ZoneMinder

From Gentoo Wiki
Jump to:navigation Jump to:search
Resources
Important
ZoneMinder has been removed by this commit. There are unofficial overlays continuing support for this package.

ZoneMinder is open source software used to capture, analyse, record, and monitor cameras.

Installation

Dependencies

This guide includes optional steps for configuring ZoneMinder with php-fpm.

The following required packages must be configured properly for ZoneMinder to work:

USE flags

Enable the following USE flags for dev-lang/php, app-eselect/eselect-php, and media-video/ffmpeg:

FILE /etc/portage/package.use/local
app-eselect/eselect-php apache2 fpm
dev-lang/php cgi pdo sysvipc mysqli inifile intl curl apache2 sockets gd mysql fpm
media-video/ffmpeg x264 jpeg2k x265

Unmask packages

There are a few unstable packages in the tree for ~amd64

FILE /etc/portage/package.accept_keywords/local
www-misc/zoneminder
dev-perl/Class-Std-Fast
dev-perl/IO-Socket-Multicast
dev-perl/SOAP-WSDL
dev-perl/URI-Encode
dev-perl/Data-Entropy
dev-perl/HTTP-Lite
dev-perl/X10
dev-perl/Sys-Mmap
dev-perl/Data-Float
dev-perl/Class-Std

Apache Modules

Proxy is needed for FPM-PHP support.

FILE /etc/portage/make.conf
...
APACHE2_MODULES="${APACHE2_MODULES} proxy proxy_fcgi"
...

Emerge

Install MariaDB, this was decoupled from ebuild allowing users to run database on another host:

root #emerge --ask dev-db/mariadb

Install ZoneMinder:

root #emerge --ask www-misc/zoneminder

Configuration

Apache

  • Select correct version of PHP:
root #eselect php list fpm
  [1]   php7.4
  [2]   php8.0 *

Recent versions of ZoneMinder will warn if the local timezone is unset and reverts to using UTC, instead of throwing failures as seen with previous releases.

  • Edit your active php module /etc/php/MODULE-VERSION)/php.ini to reflect the following:
FILE /etc/php/fpm-php8.0/php.ini
date.timezone = <Country/City>
  • Edit /etc/conf.d/apache2 and add -D PHP -D PROXY to APACHE2_OPTS:
FILE /etc/conf.d/apache2
APACHE2_OPTS="-D DEFAULT_VHOST -D INFO -D SSL -D SSL_DEFAULT_VHOST -D LANGUAGE -D PHP -D PROXY"
FILE /etc/apache2/modules.d/70_mod_php.conf
...
        <FilesMatch "\.(php|php[57]|phtml)$">
                SetHandler "proxy:unix:/var/run/php-fpm/www.sock|fcgi://localhost"
        </FilesMatch>
...
  • The package will create an Apache vhost in /etc/apache2/vhosts.d/10_zoneminder.conf
FILE /etc/apache2/vhosts.d/10_zoneminder.conf
# Remember to enable cgi mod (i.e. "a2enmod cgi").
ScriptAlias /zm/cgi-bin/zms "/usr/libexec/zoneminder/cgi-bin/zms"
ScriptAlias /zm/cgi-bin/nph-zms "/usr/libexec/zoneminder/cgi-bin/nph-zms"

<Directory "/usr/libexec/zoneminder/cgi-bin">
    Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
    AllowOverride All
    Require all granted
</Directory>


# Order matters. This alias must come first.
Alias /zm/cache "/var/cache/zoneminder"
<Directory "/var/cache/zoneminder">
    Options -Indexes +FollowSymLinks
    AllowOverride None
    Require all granted
</Directory>

Alias /zoneminder "/usr/share/zoneminder/www"
Alias /zm "/usr/share/zoneminder/www"
<Directory "/usr/share/zoneminder/www">
  Options -Indexes +FollowSymLinks
    DirectoryIndex index.php
    AllowOverride None
    Require all granted
</Directory>

# For better visibility, the following directives have been migrated from the
# default .htaccess files included with the CakePHP project.
# Parameters not set here are inherited from the parent directive above.
<Directory "/usr/share/zoneminder/www/api">
   RewriteEngine on
   RewriteRule ^$ app/webroot/ [L]
   RewriteRule (.*) app/webroot/$1 [L]
   RewriteBase /zm/api
</Directory>

<Directory "/usr/share/zoneminder/www/api/app">
   RewriteEngine on
   RewriteRule ^$ webroot/ [L]
   RewriteRule (.*) webroot/$1 [L]
   RewriteBase /zm/api
</Directory>

<Directory "/usr/share/zoneminder/www/api/app/webroot">
    RewriteEngine On
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteRule ^ index.php [L]
    RewriteBase /zm/api
</Directory>

FPM-PHP

/etc/php/fpm-php8.0/fpm.d/www.conf needs to be adjusted to listen on UNIX socket and run as Apache. While a separate UID/GUI could be created for this, the /var/log/zm/ and /etc/zm/conf.d/private.conf permissions would also need to be adjusted.

FILE /etc/php/fpm-php8.0/fpm.d/www.conf
...
[www]
user = apache
group = apache

listen = /var/run/php-fpm/www.sock
listen.owner = apache
listen.group = apache
...

MySQL

  • Create ZoneMinder's database, zm, and setup a new user zmuser.
root #mysql -p
mysql> create database zm;

mysql> grant lock tables,alter,drop,select,insert,update,delete,create,index,alter routine,create routine, trigger,execute on zm.* to 'zmuser'@localhost identified by 'zmpass';
Query OK, 0 rows affected (0.00 sec)

mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)

mysql> exit;
  • Import the database schema and base data, the .sql script is created by the configure phase above, so make sure you do that first.
root #mysql -p zm < /usr/share/zoneminder/db/zm_create.sql

ZoneMinder

To make custom changes, create a new configuration file, with an extension of .conf, under the /etc/zm/conf.d folder, containing your desired modifications. Adjust the permissions to protect credentials and make it readable by your web server.

For example, creating new /etc/zm/conf.d/99-local.conf

root #touch /etc/zm/conf.d/99-local.conf
root #chmod 640 /etc/zm/conf.d/99-local.conf
root #chown root:apache /etc/zm/conf.d/99-local.conf

Configuration files

  • Edit your new local configuration file and add the above MySQL database username and password:
FILE /etc/zm/conf.d/99-local.conf
# ZoneMinder database user
ZM_DB_USER=zmuser

# ZoneMinder database password
ZM_DB_PASS=zmpass

Init

OpenRC

Add Apache to the default runlevel and start the service:

root #rc-update add apache2 default
root #rc-service apache2 start

Add PHP to the default runlevel and start the service:

root #rc-update add php-fpm default
root #rc-service php-fpm start

Add MySQL to the default runlevel and start the service:

root #rc-update add mysql default
root #rc-service mysql start

Add ZoneMinder to the default runlevel and start:

root #rc-update add zoneminder default
root #rc-service zoneminder start

systemd

Enable the Apache to start on system boot and start the service:

root #systemctl enable apache2
root #systemctl start apache2

Enable the PHP service to start on system boot and start the service:

root #systemctl enable php-fpm
root #systemctl start php-fpm

Enable the MySQL service to start on system boot and start the service:

root #systemctl enable mysql
root #systemctl start mysql

Enable the ZoneMinder service to start on system boot and start the service:

root #systemctl enable zoneminder
root #systemctl start zoneminder

SELinux

When using SELinux, first create a SELinux policy for the application:

FILE local_zoneminder.teType enforcement rules for ZoneMinder
module local_zoneminder 1.0; 

require { 
               type httpd_t;
               type initrc_var_run_t;
               type initrc_t;
               type v4l_device_t;
               type file_t;
              class unix_stream_socket { read connectto };
              class file { read lock };
              class shm { unix_read unix_write associate read write getattr };
              class chr_file getattr;
}

#============= httpd_t ============== 
allow httpd_t initrc_t:unix_stream_socket connectto;
allow httpd_t initrc_t:shm { unix_read unix_write associate read write getattr };
allow httpd_t initrc_var_run_t:file { read lock };
allow httpd_t v4l_device_t:chr_file getattr;

Now build the modules:

root #checkmodule -M -m -o local_zoneminder.mod local_zoneminder.te
root #semodule_package -o local_zoneminder.pp -m local_zoneminder.mod
root #semodule -i local_zoneminder.pp

Other

Shared memory:

root #sysctl kernel.shmmax=536870912

Upgrading

ZoneMinder includes a Perl utility zmupdate.pl to update the database schema as needed. Note: a Perl interpreter will required to run the script.

Normally you just need to run zmupdate.pl without parameters, credentials are read from configurations under /etc/zm. If you have a unique upgrade situation, you can specify the previous version and database credentials for the zm database:

root #/usr/bin/zmupdate.pl --version=1.30.2 --user=zmuser --pass=zmpass
Initiating database upgrade to version 1.30.4 from version 1.30.2

Please ensure that ZoneMinder is stopped on your system prior to upgrading the database.
Press enter to continue or ctrl-C to stop :

Do you wish to take a backup of your database prior to upgrading?
This may result in a large file in /var/tmp/zm if you have a lot of events.
Press 'y' for a backup or 'n' to continue : y
Creating backup to /var/tmp/zm/zm-1.30.2.dump. This may take several minutes.
Database successfully backed up to /var/tmp/zm/zm-1.30.2.dump, proceeding to upgrade.

Upgrading database to version 1.30.4
Loading config from DB
Saving config to DB
Upgrading DB to 1.30.3 from 1.30.2

Database successfully upgraded to version 1.30.3.
Upgrading DB to 1.30.4 from 1.30.2

Database successfully upgraded to version 1.30.4.

Database upgrade to version 1.30.4 successful.

See also

  • PHP — a general-purpose server-side scripting language to produce dynamic web pages.
  • Apache — an efficient, extensible web server. It is one of the most popular web servers used the Internet.
  • MariaDB — is an enhanced, drop-in MySQL replacement.