OTRS Migration from Ubuntu to CentOS

This page describes an OTRS migration from one Linux server to another. The background: I had an existing version 3.1.x installation of the OTRS Help Desk system that needed to be upgraded to the latest version (at the time, 3.2.9) and migrated from an Ubuntu 12.04 system to a CentOS 6.1 system. The goal was to create an installation that could be upgraded using the RPM packages provided by OTRS themselves. The version of OTRS in use was the free open-source version.

The OTRS Migration Procedure:

Part I. Install the basics on your CentOS system

1. Install Apache and SSH server, configure SSH server to start on boot, and set up iptables
$ yum install httpd
$ yum install sshd
$ yum install system-config-firewall-tui
$ system-config-firewall-tui
$ chkconfig --level 2345 sshd on

In firewall setup, select ssh and http.

2. (Optional) Set SELinux to permissive
$ vi /etc/selinux/config

Change SELINUX=enabled to SELINUX=permissive.

Part II. Prepare your CentOS system for OTRS

1) Ensure system is updated
$ yum upgrade

a) Also enable unattended updates

$ yum install yum-cron
$ chkconfig yum-cron on
$ vi /etc/sysconfig/yum-cron
2) Install and start MySQL (CentOS 6 package is same version as Ubuntu 12.04, so no compatibility problems)
$ yum install mysql-server
$ service mysqld start
3) Set root password for MySQL
$ mysqladmin -u root password 'PASSWORD'

(At this point you may also wish to remove any ‘test’ or ‘anonymous’ MySQL databases and users. See this StackExchange thread.)

4) Install the latest OTRS packages

a) Install a bunch of Perl dependencies

$ yum install perl-core perl-Crypt-SSLeay perl-LDAP mod_perl perl-TimeDate perl-Net-DNS perl-XML-Parser

b) Install procmail

$ yum install procmail

c) Install OTRS

$ cd /opt
$ wget http://ftp.otrs.org/pub/otrs/RPMS/rhel/6/otrs-3.2.9-01.noarch.rpm
$ chmod 755 otrs-3.2.9-01.noarch.rpm
$ rpm -ivh otrs-3.2.9-01.noarch.rpm

(OTRS installs to /opt/otrs and adds Apache config to /etc/httpd/conf.d)

d) Add ‘otrs’ user if none exists (OTRS 3.2 setup did this automatically)

$ useradd -d /opt/otrs/ -c 'otrs' otrs
$ usermod -G apache otrs

e) Specify a shell so ‘otrs’ user can run commands (you’ll need this later):

Find the otrs user in /etc/passwd:

otrs:x:503:48:OTRS System User:/opt/otrs/:/bin/false

Change to:

otrs:x:503:48:OTRS System User:/opt/otrs/:/bin/bash
5) Set up the Apache virtual host
vi /etc/httpd/conf/httpd.conf

Ensure “Listen 80” is specified.

Still in httpd.conf, add to bottom of file:

<VirtualHost *:80>
    ServerAdmin webmaster@localhost
    DocumentRoot /var/www

    <Directory />
            Options FollowSymLinks
            AllowOverride None
            # Redirect so redirects to otrs
            RedirectMatch permanent (.*)/$ http://help-desk.myserver.com/otrs/index.pl
        <Directory /var/www/>
                Options Indexes FollowSymLinks MultiViews
                AllowOverride None
                Order allow,deny
                allow from all

        ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
        <Directory "/usr/lib/cgi-bin">
                AllowOverride None
                Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
                Order allow,deny
                Allow from all

        ErrorLog /var/log/httpd/error.log

        # Possible values include: debug, info, notice, warn, error, 
        # crit, alert, emerg.
        LogLevel warn

        CustomLog /var/log/httpd/access.log combined

        Alias /doc/ "/usr/share/doc/"
        <Directory "/usr/share/doc/">
                Options Indexes MultiViews FollowSymLinks
                AllowOverride None
                Order deny,allow
                Deny from all
                Allow from ::1/128


Restart Apache, visit http://help-desk.myserver.com/ in your web browser (should see default OTRS page)

6) Set Apache and MySQL to start at normal runlevels
$ chkconfig --list httpd
httpd      0:off   1:off   2:off    3:off    4:off    5:off    6:off

$ chkconfig --level 2345 httpd on

$ chkconfig --list httpd
httpd      0:off   1:off   2:on    3:on    4:on    5:on    6:off

$ chkconfig --list mysqld
mysqld      0:off   1:off   2:off    3:off    4:off    5:off 6:off

$ chkconfig --level 2345 mysqld on

$ chkconfig --list mysqld
mysqld      0:off   1:off   2:on    3:on    4:on    5:on    6:off

Part III: Retrieve database and custom files from existing OTRS system

On your existing Ubuntu system:

1) Stop cron
$ service cron stop
2) Stop Apache
$ service apache2 stop
3) Dump database
$ mysqldump -uroot -p otrs > otrs_07162013.sql
4) Stop MySQL
$ service mysql stop
5) Transfer MySQLdump file and the customized OTRS files to help-desk.myserver.com
$ scp otrs_07162013.sql yourname@help-desk.myserver.com:/home/you/.

Our custom files were as follows:

/opt/otrs/Kernel/Config/Files/Ticket.xml (This one caused problems, so do not copy; see #13 in Part IV below. In general it seems like a bad idea to try to migrate files in Config/ other than Config.pm, GenericAgent.pm and ZZZAuto.pm.)
/opt/otrs/Kernel/Output/HTML/Standard/AgentTicketActionCommon.dtl (Not needed anymore, replaced by OTRS ITSM packages installed on our new server)

Part IV: Install database and settings on new OTRS system

On your CentOS 6 system:

1) Stop all your services
$ service httpd stop
$ service crond stop
$ service postfix stop
2) Create database, create otrs MySQL user, load mysqldump file
$ mysql -uroot -p
mysql> USE otrs;
mysql> SOURCE /path/to/otrs_07162013.sql;
3) Move your custom files into the right places

Paths are same as specified in Part III Step 5 (/opt/otrs). I copied all OTRS 3.2 files to .bak versions before overwriting them.

Since you’re now running a version 3.1 database behind the 3.2 code base, you need to treat this as an upgrade procedure from here on. This is similar to the UPGRADING file included with the OTRS download.

4) Verify your file permissions are correct
$ cd /opt/otrs/
$ bin/otrs.SetPermissions.pl --otrs-user=otrs --web-user=apache --otrs-group=apache --web-group=apache /opt/otrs
5) Double-check to see you have all the Perl dependencies
$ bin/otrs.CheckModules.pl

Result: 1 missing required dependency (perl-YAML-XS), several missing recommended dependencies. To fix:

a) Add RPMforge repository:

$ rpm --import http://apt.sw.be/RPM-GPG-KEY.dag.txt
$ wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm
$ rpm -ivh rpmforge-release-0.5.2-2.el6.rf.*.rpm

b) Install required dependency:

$ yum install perl-YAML-LibYAML

c) Install 1 recommended depdendency (for faster Javascript handling):

$ yum install perl-JSON-XS

d) Install 3 recommended depdendencies (for stats):

$ yum install perl-GD
$ yum install perl-GD-Text-Util
$ yum install perl-GD-Graph

e) Install 1 recommended depdendency (for PDF output):

$ yum install perl-PDF-API2

f) Install 1 recommended depdendency (for faster CSV handling):

$ yum install perl-Text-CSV_XS
6) Check the MySQL database schema (no problems reported)
$ bin/otrs.CheckDB.pl
7) Migrate the database (run as otrs user, not as root)
$ su - otrs
$ scripts/DBUpdate-to-3.2.pl

(no problems reported)

8) Run the config rebuild and clear cache scripts
$ bin/otrs.RebuildConfig.pl
$ bin/otrs.DeleteCache.pl
9) Start up services
$ service cron start
$ service postfix start
$ service httpd start
10) Go to http://help-desk.myserver.com/ and see if you can log in

(It works, awesome)

11) OTRS crontab (email fetches, etc.) isn’t running, so start it
$ su - otrs
$ /opt/otrs/bin/Cron.sh

a) Verify that otrs user is showing the right crontab

$ crontab -u otrs -l

b) Verified that Cron.sh is executed on system boot.

12) Go into the web interface Package Manager, fix any broken modules

a) Uninstalled ‘Support’ module, reported as incompatible with OTRS 3.2; replaced with latest version from online repository

b) Install ITSM package

($ wget http://ftp.otrs.org/pub/otrs/itsm/bundle32/ITSM-3.2.7.opm – then upload through Package Manager UI)

Failed with error:

Backend ERROR: OTRS-CGI-10 Perl: 5.10.1 OS: linux Time: Tue Jul 16 10:33:04 2013 Message: Got a packet bigger than 'max_allowed_packet' bytes

Added to /etc/my.cnf to allow bigger file sizes (ITSM package is ~17MB, MySQL default max file size is 16M):

max_allowed_packet = 20M

Then restarted MySQL:

$ service mysqld restart

After this, ITSM took a little while to install but completed successfully.

c) Install latest iPhone handler

Installed from online repository in Package Manager GUI.

(Steps 13-15 are settings specific to our OTRS install; these were migrated successfully so I skipped these steps. They may be necessary in future upgrades.)

13) Set up email accounts
http://help-desk.myserver.com/otrs/index.pl?Action=AdminSysConfig; Subaction=Edit;SysConfigSubGroup=Core%3A%3ASendmail; SysConfigGroup=Framework

Make sure the “SendmailModule” (the first field) is set to SMTPTLS (campus SMTP). Other settings:

Host: smtp.ournetwork.com
User: otrsuser
Port: 587
14) Reset the CustomerDBLink variable
http://help-desk.myserver.com/otrs/index.pl?Action=AdminSysConfig; Subaction=Edit;SysConfigSubGroup=Frontend%3A%3AAgent; SysConfigGroup=Ticket

Set CustomerDBLink to:

15. Re-enable any toolbar buttons that were disabled.
http://help-desk.myserver.com/otrs/index.pl?Action=AdminSysConfig; Subaction=Edit;SysConfigSubGroup=Frontend%3A%3AAgent%3A%3A ToolBarModule;SysConfigGroup=Ticket
13) Tested receiving and replying to tickets; clicking “Reply” gave Internal Server Error — /var/log/httpd/error.log reported “Can’t use an undefined value as an ARRAY reference at /opt/otrs//Kernel/Modules/AgentTicketCompose.pm line 1527”.

Fixed by restoring our custom /opt/otrs/Kernel/Config/Files/Ticket.xml with the version provided in OTRS 3.2.

14) Set servername to Our-Ticket in Kernel/Config.pm
$Self->{ServerName} = 'Our-Ticket';
15) Open our pfSense firewall so new OTRS system is accessible from outside our network

added to WEBSERVERS alias

16) Scan server with Zenmap to see if it’s running any weird services

(Only sees ports 80 and 22 = correct result):

Completed Service scan at 11:27, 6.02s elapsed (2 services on 1 host)
Initiating OS detection (try #1) against help-desk.myserver.com (
Retrying OS detection (try #2) against help-desk.myserver.com (
NSE: Script scanning
Initiating NSE at 11:27
Completed NSE at 11:27, 0.43s elapsed
Nmap scan report for help-desk.myserver.com (
Host is up (0.0013s latency).
Not shown: 998 filtered ports
22/tcp open  ssh     OpenSSH 5.3 (protocol 2.0)
| ssh-hostkey: 1024 2d:fb:7c:0c:04:ef:70:71:11:a4:d5:8e:5f:4b:4e:29 (DSA)
|_2048 69:00:77:b4:85:1d:0d:51:43:c0:e3:7f:96:9f:4a:9d (RSA)
80/tcp open  http    Apache httpd 2.2.15 ((CentOS))
|_http-methods: No Allow or Public header in OPTIONS response (status code 301)
|_http-favicon: Unknown favicon MD5: 49BF194D1ECCB1E5110957D14559D33D
|_http-title: Login - OTRS ITSM 3.2.7
MAC Address: 00:50:56:9F:76:89 (VMware)
17) Add the OTRS system to our BackupPC server so it gets backed up properly

a) On backuppc, copy /var/backuppc/.ssh/id_rsa.pub to help-desk.myserver.com

$ scp id_rsa.pub you@help-desk.myserver.com:/home/you

b) On help-desk.myserver.com, add id_rsa.pub to root’s authorized keys

$ cd /root
$ cat id_rsa.pub > .ssh/authorized_keys

c) On BackupPC server, check to see that you have password-less login from backuppc user to root@help-desk.myserver.com

$ su backuppc
$ ssh root@help-desk.myserver.com

You should be logged into help-desk.myserver.com without a password prompt.

d) Add help-desk.myserver.com to BackupPC web interface, ensure rsync is selected as transfer type, add /etc, /home, /opt, and /var as backup directories

e) Start a full backup and see if it works.

Job completed successfully in about 2 minutes, .73 GB transferred.

18) Repaired “New Email Ticket” link in Dashboard

a) Updated Kernel/Config/Files/Ticket.xml to change the toolbar link for “New Email Ticket” to a correct query string:


Default link was Action=AgentTicketEmail; which caused OTRS to render a blank page.

b) Ran bin/otrs.RebuildConfig.pl to complete change.

Part V: Cleanup

1. Ran one last full backup of help-desk.myserver.com from BackupPC server

Completed successfully in 2.5 minutes, 1.27 GB transferred.

2. Disabled further backups of old help desk server in BackupPC

Edit Host Config for old help desk, change Schedule -> Blackouts -> BackupsDisable to 2

3. Powered off old help desk server
$ poweroff
4. Removed old help desk server ( from WEBSERVERS alias on pfSense firewall.


Leave a Reply

Your email address will not be published. Required fields are marked *