doc/install/linux/install.pl - diff

Return to install.pl CVS log

Up to [LON-CAPA] / doc / install / linux

Diff for /doc/install/linux/install.pl between versions 1.71 and 1.92

version 1.71, 2021/03/16 01:03:04	version 1.92, 2024/07/28 13:21:34
Line 212 sub get_distro {	Line 212 sub get_distro {
$distro = 'rhes'.$1;	$distro = 'rhes'.$1;
$updatecmd = 'dnf install LONCAPA-prerequisites';	$updatecmd = 'dnf install LONCAPA-prerequisites';
$installnow = 'dnf -y install LONCAPA-prerequisites';	$installnow = 'dnf -y install LONCAPA-prerequisites';
} elsif ($versionstring =~ /CentOS(?:\| Linux) release (\d+)/) {	} elsif ($versionstring =~ /CentOS(\| Linux\| Stream) release (\d+)/) {
$distro = 'centos'.$1;	$distro = 'centos'.$2;
	if ($1 eq ' Stream') {
	$distro .= '-stream';
	}
$updatecmd = 'yum install LONCAPA-prerequisites';	$updatecmd = 'yum install LONCAPA-prerequisites';
$installnow = 'yum -y install LONCAPA-prerequisites';	$installnow = 'yum -y install LONCAPA-prerequisites';
} elsif ($versionstring =~ /Scientific Linux (?:SL )?release ([\d.]+) /) {	} elsif ($versionstring =~ /Scientific Linux (?:SL )?release ([\d.]+) /) {
Line 222 sub get_distro {	Line 225 sub get_distro {
$distro = 'scientific'.$ver;	$distro = 'scientific'.$ver;
$updatecmd = 'yum install LONCAPA-prerequisites';	$updatecmd = 'yum install LONCAPA-prerequisites';
$installnow = 'yum -y install LONCAPA-prerequisites';	$installnow = 'yum -y install LONCAPA-prerequisites';
	} elsif ($versionstring =~ /Rocky Linux release ([\d.]+)/) {
	my $ver = $1;
	$ver =~ s/\.\d+$//;
	$distro = 'rocky'.$ver;
	$updatecmd = 'dnf install LONCAPA-prerequisites';
	$installnow = 'dnf -y install LONCAPA-prerequisites';
	} elsif ($versionstring =~ /AlmaLinux release ([\d.]+) /) {
	my $ver = $1;
	$ver =~ s/\.\d+$//;
	$distro = 'alma'.$ver;
	$updatecmd = 'dnf install LONCAPA-prerequisites';
	$installnow = 'dnf -y install LONCAPA-prerequisites';
} else {	} else {
print &mt('Unable to interpret [_1] to determine system type.',	print &mt('Unable to interpret [_1] to determine system type.',
'/etc/redhat-release')."\n";	'/etc/redhat-release')."\n";
Line 457 sub check_locale {	Line 472 sub check_locale {
'/etc/sysconfig/i18n');	'/etc/sysconfig/i18n');
$earlyout = 1;	$earlyout = 1;
}	}
} elsif ($distro =~ /^(?:rhes\|centos\|scientific\|oracle)(\d+)/) {	} elsif ($distro =~ /^(?:rhes\|centos\|scientific\|oracle\|rocky\|alma)(\d+)/) {
if ($1 >= 7) {	if ($1 >= 7) {
if (!open($fh,"</etc/locale.conf")) {	if (!open($fh,"</etc/locale.conf")) {
print &mt('Failed to open: [_1], default locale not checked.',	print &mt('Failed to open: [_1], default locale not checked.',
Line 557 sub check_required {	Line 572 sub check_required {
if ($mysqlsetup eq 'needsrestart') {	if ($mysqlsetup eq 'needsrestart') {
$mysqlrestart = '';	$mysqlrestart = '';
if ($distro eq 'ubuntu') {	if ($distro eq 'ubuntu') {
$mysqlrestart = 'sudo ';	$mysqlrestart = 'sudo ';
}	}
$mysqlrestart .= 'service mysql restart';	$mysqlrestart .= 'service mysql restart';
return ($distro,$gotprereqs,$localecmd,$packagecmd,$updatecmd,$installnow,$mysqlrestart);	return ($distro,$gotprereqs,$localecmd,$packagecmd,$updatecmd,$installnow,$mysqlrestart);
Line 580 sub check_required {	Line 595 sub check_required {
my ($sslhostsfilesref,$has_std,$has_int,$rewritenum,$nochgstd,$nochgint);	my ($sslhostsfilesref,$has_std,$has_int,$rewritenum,$nochgstd,$nochgint);
($recommended{'firewall'},$apachefw) = &chkfirewall($distro);	($recommended{'firewall'},$apachefw) = &chkfirewall($distro);
($recommended{'runlevels'},$tostop,$uses_systemctl) = &chkconfig($distro,$instdir);	($recommended{'runlevels'},$tostop,$uses_systemctl) = &chkconfig($distro,$instdir);
	if ((ref($uses_systemctl) eq 'HASH') && ($uses_systemctl->{'apache'})) {
	$recommended{'systemd'} = &check_systemd_security($distro);
	}
$recommended{'apache'} = &chkapache($distro,$instdir);	$recommended{'apache'} = &chkapache($distro,$instdir);
($recommended{'apachessl'},$sslhostsfilesref,$has_std,$has_int,$rewritenum,	($recommended{'apachessl'},$sslhostsfilesref,$has_std,$has_int,$rewritenum,
$nochgstd,$nochgint) = &chkapachessl($distro,$instdir,$hostname,$hostip);	$nochgstd,$nochgint) = &chkapachessl($distro,$instdir,$hostname,$hostip);
$recommended{'stopsrvcs'} = &chksrvcs($distro,$tostop);	$recommended{'stopsrvcs'} = &chksrvcs($distro,$tostop);
($recommended{'download'},$downloadstatus,$filetouse,$production,$testing)	($recommended{'download'},$downloadstatus,$filetouse,$production,$testing)
= &need_download();	= &need_download($distro,$instdir);
return ($distro,$gotprereqs,$localecmd,$packagecmd,$updatecmd,$installnow,	return ($distro,$gotprereqs,$localecmd,$packagecmd,$updatecmd,$installnow,
$mysqlrestart,\%recommended,$dbh,$has_pass,$mysql_unix_socket,	$mysqlrestart,\%recommended,$dbh,$has_pass,$mysql_unix_socket,
$has_lcdb,$downloadstatus,$filetouse,$production,$testing,$apachefw,	$has_lcdb,$downloadstatus,$filetouse,$production,$testing,$apachefw,
Line 607 sub check_mysql_running {	Line 625 sub check_mysql_running {
$process = 'mysqld';	$process = 'mysqld';
$proc_owner = 'mysql';	$proc_owner = 'mysql';
}	}
	if ($1 >= 16) {
	$use_systemctl = 1;
	}
	} elsif ($distro =~ /^debian(\w+)/) {
	if ($1 >= 10) {
	$process = 'mysql';
	$proc_owner = 'mysql';
	}
	if ($1 >= 11) {
	$mysqldaemon = 'mariadb';
	}
	if ($1 >= 9) {
	$use_systemctl = 1;
	}
} elsif ($distro =~ /^fedora(\d+)/) {	} elsif ($distro =~ /^fedora(\d+)/) {
if ($1 >= 16) {	if ($1 >= 16) {
$process = 'mysqld';	$process = 'mysqld';
Line 616 sub check_mysql_running {	Line 648 sub check_mysql_running {
if ($1 >= 19) {	if ($1 >= 19) {
$mysqldaemon ='mariadb';	$mysqldaemon ='mariadb';
}	}
} elsif ($distro =~ /^(?:centos\|rhes\|scientific\|oracle)(\d+)/) {	if ($1 >= 34) {
	$process = 'mariadb';
	}
	} elsif ($distro =~ /^(?:centos\|rhes\|scientific\|oracle\|rocky\|alma)(\d+)/) {
if ($1 >= 7) {	if ($1 >= 7) {
$mysqldaemon ='mariadb';	$mysqldaemon ='mariadb';
$process = 'mysqld';	$process = 'mysqld';
$proc_owner = 'mysql';	$proc_owner = 'mysql';
$use_systemctl = 1;	$use_systemctl = 1;
}	}
	if ($1 >= 9) {
	$process = 'mariadb';
	}
} elsif ($distro =~ /^sles(\d+)/) {	} elsif ($distro =~ /^sles(\d+)/) {
if ($1 >= 12) {	if ($1 >= 12) {
$use_systemctl = 1;	$use_systemctl = 1;
Line 743 sub chkconfig {	Line 781 sub chkconfig {
if (($distro =~ /^ubuntu/) && ($version <= 8)) {	if (($distro =~ /^ubuntu/) && ($version <= 8)) {
$daemon{'cups'} = 'cupsys';	$daemon{'cups'} = 'cupsys';
}	}
if (($distro =~ /^ubuntu/) && ($version >= 18)) {	if ((($distro =~ /^ubuntu/) && ($version >= 18)) \|\|
	(($distro =~ /^debian/) && ($version >= 10))) {
$daemon{'ntp'} = 'chrony';	$daemon{'ntp'} = 'chrony';
}	}
	if (($distro =~ /^debian/) && ($version >= 11)) {
	$daemon{'mysql'} = 'mariadb';
	}
} elsif ($distro =~ /^fedora(\d+)/) {	} elsif ($distro =~ /^fedora(\d+)/) {
my $version = $1;	my $version = $1;
if ($version >= 15) {	if ($version >= 15) {
Line 763 sub chkconfig {	Line 805 sub chkconfig {
if ($version >= 26) {	if ($version >= 26) {
$daemon{'ntp'} = 'chronyd';	$daemon{'ntp'} = 'chronyd';
}	}
} elsif ($distro =~ /^(?:centos\|rhes\|scientific\|oracle)(\d+)/) {	} elsif ($distro =~ /^(?:centos\|rhes\|scientific\|oracle\|rocky\|alma)(\d+)/) {
my $version = $1;	my $version = $1;
if ($version >= 7) {	if ($version >= 7) {
$uses_systemctl{'ntp'} = 1;	$uses_systemctl{'ntp'} = 1;
Line 868 sub chkconfig {	Line 910 sub chkconfig {
return (\%needfix,\%tostop,\%uses_systemctl);	return (\%needfix,\%tostop,\%uses_systemctl);
}	}

	sub check_systemd_security {
	my ($distro) = @_;
	my $service = 'httpd.service';
	if ($distro =~ /^(suse\|sles\|ubuntu\|debian)/) {
	$service = 'apache2.service';
	}
	system("systemctl daemon-reload");
	if (open(PIPE,"systemctl show $service --property=ProtectHome 2>/dev/null \|")) {
	my $protection = <PIPE>;
	close(PIPE);
	chomp($protection);
	if ($protection =~ /^ProtectHome=(read-only\|yes)$/i) {
	return 1;
	}
	} else {
	print &mt('Could not check systemctl configuration for Apache')."\n";
	}
	return 0;
	}

sub uses_firewalld {	sub uses_firewalld {
my ($distro) = @_;	my ($distro) = @_;
my ($inuse,$checkfirewalld,$zone);	my ($inuse,$checkfirewalld,$zone);
Line 879 sub uses_firewalld {	Line 941 sub uses_firewalld {
if ($1 >= 18) {	if ($1 >= 18) {
$checkfirewalld = 1;	$checkfirewalld = 1;
}	}
} elsif ($distro =~ /^(?:centos\|rhes\|scientific\|oracle)(\d+)/) {	} elsif ($distro =~ /^(?:centos\|rhes\|scientific\|oracle\|rocky\|alma)(\d+)/) {
if ($1 >= 7) {	if ($1 >= 7) {
$checkfirewalld = 1;	$checkfirewalld = 1;
}	}
}	}
if ($checkfirewalld) {	if ($checkfirewalld) {
my ($loaded,$active);	my ($loaded,$active);
if (open(PIPE,"systemctl status firewalld \|")) {	if (open(PIPE,"systemctl status firewalld 2>/dev/null \|")) {
while (<PIPE>) {	while (<PIPE>) {
chomp();	chomp();
if (/^\s*Loaded:\s+(\w+)/) {	if (/^\s*Loaded:\s+(\w+)/) {
$loaded = $1;	$loaded = $1;
}	}
if (/^\s*Active\s+(\w+)/) {	if (/^\s*Active:\s+(\w+)/) {
$active = $1;	$active = $1;
}	}
}	}
Line 971 sub chkapache {	Line 1033 sub chkapache {
my $distname = $1;	my $distname = $1;
my $version = $2;	my $version = $2;
my ($stdconf,$stdsite);	my ($stdconf,$stdsite);
if (($distname eq 'ubuntu') && ($version > 12)) {	if ((($distname eq 'ubuntu') && ($version > 12)) \|\|
	(($distname eq 'debian') && ($version >= 10))) {
$stdconf = "$instdir/debian-ubuntu/ubuntu14/loncapa_conf";	$stdconf = "$instdir/debian-ubuntu/ubuntu14/loncapa_conf";
$stdsite = "$instdir/debian-ubuntu/ubuntu14/loncapa_sites";	$stdsite = "$instdir/debian-ubuntu/ubuntu14/loncapa_sites";
} else {	} else {
Line 982 sub chkapache {	Line 1045 sub chkapache {
print &mt('Warning: No LON-CAPA Apache configuration file found for installation check.')."\n";	print &mt('Warning: No LON-CAPA Apache configuration file found for installation check.')."\n";
} else {	} else {
my ($configfile,$sitefile);	my ($configfile,$sitefile);
if (($distname eq 'ubuntu') && ($version > 12)) {	if ((($distname eq 'ubuntu') && ($version > 12)) \|\|
	(($distname eq 'debian') && ($version >= 10))) {
$sitefile = '/etc/apache2/sites-available/loncapa.conf';	$sitefile = '/etc/apache2/sites-available/loncapa.conf';
$configfile = '/etc/apache2/conf-available/loncapa.conf';	$configfile = '/etc/apache2/conf-available/loncapa.conf';
} else {	} else {
Line 998 sub chkapache {	Line 1062 sub chkapache {
}	}
}	}
}	}
if ((!$fixapache) && ($distname eq 'ubuntu') && ($version > 12)) {	if ((!$fixapache) && ((($distname eq 'ubuntu') && ($version > 12)) \|\|
	(($distname eq 'debian') && ($version >= 10)))) {
if (($sitefile ne '') && (-e $sitefile) && (-e $stdsite)) {	if (($sitefile ne '') && (-e $sitefile) && (-e $stdsite)) {
if (open(PIPE, "diff --brief $stdsite $sitefile \|")) {	if (open(PIPE, "diff --brief $stdsite $sitefile \|")) {
my $diffres = <PIPE>;	my $diffres = <PIPE>;
close(PIPE);	close(PIPE);
chomp($diffres);	chomp($diffres);
unless ($diffres) {	if ($diffres) {
	$fixapache = 1;
	} else {
$fixapache = 0;	$fixapache = 0;
}	}
}	}
Line 1018 sub chkapache {	Line 1085 sub chkapache {
}	}
}	}
}	}
if ((!$fixapache) && ($distname eq 'ubuntu')) {	if ((!$fixapache) && (($distname eq 'ubuntu') \|\| ($distname eq 'debian'))) {
my $sitestatus = "/etc/apache2/mods-available/status.conf";	my $sitestatus = "/etc/apache2/mods-available/status.conf";
my $stdstatus = "$instdir/debian-ubuntu/status.conf";	my $stdstatus = "$instdir/debian-ubuntu/status.conf";
if ((-e $stdstatus) && (-e $sitestatus)) {	if ((-e $stdstatus) && (-e $sitestatus)) {
Line 1072 sub chkapache {	Line 1139 sub chkapache {
} else {	} else {
my $configfile = 'httpd.conf';	my $configfile = 'httpd.conf';
my $mpmfile = 'mpm.conf';	my $mpmfile = 'mpm.conf';
if ($distro =~ /^(?:centos\|rhes\|scientific\|oracle)(\d+)$/) {	if ($distro =~ /^(?:centos\|rhes\|scientific\|oracle\|rocky\|alma)(\d+)/) {
if ($1 >= 7) {	if ($1 >= 7) {
$configfile = 'apache2.4/httpd.conf';	$configfile = 'apache2.4/httpd.conf';
} elsif ($1 > 5) {	} elsif ($1 > 5) {
Line 1369 sub chkapachessl {	Line 1436 sub chkapachessl {
foreach my $file (sort(keys(%{$sslfiles{$key}}))) {	foreach my $file (sort(keys(%{$sslfiles{$key}}))) {
unless ((-l "$enabled_dir/$file") &&	unless ((-l "$enabled_dir/$file") &&
(readlink("$enabled_dir/$file") eq "$ssldir/$file")) {	(readlink("$enabled_dir/$file") eq "$ssldir/$file")) {
print_and_log(&mt("Warning, use: 'sudo a2ensite $file' to activate LON-CAPA SSL Apache config\n"));	if ($distro =~ /^debian(\d+)$/) {
	print_and_log(&mt("Warning, use: 'a2ensite $file' to activate LON-CAPA SSL Apache config\n"));
	} elsif ($distro =~ /^ubuntu(\d+)$/) {
	print_and_log(&mt("Warning, use: 'sudo a2ensite $file' to activate LON-CAPA SSL Apache config\n"));
	}
}	}
}	}
}	}
Line 1440 sub chksrvcs {	Line 1511 sub chksrvcs {
}	}

sub need_download {	sub need_download {
	my ($distro,$instdir) = @_;
my $needs_download = 1;	my $needs_download = 1;
my ($production,$testing,$stdsizes) = &download_versionslist();	my ($production,$testing,$stdsizes) = &download_versionslist();
my ($rootdir,$localcurrent,$localtesting,%tarball,%localsize,%bymodtime,	my ($localcurrent,$localtesting,%tarball,%localsize,%bymodtime,
%bysize,$filetouse,$downloadstatus);	%bysize,$filetouse,$downloadstatus);
$rootdir = '/root';	if (opendir(my $dir,$instdir)) {
if (opendir(my $dir,"$rootdir")) {
my (@lcdownloads,$version);	my (@lcdownloads,$version);
foreach my $file (readdir($dir)) {	foreach my $file (readdir($dir)) {
if ($file =~ /^loncapa\-([\w\-.]+)\.tar\.gz$/) {	if ($file =~ /^loncapa\-([\w\-.]+)\.tar\.gz$/) {
Line 1455 sub need_download {	Line 1526 sub need_download {
}	}
if (ref($stdsizes) eq 'HASH') {	if (ref($stdsizes) eq 'HASH') {
if ($version eq 'current') {	if ($version eq 'current') {
my @stats = stat("$rootdir/$file");	my @stats = stat("$instdir/$file");
$localcurrent = $stats[7];	$localcurrent = $stats[7];
if ($localcurrent == $stdsizes->{$production}) {	if ($localcurrent == $stdsizes->{$production}) {
$needs_download = 0;	$needs_download = 0;
$filetouse = $file;	$filetouse = $file;
}	}
} elsif ($version eq 'testing') {	} elsif ($version eq 'testing') {
my @stats = stat("$rootdir/$file");	my @stats = stat("$instdir/$file");
$localtesting = $stats[7];	$localtesting = $stats[7];
if ($localtesting == $stdsizes->{$testing}) {	if ($localtesting == $stdsizes->{$testing}) {
$needs_download = 0;	$needs_download = 0;
Line 1476 sub need_download {	Line 1547 sub need_download {
if ($needs_download) {	if ($needs_download) {
if (@lcdownloads > 0) {	if (@lcdownloads > 0) {
foreach my $version (@lcdownloads) {	foreach my $version (@lcdownloads) {
my @stats = stat("$rootdir/$tarball{$version}");	my @stats = stat("$instdir/$tarball{$version}");
my $mtime = $stats[9];	my $mtime = $stats[9];
$localsize{$version} = $stats[7];	$localsize{$version} = $stats[7];
if ($mtime) {	if ($mtime) {
Line 1509 sub need_download {	Line 1580 sub need_download {
my $newest = $sorted[0];	my $newest = $sorted[0];
if (ref($bymodtime{$newest}) eq 'ARRAY') {	if (ref($bymodtime{$newest}) eq 'ARRAY') {
$downloadstatus =	$downloadstatus =
"Latest LON-CAPA source download in $rootdir is: ".	"Latest LON-CAPA source download in $instdir is: ".
join(',',@{$bymodtime{$newest}})." (downloaded ".	join(',',@{$bymodtime{$newest}})." (downloaded ".
localtime($newest).")\n";	localtime($newest).")\n";
}	}
} else {	} else {
$downloadstatus =	$downloadstatus =
"The $rootdir directory already contains the latest LON-CAPA version:".	"The $instdir directory already contains the latest LON-CAPA version:".
"\n".$filetouse."\n"."which can be used for installation.\n";	"\n".$filetouse."\n"."which can be used for installation.\n";
}	}
} else {	} else {
$downloadstatus = "The $rootdir directory does not appear to contain any downloaded LON-CAPA source code files which can be used for installation.\n";	$downloadstatus = "The $instdir directory does not appear to contain any downloaded LON-CAPA source code files which can be used for installation.\n";
}	}
}	}
} else {	} else {
$downloadstatus = "Could not open $rootdir directory to look for existing downloads of LON-CAPA source code.\n";	$downloadstatus = "Could not open $instdir directory to look for existing downloads of LON-CAPA source code.\n";
}	}
return ($needs_download,$downloadstatus,$filetouse,$production,$testing);	return ($needs_download,$downloadstatus,$filetouse,$production,$testing);
}	}
Line 1532 sub check_mysql_setup {	Line 1603 sub check_mysql_setup {
my ($instdir,$dsn,$distro) = @_;	my ($instdir,$dsn,$distro) = @_;
my ($mysqlsetup,$has_pass,$mysql_unix_socket,$mysql_has_wwwuser);	my ($mysqlsetup,$has_pass,$mysql_unix_socket,$mysql_has_wwwuser);
my $dbh = DBI->connect($dsn,'root','',{'PrintError'=>0});	my $dbh = DBI->connect($dsn,'root','',{'PrintError'=>0});
my ($mysqlversion,$mysqlsubver,$mysqlname) = &get_mysql_version();	my ($mysqlversion,$mysqlminorversion,$mysqlsubver,$mysqlname) = &get_mysql_version();
if (($mysqlname =~ /^MariaDB/i) && ($mysqlversion >= 10.4)) {	if (($mysqlname =~ /^MariaDB/i) && (($mysqlversion == 10 && $mysqlminorversion >= 4) \|\| ($mysqlversion >= 11))) {
if ($dbh) {	if ($dbh) {
my $sth = $dbh->prepare("SELECT Priv FROM mysql.global_priv WHERE (User = 'root' AND Host ='localhost')");	my $sth = $dbh->prepare("SELECT Priv FROM mysql.global_priv WHERE (User = 'root' AND Host ='localhost')");
$sth->execute();	$sth->execute();
Line 1554 sub check_mysql_setup {	Line 1625 sub check_mysql_setup {
}	}
if ($dbh) {	if ($dbh) {
$mysqlsetup = 'noroot';	$mysqlsetup = 'noroot';
if (($mysqlname !~ /^MariaDB/i) && ($mysqlversion >= 5.7)) {	if (($mysqlname !~ /^MariaDB/i) && (($mysqlversion == 5 && $mysqlminorversion >= 7) \|\| ($mysqlversion >= 6))) {
my $sth = $dbh->prepare("SELECT plugin from mysql.user where User='root'");	my $sth = $dbh->prepare("SELECT plugin from mysql.user where User='root'");
$sth->execute();	$sth->execute();
while (my $priv = $sth->fetchrow_array) {	while (my $priv = $sth->fetchrow_array) {
Line 1679 sub get_pathto_iptables {	Line 1750 sub get_pathto_iptables {

sub firewall_is_active {	sub firewall_is_active {
if (-e '/proc/net/ip_tables_names') {	if (-e '/proc/net/ip_tables_names') {
	my $status;
if (open(PIPE,'cat /proc/net/ip_tables_names \|grep filter \|')) {	if (open(PIPE,'cat /proc/net/ip_tables_names \|grep filter \|')) {
my $status = <PIPE>;	$status = <PIPE>;
close(PIPE);	close(PIPE);
chomp($status);	chomp($status);
if ($status eq 'filter') {	if ($status eq 'filter') {
return 1;	return 1;
}	}
}	}
	unless ($status) {
	if (open(PIPE,'nft list tables \|')) {
	while(<PIPE>) {
	chomp();
	if (/filter$/) {
	$status = 1;
	last;
	}
	}
	close(PIPE);
	if ($status) {
	return 1;
	}
	}
	}
}	}
return 0;	return 0;
}	}
Line 1848 print "	Line 1935 print "
".&mt('3.')." ".&mt('Set-up the MySQL database.')."	".&mt('3.')." ".&mt('Set-up the MySQL database.')."
".&mt('4.')." ".&mt('Set-up MySQL permissions.')."	".&mt('4.')." ".&mt('Set-up MySQL permissions.')."
".&mt('5.')." ".&mt('Configure Apache web server.')."	".&mt('5.')." ".&mt('Configure Apache web server.')."
".&mt('6.')." ".&mt('Configure SSL for Apache web server.')."	".&mt('6.')." ".&mt('Configure systemd security settings for Apache web server.')."
".&mt('7.')." ".&mt('Configure start-up of services.')."	".&mt('7.')." ".&mt('Configure SSL for Apache web server.')."
".&mt('8.')." ".&mt('Check firewall settings.')."	".&mt('8.')." ".&mt('Configure start-up of services.')."
".&mt('9.')." ".&mt('Stop services not used by LON-CAPA,')."	".&mt('9.')." ".&mt('Check firewall settings.')."
	".&mt('10.')." ".&mt('Stop services not used by LON-CAPA,')."
".&mt('i.e., services for a print server: [_1] daemon.',"'cups'")."	".&mt('i.e., services for a print server: [_1] daemon.',"'cups'")."
".&mt('10.')." ".&mt('Download LON-CAPA source code in readiness for installation.')."	".&mt('11.')." ".&mt('Download LON-CAPA source code in readiness for installation.')."

".&mt('Typically, you will run this script only once, when you first install LON-CAPA.')."	".&mt('Typically, you will run this script only once, when you first install LON-CAPA.')."

Line 1882 my $instdir = `pwd`;	Line 1970 my $instdir = `pwd`;
chomp($instdir);	chomp($instdir);

my %callsub;	my %callsub;
my @actions = ('wwwuser','pwauth','mysql','mysqlperms','apache',	my @actions = ('wwwuser','pwauth','mysql','mysqlperms','apache','systemd',
'apachessl','runlevels','firewall','stopsrvcs','download');	'apachessl','runlevels','firewall','stopsrvcs','download');
my %prompts = &texthash(	my %prompts = &texthash(
wwwuser => "Create the 'www' user?",	wwwuser => "Create the 'www' user?",
Line 1890 my %prompts = &texthash(	Line 1978 my %prompts = &texthash(
mysql => 'Set-up the MySQL database?',	mysql => 'Set-up the MySQL database?',
mysqlperms => 'Set-up MySQL permissions?',	mysqlperms => 'Set-up MySQL permissions?',
apache => 'Configure Apache web server?',	apache => 'Configure Apache web server?',
apachessl => 'Configure SSL for Apache web server?',	systemd => 'Configure systemd security settings for Apache web server?',
	apachessl => 'Configure SSL for Apache web server?',
runlevels => 'Set overrides for start-up order of services?',	runlevels => 'Set overrides for start-up order of services?',
firewall => 'Configure firewall settings for Apache',	firewall => 'Configure firewall settings for Apache',
stopsrvcs => 'Stop extra services not required on a LON-CAPA server?',	stopsrvcs => 'Stop extra services not required on a LON-CAPA server?',
Line 1932 if (!$gotprereqs) {	Line 2021 if (!$gotprereqs) {
&mt('The following command can be used to install the package (and dependencies):')."\n\n".	&mt('The following command can be used to install the package (and dependencies):')."\n\n".
$updatecmd."\n\n";	$updatecmd."\n\n";
if ($installnow eq '') {	if ($installnow eq '') {
	print &mt('Stopping execution.')."\n";
exit;	exit;
} else {	} else {
print &mt('Run command? ~[Y/n~]');	print &mt('Run command? ~[Y/n~]');
Line 2003 my $lctarball = 'loncapa-current.tar.gz'	Line 2093 my $lctarball = 'loncapa-current.tar.gz'
my $sourcetarball = $lctarball;	my $sourcetarball = $lctarball;
if ($callsub{'download'}) {	if ($callsub{'download'}) {
my ($production,$testing,$sizes) = &download_versionslist();	my ($production,$testing,$sizes) = &download_versionslist();
	my $homedir = '/root';
	if ($distro =~ /^ubuntu/) {
	if ($instdir ne $homedir) {
	($homedir) = ($instdir =~ m{^(.*)/[^/]+$});
	}
	}
if ($production && $testing) {	if ($production && $testing) {
if ($production ne $testing) {	if ($production ne $testing) {
print &mt('Two recent LON-CAPA releases are available: ')."\n".	print &mt('Two recent LON-CAPA releases are available: ')."\n".
&mt('1.').' '.&mt('A production release - version: [_1].',$production)."\n".	&mt('1.').' '.&mt('A production release - version: [_1].',$production)."\n".
&mt('2.').' '.&mt('A testing release - version: [_1].',$testing)."\n\n".	&mt('2.').' '.&mt('A testing release - version: [_1].',$testing)."\n\n".
&mt('Download the production release? ~[Y/n~]');	&mt("After download, the tar.gz file will be extracted into $homedir")."\n\n".
	&mt("Download the production release into $instdir? ~[Y/n~]");
if (&get_user_selection(1)) {	if (&get_user_selection(1)) {
$sourcetarball = 'loncapa-'.$production.'.tar.gz';	$sourcetarball = 'loncapa-'.$production.'.tar.gz';
	print "$sourcetarball will be downloaded into $instdir\n";
} else {	} else {
print "\n".&mt('Download the testing release? ~[Y/n~]');	print "\n".&mt('Download the testing release? ~[Y/n~]');
if (&get_user_selection(1)) {	if (&get_user_selection(1)) {
$sourcetarball = 'loncapa-'.$testing.'.tar.gz';	$sourcetarball = 'loncapa-'.$testing.'.tar.gz';
	print "$sourcetarball will be downloaded into $instdir\n";
	} else {
	$callsub{'download'} = 0;
}	}
}	}
}	}
} elsif ($production) {	} elsif ($production) {
print &mt('The most recent LON-CAPA release is version: [_1].',$production)."\n".	print &mt('The most recent LON-CAPA release is version: [_1].',$production)."\n".
&mt('Download the production release? ~[Y/n~]');	&mt("After download, the tar.gz file will be extracted into $homedir")."\n\n".
	&mt("Download the production release into $instdir? ~[Y/n~]");
if (&get_user_selection(1)) {	if (&get_user_selection(1)) {
$sourcetarball = 'loncapa-'.$production.'.tar.gz';	$sourcetarball = 'loncapa-'.$production.'.tar.gz';
	print "$sourcetarball will be downloaded into $instdir\n";
	} else {
	$callsub{'download'} = 0;
}	}
}	}
} elsif ($filetouse ne '') {	} elsif ($filetouse ne '') {
Line 2047 if ($callsub{'pwauth'}) {	Line 2152 if ($callsub{'pwauth'}) {
if ($callsub{'mysql'}) {	if ($callsub{'mysql'}) {
if ($dbh) {	if ($dbh) {
&setup_mysql($callsub{'mysqlperms'},$dbh,$has_pass,	&setup_mysql($callsub{'mysqlperms'},$dbh,$has_pass,
$mysql_unix_socket,$has_lcdb);	$mysql_unix_socket,$has_lcdb,$distro);
} else {	} else {
print &mt('Unable to configure MySQL because access is denied.')."\n";	print &mt('Unable to configure MySQL because access is denied.')."\n";
}	}
Line 2084 if ($callsub{'apache'}) {	Line 2189 if ($callsub{'apache'}) {
print_and_log(&mt('Skipping configuration of Apache web server.')."\n");	print_and_log(&mt('Skipping configuration of Apache web server.')."\n");
}	}

	if ($callsub{'systemd'}) {
	&check_systemd_update($distro);
	} else {
	print_and_log('Skipping systemd configuration update for web server');
	}

if ($callsub{'apachessl'}) {	if ($callsub{'apachessl'}) {
my $targetdir = '/etc/httpd/conf.d';	my $targetdir = '/etc/httpd/conf.d';
if ($distro =~ /^(suse\|sles)/) {	if ($distro =~ /^(suse\|sles)/) {
Line 2170 if ($callsub{'firewall'}) {	Line 2281 if ($callsub{'firewall'}) {
if (keys(%added) > 0) {	if (keys(%added) > 0) {
print &mt('Firewall configured to allow access for: [_1].',	print &mt('Firewall configured to allow access for: [_1].',
join(', ',sort(keys(%added))))."\n";	join(', ',sort(keys(%added))))."\n";
	system('firewall-cmd --reload');
}	}
if ($current{'http'} \|\| $current{'https'}) {	if ($current{'http'} \|\| $current{'https'}) {
print &mt('Firewall already configured to allow access for:[_1].',	print &mt('Firewall already configured to allow access for:[_1].',
(($current{'http'})? ' http':'').(($current{'https'})? ' https':''))."\n";	(($current{'http'})? ' http':'').(($current{'https'})? ' https':''))."\n";
}	}
unless ($current{'ssh'}) {	unless ($current{'ssh'}) {
print &mt('If you would the like to allow access to ssh from outside, use the command[_1].',	print &mt('If you would like to allow access to ssh from outside, use the commands:')."\n".
"firewall-cmd --permanent --zone=$zone --add-service=ssh")."\n";	"firewall-cmd --permanent --zone=$zone --add-service=ssh\n".
	"firewall-cmd --reload\n";
}	}
} elsif ($distro =~ /^(suse\|sles)/) {	} elsif ($distro =~ /^(suse\|sles)/) {
print &mt('Use [_1] to configure the firewall to allow access for [_2].',	print &mt('Use [_1] to configure the firewall to allow access for [_2].',
Line 2205 if ($callsub{'firewall'}) {	Line 2318 if ($callsub{'firewall'}) {
'ssh, http')."\n";	'ssh, http')."\n";
} else {	} else {
my $version;	my $version;
if ($distro =~ /^(redhat\|centos)(\d+)$/) {	if ($distro =~ /^(redhat\|centos\|rocky\|alma)(\d+)/) {
$version = $1;	$version = $1;
}	}
if ($version > 5) {	if ($version > 5) {
Line 2236 if ($callsub{'download'}) {	Line 2349 if ($callsub{'download'}) {
print &mt('LON-CAPA is available for download from: [_1]',	print &mt('LON-CAPA is available for download from: [_1]',
'http://install.loncapa.org/')."\n";	'http://install.loncapa.org/')."\n";
if (!-e '/etc/loncapa-release') {	if (!-e '/etc/loncapa-release') {
&print_and_log(&mt('LON-CAPA is not yet installed on your system.').	&print_and_log(&mt('LON-CAPA is not yet installed on your system.')."\n\n");
"\n\n".	unless ($filetouse) {
&mt('You may retrieve the source for LON-CAPA by executing:')."\n".	&print_and_log(&mt('You may retrieve the source for LON-CAPA by executing:')."\n".
"wget http://install.loncapa.org/versions/$lctarball\n");	"wget http://install.loncapa.org/versions/$lctarball\n");
	}
} else {	} else {
my $currentversion;	my $currentversion;
if (open(my $fh,"</etc/loncapa-release")) {	if (open(my $fh,"</etc/loncapa-release")) {
Line 2268 if ($callsub{'download'}) {	Line 2382 if ($callsub{'download'}) {
print "\n".&mt('Requested configuration complete.')."\n\n";	print "\n".&mt('Requested configuration complete.')."\n\n";
if ($have_tarball && !$updateshown) {	if ($have_tarball && !$updateshown) {
my ($lcdir) = ($sourcetarball =~ /^([\w.\-]+)\.tar.gz$/);	my ($lcdir) = ($sourcetarball =~ /^([\w.\-]+)\.tar.gz$/);
	if ($lcdir eq 'loncapa-current') {
	$lcdir = "loncapa-X.Y.Z (X.Y.Z should correspond to a version number like '2.11.3')";
	}
my ($apachename,$lc_uses_systemctl,$uses_sudo);	my ($apachename,$lc_uses_systemctl,$uses_sudo);
if ($distro =~ /^(suse\|sles\|debian\|ubuntu)([\d.]+)/) {	if ($distro =~ /^(suse\|sles\|debian\|ubuntu)([\d.]+)/) {
if (($1 eq 'suse') && ($2 < 10)) {	if (($1 eq 'suse') && ($2 < 10)) {
Line 2282 if ($have_tarball && !$updateshown) {	Line 2399 if ($have_tarball && !$updateshown) {
if ($1 > 6) {	if ($1 > 6) {
$lc_uses_systemctl = 1;	$lc_uses_systemctl = 1;
}	}
} elsif ($distro =~ /^(?:rhes\|centos)(\d+)$/) {	} elsif ($distro =~ /^(?:rhes\|centos\|rocky\|alma)(\d+)/) {
if ($1 > 7) {	if ($1 > 7) {
$lc_uses_systemctl = 1;	$lc_uses_systemctl = 1;
}	}
Line 2291 if ($have_tarball && !$updateshown) {	Line 2408 if ($have_tarball && !$updateshown) {
$lc_uses_systemctl = 1;	$lc_uses_systemctl = 1;
}	}
$uses_sudo = 1;	$uses_sudo = 1;
	} elsif ($distro =~ /^debian(\d+)$/) {
	if ($1 >= 10) {
	$lc_uses_systemctl = 1;
	}
} elsif ($distro =~ /^sles(\d+)$/) {	} elsif ($distro =~ /^sles(\d+)$/) {
if ($1 > 12) {	if ($1 > 12) {
$lc_uses_systemctl = 1;	$lc_uses_systemctl = 1;
}	}
	} elsif ($distro =~ /^fedora(\d+)$/) {
	if ($1 > 25) {
	$lc_uses_systemctl = 1;
	}
}	}
if (!-e '/etc/loncapa-release') {	if (!-e '/etc/loncapa-release') {
print &mt('If you are now ready to install LON-CAPA, enter the following commands:')."\n\n";	print &mt('If you are now ready to install LON-CAPA, enter the following commands:')."\n\n";
Line 2312 if ($have_tarball && !$updateshown) {	Line 2437 if ($have_tarball && !$updateshown) {
$apachestop = 'sudo '.$apachestop;	$apachestop = 'sudo '.$apachestop;
}	}
print &mt('If you are now ready to update LON-CAPA, enter the following commands:').	print &mt('If you are now ready to update LON-CAPA, enter the following commands:').
"\n\n$lcstop\n$apachestop\n";	"\n\n$lcstop\n$apachestop\n";
}	}
print "cd /root\n".	my ($extract,$update);
"tar zxf $sourcetarball\n".	my $homedir = '/root';
"cd $lcdir\n".	if ($uses_sudo) {
"./UPDATE\n";	$extract = 'sudo ';
	$update = 'sudo ';
	if ($instdir ne $homedir) {
	($homedir) = ($instdir =~ m{^(.*)/[^/]+$});
	}
	}
	$extract .= "tar zxf $sourcetarball --directory $homedir";
	$update .= './UPDATE';
	print "$extract\n".
	"cd $homedir/$lcdir\n".
	"$update\n";
if (-e '/etc/loncapa-release') {	if (-e '/etc/loncapa-release') {
my $lcstart = '/etc/init.d/loncontrol start';	my $lcstart = '/etc/init.d/loncontrol start';
if ($lc_uses_systemctl) {	if ($lc_uses_systemctl) {
Line 2401 sub build_and_install_mod_auth_external	Line 2536 sub build_and_install_mod_auth_external
> #define SERVER_UIDS $num /* user "www" */	> #define SERVER_UIDS $num /* user "www" */
ENDPATCH	ENDPATCH

	my $patch_code = <<"ENDPATCH";
	127a128
	> #include <string.h>
	214a216
	> #include <time.h>
	566c568
	< check_fails()
	---
	> int check_fails()
	589c591
	< log_failure()
	---
	> void log_failure()
	629c631
	< snooze(int seconds)
	---
	> void snooze(int seconds)
	653c655
	< main(int argc, char **argv)
	---
	> int main(int argc, char **argv)
	ENDPATCH

if (! -e "/usr/bin/patch") {	if (! -e "/usr/bin/patch") {
print_and_log(&mt('You must install the software development tools package: [_1], when installing Linux.',"'patch'")."\n");	print_and_log(&mt('You must install the software development tools package: [_1], when installing Linux.',"'patch'")."\n");
print_and_log(&mt('Authentication installation not completed.')."\n");	print_and_log(&mt('Authentication installation not completed.')."\n");
Line 2411 ENDPATCH	Line 2569 ENDPATCH
return;	return;
}	}
my $dir = "/tmp/pwauth-2.2.8";	my $dir = "/tmp/pwauth-2.2.8";
	my $patchedok;
if (open(PATCH,"\| patch $dir/config.h")) {	if (open(PATCH,"\| patch $dir/config.h")) {
print PATCH $patch;	print PATCH $patch;
close(PATCH);	close(PATCH);
	if (open(PATCH,"\| patch $dir/pwauth.c")) {
	print PATCH $patch_code;
	close(PATCH);
	$patchedok = 1;
	}
	}
	if ($patchedok) {
print_and_log("\n");	print_and_log("\n");
##	##
## Compile patched pwauth	## Compile patched pwauth
Line 2484 sub kill_extra_services {	Line 2650 sub kill_extra_services {
&print_and_log(&mt('Removing [_1] from startup.',$service)."\n");	&print_and_log(&mt('Removing [_1] from startup.',$service)."\n");
if ($distro =~ /^(?:debian\|ubuntu)(\d+)/) {	if ($distro =~ /^(?:debian\|ubuntu)(\d+)/) {
my $version = $1;	my $version = $1;
if (($distro =~ /^ubuntu/) && ($version > 16)) {	if ((($distro =~ /^ubuntu/) && ($version > 16)) \|\|
	(($distro =~ /^debian/) && ($version >= 10))) {
if (ref($uses_systemctl) eq 'HASH') {	if (ref($uses_systemctl) eq 'HASH') {
if ($uses_systemctl->{$service}) {	if ($uses_systemctl->{$service}) {
if (`systemctl is-enabled $service`) {	if (`systemctl is-enabled $service`) {
Line 2516 sub kill_extra_services {	Line 2683 sub kill_extra_services {
}	}

sub setup_mysql {	sub setup_mysql {
my ($setup_mysql_permissions,$dbh,$has_pass,$mysql_unix_socket,$has_lcdb) = @_;	my ($setup_mysql_permissions,$dbh,$has_pass,$mysql_unix_socket,$has_lcdb,$distro) = @_;
my @mysql_lc_commands;	my @mysql_lc_commands;
unless ($has_lcdb) {	unless ($has_lcdb) {
push(@mysql_lc_commands,"CREATE DATABASE loncapa");	my $createcmd = 'CREATE DATABASE loncapa';
	if ($distro =~ /^sles(\d+)/) {
	if ($1 > 11) {
	$createcmd .= ' CHARACTER SET utf8 COLLATE utf8_general_ci';
	}
	} elsif ($distro =~ /^ubuntu(\d+)/) {
	if ($1 > 16) {
	$createcmd .= ' CHARACTER SET latin1 COLLATE latin1_swedish_ci';
	}
	}
	push(@mysql_lc_commands,$createcmd);
}	}
push(@mysql_lc_commands,"USE loncapa");	push(@mysql_lc_commands,"USE loncapa");
push(@mysql_lc_commands,qq{	push(@mysql_lc_commands,qq{
Line 2544 CREATE TABLE IF NOT EXISTS metadata (tit	Line 2721 CREATE TABLE IF NOT EXISTS metadata (tit

sub setup_mysql_permissions {	sub setup_mysql_permissions {
my ($dbh,$has_pass,$mysql_unix_socket,@mysql_lc_commands) = @_;	my ($dbh,$has_pass,$mysql_unix_socket,@mysql_lc_commands) = @_;
my ($mysqlversion,$mysqlsubver,$mysqlname) = &get_mysql_version();	my ($mysqlversion,$mysqlminorversion,$mysqlsubver,$mysqlname) = &get_mysql_version();
my ($usescreate,$usesauth,$is_mariadb,$hasauthcol,@mysql_commands);	my ($usescreate,$usesauth,$is_mariadb,$hasauthcol,@mysql_commands);
if ($mysqlname =~ /^MariaDB/i) {	if ($mysqlname =~ /^MariaDB/i) {
$is_mariadb = 1;	$is_mariadb = 1;
if ($mysqlversion >= 10.4) {	if ((($mysqlversion == 10) && ($mysqlminorversion >= 4)) \|\| ($mysqlversion >= 11)) {
$usescreate = 1;	$usescreate = 1;
} elsif ($mysqlversion >= 10.2) {	} elsif (($mysqlversion == 10) && ($mysqlminorversion >= 2)) {
$usesauth = 1;	$usesauth = 1;
} elsif ($mysqlversion >= 5.5) {	} elsif (($mysqlversion == 5) && ($mysqlminorversion >= 5)) {
$hasauthcol = 1;	$hasauthcol = 1;
}	}
} else {	} else {
if (($mysqlversion > 5.7) \|\| (($mysqlversion == 5.7) && ($mysqlsubver > 5))) {	if (($mysqlversion > 5) \|\| (($mysqlminorversion == 5) && ($mysqlminorversion > 7)) \|\|
	(($mysqlversion == 5) && ($mysqlminorversion == 7) && ($mysqlsubver > 5))) {
$usesauth = 1;	$usesauth = 1;
} elsif (($mysqlversion >= 5.6) \|\| (($mysqlversion == 5.5) && ($mysqlsubver >= 7))) {	} elsif (($mysqlversion == 5) &&
	(($mysqlminorversion >= 6) \|\| (($mysqlminorversion == 5) && ($mysqlsubver >= 7)))) {
$hasauthcol = 1;	$hasauthcol = 1;
}	}
}	}
if ($usescreate) {	if ($usescreate) {
@mysql_commands = ("CREATE USER 'www'\@'localhost' IDENTIFIED BY 'localhostkey'");	@mysql_commands = ("CREATE USER 'www'\@'localhost' IDENTIFIED BY 'localhostkey'");
} elsif ($usesauth) {	} elsif ($usesauth) {
@mysql_commands = ("INSERT user (Host, User, ssl_cipher, x509_issuer, x509_subject, authentication_string) VALUES('localhost','www','','','','')");	@mysql_commands = ("INSERT user (Host, User, ssl_cipher, x509_issuer, x509_subject, authentication_string) VALUES('localhost','www','','','','')",
	"FLUSH PRIVILEGES");
if ($is_mariadb) {	if ($is_mariadb) {
push(@mysql_commands,"ALTER USER 'www'\@'localhost' IDENTIFIED BY 'localhostkey'");	push(@mysql_commands,"ALTER USER 'www'\@'localhost' IDENTIFIED BY 'localhostkey'");
} else {	} else {
Line 2671 sub new_mysql_rootpasswd {	Line 2851 sub new_mysql_rootpasswd {
}	}

sub get_mysql_version {	sub get_mysql_version {
my ($version,$subversion,$name);	my ($version,$minorversion,$subversion,$name);
if (open(PIPE," mysql -V \|")) {	if (open(PIPE," mysql -V \|")) {
my $info = <PIPE>;	my $info = <PIPE>;
chomp($info);	chomp($info);
close(PIPE);	close(PIPE);
($version,$subversion,$name) = ($info =~ /(\d+\.\d+)\.(\d+)(?:\-?(\w*),\|)/);	($version,$minorversion,$subversion,$name) = ($info =~ /(\d+)\.(\d+)\.(\d+)(?:\-?(\w*),\|)/);
} else {	} else {
print &mt('Could not determine which version of MySQL is installed.').	print &mt('Could not determine which version of MySQL is installed.').
"\n";	"\n";
}	}
return ($version,$subversion,$name);	return ($version,$minorversion,$subversion,$name);
	}

	sub check_systemd_update {
	my ($distro) = @_;
	my ($use_systemctl,$service);
	$service = 'apache2.service';
	if ($distro =~ /^ubuntu(\w+)/) {
	if ($1 >= 16) {
	$use_systemctl = 1;
	}
	} elsif ($distro =~ /^debian(\w+)/) {
	if ($1 >= 9) {
	$use_systemctl = 1;
	}
	} elsif ($distro =~ /^fedora(\d+)/) {
	$service = 'httpd.service';
	if ($1 >= 16) {
	$use_systemctl = 1;
	}
	} elsif ($distro =~ /^(?:centos\|rhes\|scientific\|oracle\|rocky\|alma)(\d+)/) {
	$service = 'httpd.service';
	if ($1 >= 7) {
	$use_systemctl = 1;
	}
	} elsif ($distro =~ /^sles(\d+)/) {
	if ($1 >= 12) {
	$use_systemctl = 1;
	}
	} elsif ($distro =~ /^suse(\d+)/) {
	if ($1 >= 13) {
	$use_systemctl = 1;
	}
	}
	if ($use_systemctl) {
	my $needsupdate = &check_systemd_security($distro);
	if ($needsupdate) {
	if (!-d '/etc/systemd/system/'.$service.'.d') {
	mkdir '/etc/systemd/system/'.$service.'.d', 0755;
	}
	if (-d '/etc/systemd/system/'.$service.'.d') {
	if (-e '/etc/systemd/system/'.$service.'.d/override.conf') {
	if (open(my $fh,'<','/etc/systemd/system/'.$service.'.d/override.conf')) {
	my ($inservice,$addservice,$protectoff,$linenum,$change,@lines);
	while (my $entry = <$fh>) {
	$linenum ++;
	chomp($entry);
	if ($entry eq '[Service]') {
	if (!$protectoff) {
	$inservice = $linenum;
	push(@lines,$entry);
	} else {
	$addservice = 1;
	next;
	}
	}
	if ($entry =~ /^ProtectHome\s=\s([\w-]+)\s*$/) {
	my $value = $1;
	if ($protectoff) {
	next;
	if (lc($value) eq 'no') {
	$protectoff = $linenum;
	push(@lines,$entry);
	} else {
	if ($protectoff) {
	next;
	} else {
	push(@lines,'ProtectHome=no');
	$protectoff = $linenum;
	$change = $linenum;
	}
	}
	}
	}
	}
	close($fh);
	if ($addservice \|\| $change \|\| !$protectoff) {
	if (open(my $fh,'>','/etc/systemd/system/'.$service.'.d/override.conf')) {
	if ($addservice) {
	print $fh "[Service]\n";
	}
	foreach my $entry (@lines) {
	print $fh "$entry\n";
	}
	close($fh);
	print_and_log('Updated /etc/systemd/system/'.$service.'.d/override.conf');
	system('systemctl daemon-reload');
	} else {
	print_and_log('Could not open /etc/systemd/system/'.$service.'.d/override.conf for writing.');
	}
	} else {
	print_and_log('No change needed in /etc/systemd/system/'.$service.'.d/override.conf');
	}
	} else {
	print_and_log('Could not open /etc/systemd/system/'.$service.'.d/override.conf for reading.');
	}
	} else {
	if (open(my $fh,'>','/etc/systemd/system/'.$service.'.d/override.conf')) {
	print $fh '[Service]'."\n".'ProtectHome=no'."\n";
	close($fh);
	print_and_log('Created /etc/systemd/system/'.$service.'.d/override.conf');
	}
	}
	} else {
	print_and_log('No /etc/systemd/system/'.$service.'.d directory exists and creating one failed,');
	}
	} else {
	print_and_log('No update needed to systemd security settings for Apache web server.');
	}
	} else {
	print_and_log('No update needed to systemd, as this Linux distro does not use systemctl');
	}
}	}

###########################################################	###########################################################
Line 2694 sub get_mysql_version {	Line 2985 sub get_mysql_version {
sub copy_httpd_conf {	sub copy_httpd_conf {
my ($instdir,$distro,$hostname) = @_;	my ($instdir,$distro,$hostname) = @_;
my $configfile = 'httpd.conf';	my $configfile = 'httpd.conf';
if ($distro =~ /^(?:centos\|rhes\|scientific\|oracle)(\d+)$/) {	if ($distro =~ /^(?:centos\|rhes\|scientific\|oracle\|rocky\|alma)(\d+)/) {
if ($1 >= 7) {	if ($1 >= 7) {
$configfile = 'apache2.4/httpd.conf';	$configfile = 'apache2.4/httpd.conf';
} elsif ($1 > 5) {	} elsif ($1 > 5) {
Line 2741 sub copy_mpm_conf {	Line 3032 sub copy_mpm_conf {
print_and_log("\n");	print_and_log("\n");
} else {	} else {
my $logfail;	my $logfail;
if ($distro =~ /^(?:centos\|rhes\|scientific\|oracle)(\d+)$/) {	if ($distro =~ /^(?:centos\|rhes\|scientific\|oracle\|rocky\|alma)(\d+)/) {
if ($1 > 7) {	if ($1 > 7) {
$logfail = 1;	$logfail = 1;
}	}
Line 3262 sub copy_apache2_debconf {	Line 3553 sub copy_apache2_debconf {
$distname = $1;	$distname = $1;
$version = $2;	$version = $2;
}	}
if (($distname eq 'ubuntu') && ($version > 12)) {	if ((($distname eq 'ubuntu') && ($version > 12)) \|\|
	(($distname eq 'debian') && ($version >= 10))) {
$defaultconfig = "$apache2_sites_enabled_dir/000-default.conf";	$defaultconfig = "$apache2_sites_enabled_dir/000-default.conf";
}	}
my ($skipconf,$skipsite,$skipstatus);	my ($skipconf,$skipsite,$skipstatus);
if (($distname eq 'ubuntu') && ($version > 12)) {	if ((($distname eq 'ubuntu') && ($version > 12)) \|\|
	(($distname eq 'debian') && ($version >= 10))) {
my $apache2_conf_enabled_dir = '/etc/apache2/conf-enabled';	my $apache2_conf_enabled_dir = '/etc/apache2/conf-enabled';
my $apache2_conf_available_dir = '/etc/apache2/conf-available';	my $apache2_conf_available_dir = '/etc/apache2/conf-available';
my $defaultconf = $apache2_conf_enabled_dir.'/loncapa.conf';	my $defaultconf = $apache2_conf_enabled_dir.'/loncapa.conf';
Line 3419 sub copy_apache2_debconf {	Line 3712 sub copy_apache2_debconf {
}	}
}	}
}	}
if ($distname eq 'ubuntu') {	if (($distname eq 'ubuntu') \|\| ($distname eq 'debian')) {
my $sitestatus = "$apache2_mods_available_dir/status.conf";	my $sitestatus = "$apache2_mods_available_dir/status.conf";
my $stdstatus = "$instdir/debian-ubuntu/status.conf";	my $stdstatus = "$instdir/debian-ubuntu/status.conf";
if ((-e $sitestatus) && (-e $stdstatus)) {	if ((-e $sitestatus) && (-e $stdstatus)) {
Line 3620 sub download_loncapa {	Line 3913 sub download_loncapa {
print_and_log("	print_and_log("
------------------------------------------------------------------------	------------------------------------------------------------------------

".&mt('You seem to have a version of loncapa-current.tar.gz in [_1]',$instdir)."\n".	".&mt('You seem to have a version of [_1] in [_2]',$lctarball,$instdir)."\n".
&mt('This copy will be used and a new version will NOT be downloaded.')."\n".	&mt('This copy will be used and a new version will NOT be downloaded.')."\n".
&mt('If you wish, you may download a new version by executing:')."	&mt('If you wish, you may download a new version by executing:')."

wget http://install.loncapa.org/versions/loncapa-current.tar.gz	wget http://install.loncapa.org/versions/$lctarball

------------------------------------------------------------------------	------------------------------------------------------------------------
");	");
}	}

##	##
## untar loncapa.tar.gz	## untar loncapa-X.Y.Z.tar.gz
##	##
if ($have_tarball) {	if ($have_tarball) {
	my $homedir = '/root';
	my ($targetdir,$chdircmd,$updatecmd);
	if (($distro =~ /^ubuntu/) && ($instdir ne $homedir)) {
	($homedir) = ($instdir =~ m{^(.*)/[^/]+$});
	$updatecmd = 'sudo ./UPDATE';
	} else {
	$updatecmd = './UPDATE';
	}
print_and_log(&mt('Extracting LON-CAPA source files')."\n");	print_and_log(&mt('Extracting LON-CAPA source files')."\n");
writelog(`cd ~root; tar zxf $instdir/$lctarball`);	if (-e $homedir) {
	writelog(`tar zxf $instdir/$lctarball --directory $homedir`);
	$targetdir = $homedir;
	} else {
	writelog(`tar zxf $instdir/$lctarball`);
	$targetdir = $instdir;
	}
	if ($lctarball =~ /^loncapa\-(\d+\.\d+\.\d+(?:\|[^.]+))\.tar\.gz$/) {
	$chdircmd = "cd $targetdir/loncapa-".$1;
	} else {
	$chdircmd = "cd $targetdir/loncapa-X.Y.Z (X.Y.Z should correspond to a version number like '2.11.3')";
	}
print_and_log("\n");	print_and_log("\n");
print &mt('LON-CAPA source files extracted.')."\n".	print &mt('LON-CAPA source files extracted.')."\n".
&mt('It remains for you to execute the following commands:')."	&mt('It remains for you to execute the following commands:').
	"\n$chdircmd\n$updatecmd\n".
cd /root/loncapa-X.Y.Z (X.Y.Z should correspond to a version number like '2.11.3')	&mt('If you have any trouble, please see [_1] and [_2]',
./UPDATE	'http://install.loncapa.org/','http://help.loncapa.org/')."\n";

".&mt('If you have any trouble, please see [_1] and [_2]',
'http://install.loncapa.org/','http://help.loncapa.org/')."\n";
$updateshown = 1;	$updateshown = 1;
}	}
return ($have_tarball,$updateshown);	return ($have_tarball,$updateshown);

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.71
changed lines
	Added in v.1.92