Diff for /doc/build/Attic/install.html between versions 1.6 and 1.39

version 1.6, 2000/11/17 23:18:00 version 1.39, 2002/12/14 18:35:35
Line 1 Line 1
 <HTML>  <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
 <HEAD>   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 <TITLE>LON-CAPA Installation</TITLE>  <!-- The LearningOnline Network with CAPA -->
 </HEAD>  <!-- $Id$ -->
 <BODY>  <html>
 <H1>LON-CAPA Installation</H1>  <head>
 <H3>Current Installation Procedure</H3>  <meta http-equiv="Content-Type" content="text/html; charset=utf-8"></meta>
 <P>  <title>LON-CAPA Installation</title>
 Scott Harrison  <!-- pdfahref install.pdf -->
 </P>  <!-- button INSTALL -->
 <P>  </head>
 Last updated: 11/01/2000  <body bgcolor='#ffffff'>
 </P>  <!-- preamble start -->
 <P>  <br />&nbsp;
 This is the current list of steps to support LON-CAPA installation.  These steps have  <p>
 been tested.  You will need to check all the following things to ensure proper
 <OL>  installation of your LON-CAPA system.
 <LI>Get Redhat 6.2 on a CD by  </p>
 <UL>  <ul>
 <LI>Using a RedHat 6.2 CD  <li><a href="#wwwuser">
 <LI>Downloading a RedHat 6.2 <A HREF="http://install.lon-capa.org/3.1/currentcdimage">CD image</A> and burning a CD  Creating a user 'www'</a></li>
 <LI>Or, alternatively do a network install from a <A HREF="http://install.lon-capa.org/3.1/currentcdsource">  <li><a href="#shadow">
 RedHat 6.2 CD source tree</A>.  You need to burn a boot floppy disk with a network boot image;  Make a LON-CAPA system work with shadow passwords</a></li>
 <A HREF="http://install.lon-capa.org/3.1/currentcdsource/images/bootnet-20000407.img">  <li><a href="#install">
 bootnet-20000407.img</A>.  (Download the image file; insert a blank floppy disk; and type a  Installing LON-CAPA files</a></li>
 command similar to: <TT>dd if=bootnet-20000407.img of=/dev/fd0</TT>).  For installation, you  <li><a href="#checkrpms">
 need to specify <TT>hobbes.lite.msu.edu/~loninst</TT> as your download URL, and <TT>/3.1/currentcdsource</TT>  Checking your Linux RPMs</a></li>
 as the source location.  <li><a href="#fixhosts">
 </UL>  Fixing <tt>/etc/hosts</tt></a></li>
 <LI>Install RedHat 6.2  <li><a href="#mysql">
 <UL>  Configuring the MySQL database</a></li>
 <LI><B>Important: Do a "GNOME Workstation Install" and go with their default list of packages</B>  <li><a href="#testing">
 <LI><B>Important: Make sure you add a user "www"</B>  Testing to see if the LON-CAPA server is operational</a></li>
 </UL>  </ul>
 <LI>After installation, install extra RPMs/upgrades by downloading all files from  <p>
 <A HREF="http://install.lon-capa.org/3.1/SupplementalRPMS/">  <strong>NOTE:</strong>
 http://install.lon-capa.org/3.1/SupplementalRPMS</A>.  If you want to simultaneously install both RedHat 7.3 and LON-CAPA
 <UL>  (to ensure 100% reliability), follow <a href="rh73.html">these
 <LI>Use this command to install the RPMs you download: <TT>rpm -Uvh --force *.rpm</TT>.  alternative directions</a>.
 </UL>  </p>
 <LI>Remove extra RPMs by downloading and running the script   <br />&nbsp;
 <A HREF="http://install.lon-capa.org/3.1/scripts/remove_extra.sh">  <!-- preamble end -->
 http://install.lon-capa.org/3.1/scripts/remove_extra.sh</A> as root.  <!-- maintext start -->
 <LI>After installing the supplemental RPMS, install a final RPM set by downloading all files from  <a name="wwwuser" />
 <A HREF="http://install.lon-capa.org/3.1/FinalRPMS/">  <h3>Creating a user 'www'</h3>
 http://install.lon-capa.org/3.1/FinalRPMS</A>.  <p>
 <UL>  Execute the following command to create a user named 'www' on your
 <LI>Use this command to install the RPMs you download: <TT>rpm -Uvh --force *.rpm</TT>.  LON-CAPA server:
 </UL>  </p>
 <LI>Configure needed files.  <table bgcolor="#aaaaaa" border="1"><tr><td>
 <UL>  <tt>/usr/sbin/useradd www</tt>
 <LI>Currently, reconfiguration must be handled manually and involves an administrator  </td></tr></table>
 altering configuration files present throughout the system.  For a list of these  <a name="shadow" />
 files and their descriptions, visit <A HREF="http://install.lon-capa.org/3.1/loncapafiles/loncapafiles.html">  <h3>Make a LON-CAPA system work with shadow passwords</h3>
 http://install.lon-capa.org/3.1/loncapafiles/loncapafiles.html</A>.  <table border="1">
 </UL>  <tr><th>Step #</th><th>Description</th></tr>
 <LI>Important files are /etc/httpd/conf/access.conf, /etc/ntp.conf, /etc/krb.conf,    <tr><td>
 /home/httpd/lonTabs/spare.tab, /home/httpd/lonTabs/hosts.tab (if setting up a cluster different  <font size="+1">1</font>
 than MSU's).  </td><td>
 <LI>Unshadow passwords  <p>Is your system using shadow passwords? (Note: LON-CAPA will
 <UL>  work with either MD5/non-MD5 configured systems).  If your
 <PRE>You can do this by these 5 steps:  system is not using shadow passwords, then do not perform
 1. enter the system command, as "root", pwunconv  any of the additional steps.  If your system is using shadow
 2. enter the system command, as "root", grpunconv  passwords, then you will need to perform the additional steps below.
 3. Set the following to be the /etc/pam.d/login file on your system  </p>
 #%PAM-1.0  <p>
 auth       required     /lib/security/pam_securetty.so  <strong>How to detect:</strong>
 auth       required     /lib/security/pam_pwdb.so shadow nullok  <br />command: <tt>cat /etc/passwd | grep ':x:'</tt>
 auth       required     /lib/security/pam_nologin.so  </p>
 account    required     /lib/security/pam_pwdb.so  <p>If there is output such as "<tt>root:x:0:0:root:/root:/bin/bash</tt>",
 password   required     /lib/security/pam_cracklib.so  then your system is using shadow passwords and you will need to continue with
 password   required     /lib/security/pam_pwdb.so nullok use_authtok  the steps below.
 session    required     /lib/security/pam_pwdb.so  </p>
 session    optional     /lib/security/pam_console.so  </td></tr>
 4. Set the following to be the /etc/pam.d/passwd file on your system  <tr><td>
 #%PAM-1.0  <font size='+1'>2</font>
 auth       required     /lib/security/pam_pwdb.so shadow nullok  </td><td>
 account    required     /lib/security/pam_pwdb.so  <p><strong>Retrieve the mod_auth_external source</strong> by
 password   required     /lib/security/pam_cracklib.so retry=3  running the following command
 password   required     /lib/security/pam_pwdb.so use_authtok nullok  </p>
 5. Set/reset passwords.  As "root" use 'passwd', and 'passwd www'  <p><tt>
 to change the important passwords.  This creates crypt-processible  wget http://www.wwnet.net/~janc/software/mod_auth_external-2.1.13.tar.gz
 passwords in /etc/passwd.  </tt>
 </PRE>  </p>
 </UL>  </td></tr>
 <LI>Run, as root, <TT>ln -s /etc/mime.types /etc/httpd/conf/mime.types</TT>  <tr><td>
 <LI>Run, as root, <TT>/etc/rc.d/init.d/httpd start</TT>.  <font size='+1'>3</font>
 <LI>Run, as root, <TT>/etc/rc.d/init.d/loncontrol start</TT>.  </td><td>
 <LI>After 10 minutes, you should be able to check the file <TT>/home/httpd/html/lon-status/index.html</TT>  <p><strong>Unpack the mod_auth_external source</strong> by
 to see if your machine has been successfully set up.  running the following command
 </UL>  </p>
 </OL>  <p>
 </P>  <tt>tar xzvf mod_auth_external-2.1.13.tar.gz</tt>
 <H3>Future Installation Procedure (not yet implemented)</H3>  </p>
 <P>  </td></tr>
 In the future, LON-CAPA Installation will be distributed on a CD complete with a  <tr><td>
 customized interface.  Many elements for doing this have been coded, and are in place, but  <font size='+1'>4</font>
 it awaits completion.  </td><td>
 </P>  <p><strong>Go to the <tt>pwauth</tt> directory</strong> by
 </BODY>  running the following command
 </HTML>  </p>
   <p>
   <tt>cd mod_auth_external-2.1.13/pwauth/</tt>
   </p>
   </td></tr>
   <tr><td>
   <font size='+1'>5</font>
   </td><td>
   <p><strong>Edit <tt>config.h</tt> and change SERVER_UIDS definition</strong>
   </p>
   <p>
   Determine the user id of 'www':
   <br /><tt>grep ^www /etc/passwd | cut -d':' -f3</tt>
   <br />
   Change the line
   <br /><tt>#define SERVER_UIDS 99       /* user "nobody" */</tt>
   <br />to be
   <br /><tt>#define SERVER_UIDS 513      /* user "www" */</tt>
   <br />where in this example 513 corresponds to the user id of 'www'.
   </p>
   </td></tr>
   <tr><td>
   <font size='+1'>6</font>
   </td><td>
   <p><strong>Compile the <tt>pwauth</tt> executable</strong> by
   running the following command
   </p>
   <p>
   <tt>make</tt>
   </p>
   </td></tr>
   <tr><td>
   <font size='+1'>7</font>
   </td><td>
   <p><strong>Install <tt>pwauth</tt></strong> by doing the following
   </p>
   <p>
   <tt>cp pwauth /usr/local/sbin/</tt>
   <br /><tt>chmod 6755 /usr/local/sbin/pwauth</tt>
   </p>
   <p>
   Edit (creating the file) /etc/pam.d/pwauth to have the contents:
   </p>
   <pre>
           auth       required     /lib/security/pam_pwdb.so shadow nullok
           auth       required     /lib/security/pam_nologin.so
           account    required     /lib/security/pam_pwdb.so
   </pre>
   </td></tr>
   </table>
   <a name="install" />
   <h3>Installing LON-CAPA files</h3>
   <p>
   Download the most current
   <a href="http://install.lon-capa.org/versions/loncapa-current.tar.gz">
   loncapa-current.tar.gz</a>.
   </p>
   <table bgcolor="#aaaaaa" border="1">
   <tr><td><tt>wget http://install.lon-capa.org/versions/loncapa-current.tar.gz
   </tt>
   <br />
   <tt>tar xzvf loncapa-current.tar.gz</tt>
   <br />
   <tt>cd loncapa-N.N</tt> (N.N is the version number)</td></tr>
   </table>
   <p>
   The <strong>UPDATE</strong> command will refresh your filesystem with all
   the latest LON-CAPA software.
   </p>
   <table bgcolor="#aaaaaa" border="1">
   <tr><td><tt>./UPDATE</tt></td></tr>
   </table>
   <a name="checkrpms" />
   <h3>Checking your Linux RPMs</h3>
   <p>
   The <strong>CHECKRPMS</strong> command will check the RPMs on your machine
   against an FTP repository.
   </p>
   <table bgcolor="#aaaaaa" border="1">
   <tr><td><tt>./CHECKRPMS</tt></td></tr>
   </table>
   <p>
   Also, please be sure to install the LON-CAPA-systemperl RPM as described on
   the <a href="/docs/downloads/index.html">Downloads</a> page.
   </p>
   <a name="fixhosts" />
   <h3>Fixing <tt>/etc/hosts</tt></h3>
   <p>
   A common RedHat glitch of new installations (RedHat's fault, not LON-CAPA)
   is the generation of /etc/hosts.
   </p>
   <p>
   It should look something like this (except the <tt>myschool</tt> line
   should be replaced with settings specific to your machine):
   </p>
   <table bgcolor="#aaaaaa" border="1">
   <tr><td>
   <pre>
   127.0.0.1 localhost.localdomain localhost
   12.34.56.78 www.myschool.edu myschool
   </pre></td></tr>
   </table>
   <a name="mysql" />
   <h3>Configuring the MySQL database</h3>
   <p>
   The following commands describe how to configure the MySQL database
   on your LON-CAPA server.
   <br />Note:
   </p>
   <ul>
   <li>you should substitute 'ROOTPASSWORD' with something very hard to guess
   (it does not have to be the Linux OS root password)
   </li>
   <li>The MySQL www@localhost user must always have a password of 'localhostkey'
   in order for there to be correct operation of a standard LON-CAPA system.
   </li>
   </ul>
   <p>
   The following instructions assume you are logged in as 'root'.
   </p>
   <p>Entering the mysql shell</p>
   <table bgcolor="#aaaaaa" border="1"><tr><td>
   <pre>
   mysql -u root -p mysql
   OR
   mysql -u root mysql (depending on whether you have set a root password)
   </pre>
   </td></tr></table>
   <p>Creating the mysql 'www' user (after entering mysql shell)</p>
   <table bgcolor="#aaaaaa" border="1"><tr><td>
   <pre>
   mysql> CREATE DATABASE loncapa;
   
   mysql> INSERT INTO user (Host, User, Password)
   mysql> VALUES ('localhost','www',password('localhostkey'));
   
   mysql> INSERT INTO db VALUES ('localhost','loncapa','www',
   mysql> 'Y','Y','Y','Y','Y','Y','N','Y','Y','Y');
   
   mysql> FLUSH PRIVILEGES;
   </pre>
   </td></tr></table>
   <p>SECURITY: set a password for the mysql 'root' user</p>
   <table bgcolor="#aaaaaa" border="1"><tr><td>
   <pre>
   shell> mysql -u root mysql
   mysql> SET PASSWORD FOR root@localhost=PASSWORD('ROOTPASSWORD');
   </pre>
   </td></tr></table>
   <p>SECURITY: only allow access from localhost</p>
   <table bgcolor="#aaaaaa" border="1"><tr><td>
   <pre>
   shell> mysql -u root -p mysql
   mysql> DELETE FROM user WHERE host&lt;&gt;'localhost';
   </pre>
   </td></tr></table>
   <a name="testing" />
   <h3>Testing to see if the LON-CAPA server is operational</h3>
   <p>
   The <strong>TEST</strong> command will check the installation software,
   the perl libraries on your system, the MySQL database, and
   will also automatically test the real-time operation of the 
   LON-CAPA Apache web server.
   </p>
   <table bgcolor="#aaaaaa" border="1">
   <tr><td><tt>./TEST</tt></td></tr>
   </table>
   <p>
   Using the <strong>TEST</strong> command will likely
   be an iterative process.
   It is normal to expect that the <strong>TEST</strong> command
   will recommend you perform various steps to ensure optimal
   performance of your LON-CAPA server.
   </p>
   <!-- maintext end -->
   <!-- validated -->
   </body>
   </html>

Removed from v.1.6  
changed lines
  Added in v.1.39


FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>