HOWTO install Enkive 1.2 on CentOS 6.3

From Enkive Wiki

Revision as of 17:51, 16 May 2013 by Thomas (Talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

This HOWTO documents step-by-step how to install and configure Enkive 1.2 on CentOS 6.3. (The instructions should work on all versions of CentOS 6 and Red Hat Enterprise Linux 6.x, but they have not been tested on those platforms.)

Before continuing, you should read the official, and generic, installation instructions for Enkive 1.2 at

Assumptions: This will be a standalone server that only runs the Enkive email archiver. Any email sent to this machine's postfix (port 25) gets archived. In a production environment you will have to configure your existing mail server(s) to send a copy of each email that comes in to and goes out of your organization to this Enkive server. Configuring your existing mail server(s) to send duplicate emails to Enkive is not covered in this HOWTO.



The files used to install Enkive 1.2. These were the latest available versions at the time of this writing (Nov. 2012):

  • enkive-1.2-CE.tar.gz
  • jdk-7u9-linux-x64.tar.gz (or jdk-7u9-linux-x64.rpm)
  • mongodb-linux-x86_64-2.2.1.tgz
  • indri-5.3.tar.gz
  • commons-daemon-1.0.10-native-src.tar.gz (do not use a later version than this with Enkive 1.2)

The download links are available at

Linux operating system:

  • CentOS 6.3. Default install from the DVD, except selected "Desktop" package installation. You can customize the partitioning any way you like, but make sure there is enough room in /opt as this HOWTO installs most of the Enkive components in that directory.

Make sure you have at least 10GB (and preferably a lot more) of free space on your machine. Mongodb won't start properly if there's not enough free space.

Preliminary steps


Since SELinux is in enforcing mode by default, you will want to set it to permissive while you install and configure Enkive. Modify the line in file /etc/selinux/config so that:




You can also disable SELinux entirely by changing the line in /etc/selinux/config to:


You should reboot your server after modifying /etc/selinux/config. You can also switch to permissive mode on the fly with:

setenforce 0

Remember that changing SELinux with "setenforce" does not hold across reboots!

There are notes further down in this document on how to allow Enkive running with SELinux in enforcing mode.


We recommend leaving iptables disabled while installing and configuring Enkive. You can do this with



Edit /etc/postfix/ so that postfix doesn't just listen on localhost, which is the default behavior. For example, change the line, in /etc/postfix/

inet_interfaces = localhost


inet_interfaces = all

Now restart Postfix:

/etc/init.d/postfix restart

Development environment

Some of the Enkive-related packages need to be compiled, so get a development environment installed. At minimum, the packages you'll need are:

  • gcc
  • gcc-c++
  • make
  • libcap-devel
yum install gcc gcc-c++ make libcap-devel

You can also get a fairly complete development environment by doing:

yum groupinstall "Development Tools" 
yum groupinstall "Server Platform Development"
yum groupinstall "Desktop Platform Development"
yum groupinstall "Additional Development"


Unpack the tarball in /opt:

tar zxvf jdk-7u9-linux-x64.tar.gz -C /opt/

Make a symbolic link:

cd /opt/
ln -s jdk1.7.0_09/ java

So, per the Enkive wiki instructions, $JAVA_HOME is: /opt/jdk1.7.0_09 or /opt/java. We'll use /opt/java as the $JAVA_HOME from now on.

You may want to put /opt/java/bin in your path. The typical way to do this on CentOS/RHEL is to modify the $HOME/.bash_profile file. You could modify the line as follows:


This will put Java first in your path. Remember to log out and log back in to update your $PATH variable.

You can also install Java with the rpm:

rpm -Uvh jdk-7u9-linux-x64.rpm

Note: If you install Java with the RPM you may get the following errors afterwards:

[root@localhost ~]# rpm -Uvh jdk-7u9-linux-x64.rpm 
Preparing...                ########################################### [100%]
   1:jdk                    ########################################### [100%]
Unpacking JAR files...
Error: Could not open input file: /usr/java/jdk1.7.0_09/jre/lib/rt.pack
Error: Could not open input file: /usr/java/jdk1.7.0_09/jre/lib/jsse.pack
Error: Could not open input file: /usr/java/jdk1.7.0_09/jre/lib/charsets.pack
Error: Could not open input file: /usr/java/jdk1.7.0_09/lib/tools.pack
Error: Could not open input file: /usr/java/jdk1.7.0_09/jre/lib/ext/localedata.pack

Apparently this is a known issue, but harmless. See:

If Java was installed using the rpm, then $JAVA_HOME will be:



Note: You must use Jsvc version 1.0.10 (or earlier) with Enkive 1.2. Later versions of Jsvc (1.0.11 and later) are not compatible with Enkive 1.2.

For Jsvc, we will compile with the java option and then copy the resulting binary to another directory so that it's in our path. Note that $JAVA_HOME is /opt/java:

tar zxvf commons-daemon-1.0.10-native-src.tar.gz
cd commons-daemon-1.0.10-native-src/
cd unix/
./configure --with-java=/opt/java
cp jsvc /usr/local/bin/

Now "jsvc" is in your path. This is also where the enkive initscript expects to find the jsvc binary.

(To use a bundled openjdk runtime, it may be possible to substitute for the configure step: export JAVA_HOME=/usr/lib/jvm/default-java ; ./configure )

If you installed Java with the RPM, change the "configure" line to:

./configure --with-java=/usr/java/jdk1.7.0_09


For swig:

yum install swig zlib zlib-devel

If you did a package group installation (ie, yum groupinstall) of the development tools and development libraries, then the swig, zlib, and zlib-devel packages are already installed.


For indri, we're going to install it in /opt/indri, as the Enkive wiki suggests.

tar zxvf indri-5.3.tar.gz
cd indri-5.3/
./configure --prefix=/opt/indri --enable-java --with-javahome=/opt/java
make install

Note: If you installed Java with the rpm, then the configure line will be:

./configure --prefix=/opt/indri --enable-java --with-javahome=/usr/java/jdk1.7.0_09


For mongodb, unpack it in /opt. Create a symbolic link for it. Create a directory within it (ie, data/db) for the database files.

tar zxvf mongodb-linux-x86_64-2.2.1.tgz -C /opt/
cd /opt/
ln -s mongodb-linux-x86_64-2.2.1/ mongodb
cd mongodb/
mkdir -p data/db

Create the initscript for mongodb, and put the following in /etc/init.d/mongodb:

# mongodb     Startup script for the mongodb server
# chkconfig: - 60 40
# description: MongoDB Database Server
# processname: mongodb
# Credit for this initscript goes to:, 
#  It has only been slightly modified.

# Source function library
. /etc/rc.d/init.d/functions

if [ -f /etc/sysconfig/mongodb ]; then
	. /etc/sysconfig/mongodb


start() {
	echo -n $"Starting $prog: "
	daemon $mongod "--fork --dbpath /opt/mongodb/data/db --logpath /var/log/mongodb.log --logappend 2>&1 >>/var/log/mongodb.log"
	[ $RETVAL -eq 0 ] && touch /var/lock/subsys/$prog
	return $RETVAL

stop() {
	echo -n $"Stopping $prog: "
	killproc $prog
	[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/$prog
	return $RETVAL

reload() {
	echo -n $"Reloading $prog: "
	killproc $prog -HUP
	return $RETVAL

case "$1" in
		if [ -f /var/lock/subsys/$prog ]; then
		status $mongod
		echo $"Usage: $0 {start|stop|restart|condrestart|reload|status}"

exit $RETVAL

Make the mongodb initscript executable:

chmod 755 /etc/init.d/mongodb

Start mongodb. It may take a minute to start on slower machines:

/etc/init.d/mongodb start

Enkive (and Postfix)

Now unpack the Enkive tarball and put it in /opt. We also create a symlink here.

tar zxvf enkive-1.2-CE.tar.gz -C /opt/
cd /opt/
ln -s enkive-1.2-CE/ enkive

Create the Enkive socket filter:

cd /opt/enkive/support/filters/postfix/enkive-socket-filter/

This socket filter is now at:


We'll need the path to it for Postfix.

Edit the /etc/postfix/ file as follows. There's already a line at the top for "smtp". You will add a second line below it for the content filter, and then 3-line filter section.

The top of the file should look something like this:

smtp      inet  n       -       n       -       -       smtpd
   -o content_filter=filter:dummy
filter    unix  -       n       n       -       -      pipe
          flags=Rq user=nobody null_sender=
          argv=/opt/enkive/support/filters/postfix/enkive-socket-filter/dist/enkive-socket-filter localhost 2527 ${sender} ${recipient}

Restart Postfix:

/etc/init.d/postfix restart

Copy the indri.jar file from /opt/indri/share/indri/ to /opt/enkive/lib/:

cp -p /opt/enkive/lib/indri.jar /opt/enkive/lib/indri.jar.orig
cp /opt/indri/share/indri/indri.jar /opt/enkive/lib/

Create an "enkive" user. The -r option will make a system user, rather than a regular user:

useradd -r enkive

Allow the new "enkive" user to read and write to Enkive (don't forget the trailing slash!):

chown -R enkive.enkive /opt/enkive/

Prepare the enkive initscript.

cp /opt/enkive/scripts/enkive /etc/init.d/enkive
chmod 755 /etc/init.d/enkive

At the top of the enkive initscript you need to edit several variables.

The relevant portion of the initscript:


# user id under which Enkive is run; a good practice is to create a user specifically to run Enkive (e.g., "enkive")

# path to top-level Enkive directory; this directory would contain "lib" and "config"

# path to the jsvc executable file

# path to top level of the Java JDK (must be a JDK and not a JRE); should contain "bin", "lib", and "lib/tools.jar"

# path to directory that contains file ""

Note: If you installed Java with the rpm, the "JAVA_HOME" line should be:


Now start enkive:

/etc/init.d/enkive start

Give it a few seconds. Then log in to a graphical desktop and use the web browser to go to http://localhost:8888/ediscovery/. Even better: from another computer on your network go to http://enkiveIPaddress:8888/ediscovery/ in a web browser.

Log in as user "enkive" with the password "enkive". There won't be any archived email yet to search. Log out.

Add email to Enkive

The telnet client is usually not installed by default on CentOS 6, so:

yum install telnet

Sent a test email to the Enkive using the telnet client. If you've never done this before, you might want to read the following:

Follow the session below. You can only escape from the telnet session with CTRL-] (not CTRL-C!).

The actual lines you type after telnetting to port 25 are:

ehlo localhost
mail from:<>
rcpt to:<>
From: Bill <>
To: Ted <>
Subject: my first archived email

Archive me, please!


Note that you finally "send" the email by typing a single period by itself on a line, then hit enter. After which, postfix will queue the message.

[root@localhost ~]# telnet localhost 25
Connected to localhost.localdomain (
Escape character is '^]'.
220 localhost.localdomain ESMTP Postfix
ehlo localhost
250-SIZE 10240000
250 DSN
mail from:<>
250 2.1.0 Ok
rcpt to:<>
250 2.1.5 Ok
354 End data with <CR><LF>.<CR><LF>
From: Bill <>
To: Ted <>
Subject: my first archived email

Archive me, please!

250 2.0.0 Ok: queued as 2C27F1E4836
telnet> quit
Connection closed.

Now go back to http://localhost:8888/discovery and log in. You will be able to search for the email.

Final clean up and reboot

Make sure everything starts on boot.

chkconfig --add enkive
chkconfig --add mongodb
chkconfig enkive on
chkconfig mongodb on

Reboot for good measure.

Note: MongoDB should start before Enkive. If you're having issues with Enkive not starting on boot, it could be that MongoDB has not finished starting when Enkive starts. If that's the case, you need to modify the sequence numbers in the mongodb and enkive initscripts. The current settings used here should work, however.


At this point, your Enkive installation is working, but only when SELinux is in permissive mode or if SELinux is disabled entirely. If you switch to enforcing mode, Postfix won't work with the Enkive socket filter because Postfix runs confined in SELinux. What will happen in this case is that Postfix won't have permission to run the Enkive socket filter and will report "permission denied" in /var/log/maillog. Also, any mail that gets sent to postfix will just stay in the mail queue.

If SELinux was in permissive mode, you can look in /var/log/audit/audit.log and check for lines that say "avc denied". This happened when you added mail to the archiver using the telnet client. Permissive mode doesn't actually block the action, but just reports what it would be had it been in enforcing mode.

To modify your SELinux policy, you will need the "audit2allow" command. If you don't have it, you need to install the following package:

yum install policycoreutils-python

The following will work, but read the cautionary note afterward:

cat /var/log/audit/audit.log | audit2allow -M postfixenkive

This will create files called "postfixenkive.te" and "postfixenkive.pp", but you can use whatever name you like. Now install the SELinux module:

semodule -i postfixenkive.pp 

You should be careful with this because you are submitting the entire audit.log to audit2allow. Now if this is being performed on a newly installed server that is solely dedicated to Enkive, this shouldn't be much of a problem.

The following might be preferable and is verified to work on CentOS 6.3. Put the following in a text file called postfixenkive.te:

module postfixenkive 1.0;

require {
	type postfix_pipe_t;
	type usr_t;
	class file { read execute execute_no_trans };

#============= postfix_pipe_t ==============
allow postfix_pipe_t usr_t:file { read execute execute_no_trans };

Run the following commands:

checkmodule -M -m postfixenkive.te -o postfixenkive.mod
semodule_package -m postfixenkive.mod -o postfixenkive.pp
semodule -i postfixenkive.pp

You can temporarily turn on SELinux with:

setenforce 1

and then test Enkive again.

This will put it in enforcing mode, but it won't survive a reboot. If you want this change permanent, modify /etc/selinux/config so that:



If you want to set up a host-based iptables firewall, run:


Remember to leave ports 25 and 8888 open.

You're mostly done

At this point, if you want to start archiving email you will have configure your mail server (and there may be more than one in your organization) to send a duplicate of each email to this Enkive server.

Postfix (including Zimbra), sendmail and exim have different ways of doing this; however, this is not covered here yet.

Personal tools