Sep 132009


Requirements for Policyd v2

  • MySQL
  • Net::Server >= 0.96
  • Net::CIDR
  • Config::IniFiles (Debian based: libconfig-inifiles-perl, RPM based: perl-Config-IniFiles)
  • Cache::FastMmap (Debian based: libcache-fastmmap-perl, RPM based: perl-Cache-FastMmap)
  • Mail::SPF (Required for SPF)

Requirements for webui

  • PHP v5+

Download policyd v2

# wget

Build rpm from source tarball

# rpmbuild -ta cluebringer-2.0.7.tar.bz2

Install the rpm

# rpm -ivh /usr/src/redhat/RPMS/cluebringer-2.0.7-1.noarch.rpm

In database/ run…

# for i in  core.tsql access_control.tsql quotas.tsql amavis.tsql checkhelo.tsql checkspf.tsql greylisting.tsql <- press enter
> do <- press enter
>  ./convert-tsql mysql $i <- press enter
> done > policyd.mysql <- press enter

This will build policyd.mysql, be sure to ALWAYS load core.tsql first, you only really need the
schema for the modules you plan to use, no harm in adding all of them though.

Create policyd database

# mysqladmin -u root -ppassword create policyd

Load policyd.mysql into MySQL

# mysql -u root -p policyd < database/policyd.mysql
Enter password:

Press enter

Edit cluebringer.conf and adjust the MySQL server details

#vi /etc/policyd/cluebringer.conf
find the [database] section

Start cbpolicyd service

# /etc/init.d/cbpolicyd start

Make sure the service is started

# ps ax | grep policyd
 7888 ?        Ss     0:00 /usr/bin/perl /usr/sbin/cbpolicyd --config /etc/policyd/cluebringer.conf
 7891 ?        S      0:00 /usr/bin/perl /usr/sbin/cbpolicyd --config /etc/policyd/cluebringer.conf
 7892 ?        S      0:00 /usr/bin/perl /usr/sbin/cbpolicyd --config /etc/policyd/cluebringer.conf
 7893 ?        S      0:00 /usr/bin/perl /usr/sbin/cbpolicyd --config /etc/policyd/cluebringer.conf
 7894 ?        S      0:00 /usr/bin/perl /usr/sbin/cbpolicyd --config /etc/policyd/cluebringer.conf
# netstat -pln | grep :10031
tcp        0      0     *                   LISTEN      7888/perl

By default cbpolicyd not starting automatically at every runlevel.

# chkconfig --list cbpolicyd
cbpolicyd       0:off   1:off   2:off   3:off   4:off   5:off   6:off

We should add it manualy to runlevel

# chkconfig --level 2345 cbpolicyd on

Edit webui config and adjust the MySQL server details

# /etc/policyd/webui.conf

Setup Postfix to use cbpolicyd
Add the following Postfix config…

check_policy_service inet:

in BOTH  smtpd_recipient_restrictions and smtpd_end_of_data_restrictions.

Now configuring httpd part
if you have already working website just create symlink for Poilcyd webui

# ln -s /usr/share/cluebringer/webui/ /path/to/www/webui

Seems like Policyd webui does not protecting the web interface with authentication?

We can create  .htaccess/.htpasswd
Create .htaccess file in /usr/share/cluebringer/webui/

# /usr/share/cluebringer/webui/.htaccess
AuthUserFile /usr/share/cluebringer/webui/.htpasswd
AuthGroupFile /dev/null
AuthName "user and password"
AuthType Basic

require valid-user

Create user with htpasswd

# htpasswd -c /usr/share/cluebringer/webui/.htpasswd your-user

httpasswd will asked for password
Don’t forget to modify httpd config

<Directory "/var/www/html/cabal/policyd">
AllowOverride AuthConfig
Order allow,deny
Allow from all

Point your browser to http://www.yourdomain.tld/policyd/

That’s it for now

Source: INSTALL file cluebringer-2.0.7.tar.bz2

  24 Responses to “Postfix + Centos + Policyd V2 + MySQL”

Comments (24)
  1. I got following error after running:-
    service cbpolicyd start
    Starting cbpolicyd: Bad name after server’ at /usr/sbin/cbpolicyd line 49.

    line 49 of /usr/sbin/cbpolicyd is:-my $server = $self->{‘server’}
    sir can you please resolve this issue.

  2. Hi guys,
    I have installed policyd on centos 6.5 64-bit. I am unable to start cbpolicyd. It gives the following error:-
    tarting cbpolicyd: Can’t locate List/ in @INC (@INC contains: /usr/local/lib/policyd-2.0 /usr/lib/policyd-2.0 /usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5 .) at /usr/share/perl5/vendor_perl/Config/ line 14.
    BEGIN failed–compilation aborted at /usr/share/perl5/vendor_perl/Config/ line 14.
    Compilation failed in require at /usr/sbin/cbpolicyd line 32.
    BEGIN failed–compilation aborted at /usr/sbin/cbpolicyd line 32.

    Can you please help me out on this issue.

  3. Great post Leenoux, thank you.

  4. Hi,
    I have been trying this for months has any one accomplish this on ubuntu server 14.04?

    Thank you

  5. any specific difficulties or errors?tell me more, maybe i can help you 🙂

 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>




This site uses Akismet to reduce spam. Learn how your comment data is processed.