Nicholas Skinner

Freelance website and web application developer

Archive for April, 2008

Openfire on CentOS 4

Monday, April 21st, 2008

Installed Openfire on my dedicated CentOS 4 server today.  Openfire is one of the server implementations for the open instant messaging protocol XMPP (Jabber).

It was a relatively straight forward process:

  1. Download the RPM from http://www.igniterealtime.org/downloads/index.jsp
  2. Install the RPM “rpm -ivh openfire-3.5.1-1.i386.rpm”
  3. Configure Openfire to start when the server is booted “chkconfig –level 235 openfire on”
  4. Allow Openfire through the firewall:
    iptables -A INPUT -p tcp –dport 9090 -j ACCEPT
    iptables -A INPUT -p tcp –dport 5222 -j ACCEPT
    iptables -A INPUT -p tcp –dport 5223 -j ACCEPT
    iptables -A INPUT -p tcp –dport 5269 -j ACCEPT
    iptables -A INPUT -p tcp –dport 7070 -j ACCEPT
    iptables -A INPUT -p tcp –dport 7443 -j ACCEPT
    /sbin/service iptables save
  5. Visit http://server:9090/ and run through the web based install
  6. Login with username “admin” and the password entered previously
  7. Disable public creation of account (if needed) “Server” > “Server Settings” > “Registration Settings” > “Inband Account Registration”

For extra security I also took the step of configuring Openfire to run from its own user account:

  1. Add a dedicated user account “useradd openfire”
  2. Tell Openfire to use the dedicated user account – edit “/etc/sysconfig/” openfire to contain:
    OPENFIRE_USER=”openfire”
  3. Give the openfire user account permissions to access files: “chown -R openfire:openfire /opt/openfire”