoneminder' and put him to groups 'apache', 'video', etc... and give up control from zm scripts, not for apache user. Is it possible?

[anest]

Ok, i did try it just few minutes ago..

May be something wrong here:

apache81:81:added by portage for apache:/var/www:/bin/bash

because when i do "/etc/init.d/zoneminder start" i have this error:

router init.d # /etc/init.d/zoneminder start
* Starting ZoneMinder ...
/bin/bash: --shell=/bin/sh: invalid option
Usage: /bin/bash [GNU long option] [option] ...
/bin/bash [GNU long option] [option] script-file ...
GNU long options:
--debug
--debugger
--dump-po-strings
--dump-strings
--help
--init-file
--login
--noediting
--noprofile
--norc
--posix
--protected
--rcfile
--restricted
--verbose
--version
--wordexp
Shell options:
-irsD or -c command or -O shopt_option (invocation only)
-abefhkmnptuvxBCHP or -o option
* Failed to start ZoneMinder [ !! ]
router init.d #

any ideas?

ps: will try now on different machine and i'll write result back soon

[anest]

Ok, i totaly remove all zoneminder from computer (updatedb; locate zoneminder; rm, locate zm, rm.. by hands)
after that i emerge zoneminder by ZioPRoTo's instruction, but not change init script on this time - it magicaly works now! may be because i find new file /etc/conf.d/zoneminder, it included this lines:

Code: Select all

ZM_SCRIPT=/usr/bin/zmpkg.pl

# Commands for starting and stopping the server

CMD_START="${ZM_SCRIPT} start"
CMD_STOP="${ZM_SCRIPT} stop"

I did also:
cd /var/www/localhost/htdocs
chown -R apache:apache zoneminder
(its was after 'emerge zoneminder' as root:root)
and
gpasswd -a apache video
(this command put user apache to video group. i did it because my /dev/video0 have allways -rw-rw---- and group video. i was change it to -rw-rw-rw by hands, but if i unplug usb camera and plug it back it drop permissions back)
if i do now:
/etc/init.d/zoneminder start
i got OK status but with old bash 'non-critical' error:

router zoneminder # /etc/init.d/zoneminder start
* Starting zoneminder ...
/bin/bash: --shell=/bin/sh: invalid option
Usage: /bin/bash [GNU long option] [option] ...
/bin/bash [GNU long option] [option] script-file ...
GNU long options:
--debug
--debugger
--dump-po-strings
--dump-strings
--help
--init-file
--login
--noediting
--noprofile
--norc
--posix
--protected
--rcfile
--restricted
--verbose
--version
--wordexp
Shell options:
-irsD or -c command or -O shopt_option (invocation only)
-abefhkmnptuvxBCHP or -o option [ ok ]
router zoneminder #

so i fix this by dirty hack (again), i just put in /etc/init.d/zoneminder inline exec /usr/bin/zmpkg.pl script this stuff: ' > /dev/null 2>&1'
my /etc/init.d/zoneminder now:
#!/sbin/runscript
# Copyright 1999-2006 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/www-misc/zoneminder/files/init.d,v 1.1 2006/02/06 22:02:52 rl03 Exp

depend() {
need mysql
use net
}

start() {
ebegin "Starting zoneminder"
eval ${CMD_START} > /dev/null 2>&1
eend $?
}

stop() {
ebegin "Stopping zoneminder"
eval ${CMD_STOP} > /dev/null 2>&1
eend $?
}

And finaly if i run init script i got no errors and zoneminder start and working! (also it start after reboot too and stop working too)

router / # /etc/init.d/zoneminder start
* Starting zoneminder ... [ ok ]
router / #

Thank you ALL!

[ZioPRoTo]

Thanks for the tip!
I'm a gentoo beginner, and this was the first time I had to deal with unmasking a package
I'll correct this in the next release of the documentation... I'll wait for a few more bugs to come out first

Best Regards

ZioPRoTo

Just tiny an amendment: for unmask zoneminder you must *NOT* to unmask *every* potentially unstable packages by ACCEPT_KEYWORDS="~x86". To do this just simple as:

Code: Select all

echo "www-misc/zoneminder ~x86" >> /etc/portage/package.keywords

ps: it is not criticism, but just a tip. may be you (or someone else) did not know about this 'gentoo-way'. anyway, Thanks again for great job men!

[ZioPRoTo]

Could happen that the ZoneMinder ebuild has been updated since I did my tests and I wrote the HowTo?

The start/stop script not working was reported on the BugZilla of Gentoo so maybe now has been fixed ??

Anyways if anyone makes improvements to the HowTo please feel free to update the wiki

ZioPRoTo (Saverio Proto)

Ok, i totaly remove all zoneminder from computer (updatedb; locate zoneminder; rm, locate zm, rm.. by hands)
after that i emerge zoneminder by ZioPRoTo's instruction, but not change init script on this time - it magicaly works now! may be because i find new file /etc/conf.d/zoneminder, it included this lines:

Code: Select all

ZM_SCRIPT=/usr/bin/zmpkg.pl

# Commands for starting and stopping the server

CMD_START="${ZM_SCRIPT} start"
CMD_STOP="${ZM_SCRIPT} stop"

[zoneminder]

zoneminder, what you think about to add new user in system for solve the security problem? anyway, i think what to add new _special_ user in system will be good deal, what you think?
may create new user 'zoneminder' and put him to groups 'apache', 'video', etc... and give up control from zm scripts, not for apache user. Is it possible?

This sounds like a good idea. I will have to check that it doesn't break anything, but otherwise I will put it on the todo list.

[anest]

Thank you, Phil!