Diff for /doc/build/Attic/install.html between versions 1.5 and 1.34

version 1.5, 2000/11/01 16:08:55 version 1.34, 2002/09/23 01:25:09
Line 1 Line 1
 <HTML>  <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
 <HEAD>   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 <TITLE>LON-CAPA Installation</TITLE>  <!-- The LearningOnline Network with CAPA -->
 </HEAD>  <!-- $Id$ -->
 <BODY>  <html>
 <H1>LON-CAPA Installation</H1>  <head>
 <H3>Current Installation Procedure</H3>  <meta http-equiv="Content-Type" content="text/html; charset=utf-8"></meta>
 <P>  <title>LON-CAPA Installation</title>
 Scott Harrison  <!-- pdfahref install.pdf -->
 </P>  <!-- button INSTALL -->
 <P>  </head>
 Last updated: 11/01/2000  <body bgcolor='#ffffff'>
 </P>  <!-- preamble start -->
 <P>  <br />&nbsp;
 This is the current list of steps to support LON-CAPA installation.  These steps have  <p>
 been tested.  You will need to check all the following things to ensure proper
 <OL>  installation of your LON-CAPA system.
 <LI>Get Redhat 6.2 on a CD by  </p>
 <UL>  <ul>
 <LI>Using a RedHat 6.2 CD  <li><a href="#wwwuser">
 <LI>Downloading a RedHat 6.2 <A HREF="http://install.lon-capa.org/3.1/currentcdimage">CD image</A> and burning a CD  Creating a user 'www'</a></li>
 <LI>Or, alternatively do a network install from a <A HREF="http://install.lon-capa.org/3.1/currentcdsource">  <li><a href="#shadow">
 RedHat 6.2 CD source tree</A>.  You need to burn a boot floppy disk with a network boot image;  Make a LON-CAPA system work with shadow passwords</a></li>
 <A HREF="http://install.lon-capa.org/3.1/currentcdsource/images/bootnet-20000407.img">  <li><a href="#install">
 bootnet-20000407.img</A>.  (Download the image file; insert a blank floppy disk; and type a  Installing LON-CAPA files</a></li>
 command similar to: <TT>dd if=bootnet-20000407.img of=/dev/fd0</TT>).  For installation, you  <li><a href="#checkrpms">
 need to specify <TT>http://www.lon-capa.org</TT> as your download URL, and <TT>/install/3.1/currentcdsource</TT>  Checking your Linux RPMs</a></li>
 as the source location.  <li><a href="#mysql">
 </UL>  Configuring the MySQL database</a></li>
 <LI>Install RedHat 6.2  <li><a href="#testing">
 <UL>  Testing to see if the LON-CAPA server is operational</a></li>
 <LI><B>Important: Do a "GNOME Workstation Install" and go with their default list of packages</B>  </ul>
 <LI><B>Important: Make sure you add a user "www"</B>  <p>
 </UL>  <strong>NOTE:</strong>
 <LI>After installation, install extra RPMs/upgrades by downloading all files from  If you want to simultaneously install both RedHat 7.3 and LON-CAPA
 <A HREF="http://install.lon-capa.org/3.1/SupplementalRPMS/">  (to ensure 100% reliability), follow <a href="rh73.html">these
 http://install.lon-capa.org/3.1/SupplementalRPMS</A>.  alternative directions</a>.
 <UL>  </p>
 <LI>Use this command to install the RPMs you download: <TT>rpm -Uvh --force *.rpm</TT>.  <br />&nbsp;
 </UL>  <!-- preamble end -->
 <LI>Remove extra RPMs by downloading and running the script   <!-- maintext start -->
 <A HREF="http://install.lon-capa.org/3.1/scripts/remove_extra.sh">  <a name="wwwuser" />
 http://install.lon-capa.org/3.1/scripts/remove_extra.sh</A> as root.  <h3>Creating a user 'www'</h3>
 <LI>After installing the supplemental RPMS, install a final RPM set by downloading all files from  <p>
 <A HREF="http://install.lon-capa.org/3.1/FinalRPMS/">  Execute the following command to create a user named 'www' on your
 http://install.lon-capa.org/3.1/FinalRPMS</A>.  LON-CAPA server:
 <UL>  </p>
 <LI>Use this command to install the RPMs you download: <TT>rpm -Uvh --force *.rpm</TT>.  <table bgcolor="#aaaaaa" border="1"><tr><td>
 </UL>  <tt>/usr/sbin/useradd www</tt>
 <LI>Configure needed files.  </td></tr></table>
 <UL>  <a name="shadow" />
 <LI>Currently, reconfiguration must be handled manually and involves an administrator  <h3>Make a LON-CAPA system work with shadow passwords</h3>
 altering configuration files present throughout the system.  For a list of these  <table border="1">
 files and their descriptions, visit <A HREF="http://install.lon-capa.org/3.1/loncapafiles/loncapafiles.html">  <tr><th>Step #</th><th>Description</th></tr>
 http://install.lon-capa.org/3.1/loncapafiles/loncapafiles.html</A>.  <tr><td>
 </UL>  <font size="+1">1</font>
 <LI>Important files are /etc/httpd/conf/access.conf, /etc/ntp.conf, /etc/krb.conf,    </td><td>
 /home/httpd/lonTabs/spare.tab, /home/httpd/lonTabs/hosts.tab (if setting up a cluster different  <p>Is your system using shadow passwords? (Note: LON-CAPA will
 than MSU's).  work with either MD5/non-MD5 configured systems).  If your
 <LI>Unshadow passwords  system is not using shadow passwords, then do not perform
 <UL>  any of the additional steps.  If your system is using shadow
 <PRE>You can do this by these 5 steps:  passwords, then you will need to perform the additional steps below.
 1. enter the system command, as "root", pwunconv  </p>
 2. enter the system command, as "root", grpunconv  <p>
 3. Set the following to be the /etc/pam.d/login file on your system  <strong>How to detect:</strong>
 #%PAM-1.0  <br />command: <tt>cat /etc/passwd | grep ':x:'</tt>
 auth       required     /lib/security/pam_securetty.so  </p>
 auth       required     /lib/security/pam_pwdb.so shadow nullok  <p>If there is output such as "<tt>root:x:0:0:root:/root:/bin/bash</tt>",
 auth       required     /lib/security/pam_nologin.so  then your system is using shadow passwords and you will need to continue with
 account    required     /lib/security/pam_pwdb.so  the steps below.
 password   required     /lib/security/pam_cracklib.so  </p>
 password   required     /lib/security/pam_pwdb.so nullok use_authtok  </td></tr>
 session    required     /lib/security/pam_pwdb.so  <tr><td>
 session    optional     /lib/security/pam_console.so  <font size='+1'>2</font>
 4. Set the following to be the /etc/pam.d/passwd file on your system  </td><td>
 #%PAM-1.0  <p><strong>Retrieve the mod_auth_external source</strong> by
 auth       required     /lib/security/pam_pwdb.so shadow nullok  running the following command
 account    required     /lib/security/pam_pwdb.so  </p>
 password   required     /lib/security/pam_cracklib.so retry=3  <p><tt>
 password   required     /lib/security/pam_pwdb.so use_authtok nullok  wget http://www.wwnet.net/~janc/software/mod_auth_external-2.1.13.tar.gz
 5. Set/reset passwords.  As "root" use 'passwd', and 'passwd www'  </tt>
 to change the important passwords.  This creates crypt-processible  </p>
 passwords in /etc/passwd.  </td></tr>
 </PRE>  <tr><td>
 </UL>  <font size='+1'>3</font>
 <LI>Run, as root, <TT>ln -s /etc/mime.types /etc/httpd/conf/mime.types</TT>  </td><td>
 <LI>Run, as root, <TT>/etc/rc.d/init.d/httpd start</TT>.  <p><strong>Unpack the mod_auth_external source</strong> by
 <LI>Run, as root, <TT>/etc/rc.d/init.d/loncontrol start</TT>.  running the following command
 <LI>After 10 minutes, you should be able to check the file <TT>/home/httpd/html/lon-status/index.html</TT>  </p>
 to see if your machine has been successfully set up.  <p>
 </UL>  <tt>tar xzvf mod_auth_external-2.1.13.tar.gz</tt>
 </OL>  </p>
 </P>  </td></tr>
 <H3>Future Installation Procedure (not yet implemented)</H3>  <tr><td>
 <P>  <font size='+1'>4</font>
 In the future, LON-CAPA Installation will be distributed on a CD complete with a  </td><td>
 customized interface.  Many elements for doing this have been coded, and are in place, but  <p><strong>Go to the <tt>pwauth</tt> directory</strong> by
 it awaits completion.  running the following command
 </P>  </p>
 </BODY>  <p>
 </HTML>  <tt>cd mod_auth_external-2.1.13/pwauth/</tt>
   </p>
   </td></tr>
   <tr><td>
   <font size='+1'>5</font>
   </td><td>
   <p><strong>Edit <tt>config.h</tt> and change SERVER_UIDS definition</strong>
   </p>
   <p>
   Determine the user id of 'www':
   <br /><tt>grep ^www /etc/passwd | cut -d':' -f3</tt>
   <br />
   Change the line
   <br /><tt>#define SERVER_UIDS 99       /* user "nobody" */</tt>
   <br />to be
   <br /><tt>#define SERVER_UIDS 513      /* user "www" */</tt>
   <br />where in this example 513 corresponds to the user id of 'www'.
   </p>
   </td></tr>
   <tr><td>
   <font size='+1'>6</font>
   </td><td>
   <p><strong>Compile the <tt>pwauth</tt> executable</strong> by
   running the following command
   </p>
   <p>
   <tt>make</tt>
   </p>
   </td></tr>
   <tr><td>
   <font size='+1'>7</font>
   </td><td>
   <p><strong>Install <tt>pwauth</tt></strong> by doing the following
   </p>
   <p>
   <tt>cp pwauth /usr/local/sbin/</tt>
   <br /><tt>chmod 6755 /usr/local/sbin/pwauth</tt>
   </p>
   <p>
   Edit (creating the file) /etc/pam.d/pwauth to have the contents:
   </p>
   <pre>
           auth       required     /lib/security/pam_pwdb.so shadow nullok
           auth       required     /lib/security/pam_nologin.so
           account    required     /lib/security/pam_pwdb.so
   </pre>
   </td></tr>
   </table>
   <a name="install" />
   <h3>Installing LON-CAPA files</h3>
   <p>
   Download the most current
   <a href="http://install.lon-capa.org/versions/loncapa-current.tar.gz">
   loncapa-current.tar.gz</a>.
   </p>
   <table bgcolor="#aaaaaa" border="1">
   <tr><td><tt>wget http://install.lon-capa.org/versions/loncapa-current.tar.gz
   </tt>
   <br />
   <tt>tar xzvf loncapa-current.tar.gz</tt>
   <br />
   <tt>cd loncapa-N.N</tt> (N.N is the version number)</td></tr>
   </table>
   <p>
   The <strong>UPDATE</strong> command will refresh your filesystem with all
   the latest LON-CAPA software.
   </p>
   <table bgcolor="#aaaaaa" border="1">
   <tr><td><tt>./UPDATE</tt></td></tr>
   </table>
   <a name="checkrpms" />
   <h3>Checking your Linux RPMs</h3>
   <p>
   The <strong>CHECKRPMS</strong> command will check the RPMs on your machine
   against an FTP repository.
   </p>
   <table bgcolor="#aaaaaa" border="1">
   <tr><td><tt>./CHECKRPMS</tt></td></tr>
   </table>
   <a name="mysql" />
   <h3>Configuring the MySQL database</h3>
   <p>
   The following commands describe how to configure the MySQL database
   on your LON-CAPA server.
   <br />Note:
   </p>
   <ul>
   <li>you should substitute 'ROOTPASSWORD' with something very hard to guess
   (it does not have to be the Linux OS root password)
   </li>
   <li>The MySQL www@localhost user must always have a password of 'localhostkey'
   in order for there to be correct operation of a standard LON-CAPA system.
   </li>
   </ul>
   <p>
   The following instructions assume you are logged in as 'root'.
   </p>
   <p>Entering the mysql shell</p>
   <table bgcolor="#aaaaaa" border="1"><tr><td>
   <pre>
   mysql -u root -p mysql
   OR
   mysql -u root mysql (depending on whether you have set a root password)
   </pre>
   </td></tr></table>
   <p>Creating the mysql 'www' user (after entering mysql shell)</p>
   <table bgcolor="#aaaaaa" border="1"><tr><td>
   <pre>
   mysql> CREATE DATABASE loncapa;
   
   mysql> INSERT INTO user (Host, User, Password)
   mysql> VALUES ('localhost','www',password('localhostkey'));
   
   mysql> GRANT ALL PRIVILEGES ON loncapa.* TO www@localhost;
   
   mysql> FLUSH PRIVILEGES;
   </pre>
   </td></tr></table>
   <p>SECURITY: set a password for the mysql 'root' user</p>
   <table bgcolor="#aaaaaa" border="1"><tr><td>
   <pre>
   shell> mysql -u root mysql
   mysql> SET PASSWORD FOR root@localhost=PASSWORD('ROOTPASSWORD');
   </pre>
   </td></tr></table>
   <p>SECURITY: only allow access from localhost</p>
   <table bgcolor="#aaaaaa" border="1"><tr><td>
   <pre>
   shell> mysql -u root -p mysql
   mysql> DELETE FROM user WHERE host&lt;&gt;'localhost';
   </pre>
   </td></tr></table>
   <a name="testing" />
   <h3>Testing to see if the LON-CAPA server is operational</h3>
   <p>
   The <strong>TEST</strong> command will check the installation software,
   the perl libraries on your system, the MySQL database, and
   will also automatically test the real-time operation of the 
   LON-CAPA Apache web server.
   </p>
   <table bgcolor="#aaaaaa" border="1">
   <tr><td><tt>./TEST</tt></td></tr>
   </table>
   <p>
   Using the <strong>TEST</strong> command will likely
   be an iterative process.
   It is normal to expect that the <strong>TEST</strong> command
   will recommend you perform various steps to ensure optimal
   performance of your LON-CAPA server.
   </p>
   <!-- maintext end -->
   <!-- validated -->
   </body>
   </html>

Removed from v.1.5  
changed lines
  Added in v.1.34


FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>