version 1.52, 2019/02/19 19:22:36
|
version 1.92, 2024/07/28 13:21:34
|
Line 29 use Term::ReadKey;
|
Line 29 use Term::ReadKey;
|
use Socket; |
use Socket; |
use Sys::Hostname::FQDN(); |
use Sys::Hostname::FQDN(); |
use DBI; |
use DBI; |
|
use File::Spec; |
use Cwd(); |
use Cwd(); |
use File::Basename(); |
use File::Basename(); |
use lib File::Basename::dirname(Cwd::abs_path($0)); |
use lib File::Basename::dirname(Cwd::abs_path($0)); |
Line 166 sub get_user_selection {
|
Line 167 sub get_user_selection {
|
sub get_distro { |
sub get_distro { |
my ($distro,$gotprereqs,$updatecmd,$packagecmd,$installnow,$unknown); |
my ($distro,$gotprereqs,$updatecmd,$packagecmd,$installnow,$unknown); |
$packagecmd = '/bin/rpm -q LONCAPA-prerequisites '; |
$packagecmd = '/bin/rpm -q LONCAPA-prerequisites '; |
if (-e '/etc/redhat-release') { |
if (-e '/etc/oracle-release') { |
|
open(IN,'</etc/oracle-release'); |
|
my $versionstring=<IN>; |
|
chomp($versionstring); |
|
close(IN); |
|
if ($versionstring =~ /^Oracle Linux Server release (\d+)/) { |
|
my $version = $1; |
|
$distro = 'oracle'.$1; |
|
$updatecmd = 'yum install LONCAPA-prerequisites'; |
|
$installnow = 'yum -y install LONCAPA-prerequisites'; |
|
} |
|
} elsif (-e '/etc/redhat-release') { |
open(IN,'</etc/redhat-release'); |
open(IN,'</etc/redhat-release'); |
my $versionstring=<IN>; |
my $versionstring=<IN>; |
chomp($versionstring); |
chomp($versionstring); |
Line 196 sub get_distro {
|
Line 208 sub get_distro {
|
$distro = 'rhes'.$1; |
$distro = 'rhes'.$1; |
$updatecmd = 'yum install LONCAPA-prerequisites'; |
$updatecmd = 'yum install LONCAPA-prerequisites'; |
$installnow = 'yum -y install LONCAPA-prerequisites'; |
$installnow = 'yum -y install LONCAPA-prerequisites'; |
} elsif ($versionstring =~ /CentOS(?:| Linux) release (\d+)/) { |
} elsif ($versionstring =~ /Red Hat Enterprise Linux release (\d+)/) { |
$distro = 'centos'.$1; |
$distro = 'rhes'.$1; |
|
$updatecmd = 'dnf install LONCAPA-prerequisites'; |
|
$installnow = 'dnf -y install LONCAPA-prerequisites'; |
|
} elsif ($versionstring =~ /CentOS(| Linux| Stream) release (\d+)/) { |
|
$distro = 'centos'.$2; |
|
if ($1 eq ' Stream') { |
|
$distro .= '-stream'; |
|
} |
$updatecmd = 'yum install LONCAPA-prerequisites'; |
$updatecmd = 'yum install LONCAPA-prerequisites'; |
$installnow = 'yum -y install LONCAPA-prerequisites'; |
$installnow = 'yum -y install LONCAPA-prerequisites'; |
} elsif ($versionstring =~ /Scientific Linux (?:SL )?release ([\d.]+) /) { |
} elsif ($versionstring =~ /Scientific Linux (?:SL )?release ([\d.]+) /) { |
Line 206 sub get_distro {
|
Line 225 sub get_distro {
|
$distro = 'scientific'.$ver; |
$distro = 'scientific'.$ver; |
$updatecmd = 'yum install LONCAPA-prerequisites'; |
$updatecmd = 'yum install LONCAPA-prerequisites'; |
$installnow = 'yum -y install LONCAPA-prerequisites'; |
$installnow = 'yum -y install LONCAPA-prerequisites'; |
|
} elsif ($versionstring =~ /Rocky Linux release ([\d.]+)/) { |
|
my $ver = $1; |
|
$ver =~ s/\.\d+$//; |
|
$distro = 'rocky'.$ver; |
|
$updatecmd = 'dnf install LONCAPA-prerequisites'; |
|
$installnow = 'dnf -y install LONCAPA-prerequisites'; |
|
} elsif ($versionstring =~ /AlmaLinux release ([\d.]+) /) { |
|
my $ver = $1; |
|
$ver =~ s/\.\d+$//; |
|
$distro = 'alma'.$ver; |
|
$updatecmd = 'dnf install LONCAPA-prerequisites'; |
|
$installnow = 'dnf -y install LONCAPA-prerequisites'; |
} else { |
} else { |
print &mt('Unable to interpret [_1] to determine system type.', |
print &mt('Unable to interpret [_1] to determine system type.', |
'/etc/redhat-release')."\n"; |
'/etc/redhat-release')."\n"; |
Line 308 sub get_distro {
|
Line 339 sub get_distro {
|
$unknown = 1; |
$unknown = 1; |
} |
} |
} else { |
} else { |
print &mt('Unknown installation: expecting a debian, ubuntu, suse, sles, redhat, fedora or scientific linux system.')."\n"; |
print &mt('Unknown installation: expecting a debian, ubuntu, suse, sles, redhat, fedora, scientific linux, or oracle linux system.')."\n"; |
} |
} |
} |
} |
return ($distro,$packagecmd,$updatecmd,$installnow); |
return ($distro,$packagecmd,$updatecmd,$installnow); |
Line 342 sub get_hostname {
|
Line 373 sub get_hostname {
|
} |
} |
|
|
# |
# |
# get_hostname() prompts the user to provide the server's IPv4 IP address |
# get_hostip() prompts the user to provide the server's IPv4 IP address |
# |
# |
# If invalid input is provided, the routine is called recursively |
# If invalid input is provided, the routine is called recursively |
# until, a valid IPv4 address is provided. |
# until, a valid IPv4 address is provided. |
Line 406 sub check_prerequisites {
|
Line 437 sub check_prerequisites {
|
|
|
sub check_locale { |
sub check_locale { |
my ($distro) = @_; |
my ($distro) = @_; |
my ($fh,$langvar,$command); |
my ($fh,$langvar,$command,$earlyout); |
$langvar = 'LANG'; |
$langvar = 'LANG'; |
if ($distro =~ /^(ubuntu|debian)/) { |
if ($distro =~ /^(ubuntu|debian)/) { |
if (!open($fh,"</etc/default/locale")) { |
if (!open($fh,"</etc/default/locale")) { |
print &mt('Failed to open: [_1], default locale not checked.', |
print &mt('Failed to open: [_1], default locale not checked.', |
'/etc/default/locale'); |
'/etc/default/locale'); |
|
$earlyout = 1; |
} |
} |
} elsif ($distro =~ /^(suse|sles)(\d+)/) { |
} elsif ($distro =~ /^(suse|sles)(\d+)/) { |
if (($1 eq 'sles') && ($2 >= 15)) { |
if (($1 eq 'sles') && ($2 >= 15)) { |
if (!open($fh,"</etc/locale.conf")) { |
if (!open($fh,"</etc/locale.conf")) { |
print &mt('Failed to open: [_1], default locale not checked.', |
print &mt('Failed to open: [_1], default locale not checked.', |
'/etc/locale.conf'); |
'/etc/locale.conf'); |
|
$earlyout = 1; |
} |
} |
} else { |
} else { |
if (!open($fh,"</etc/sysconfig/language")) { |
if (!open($fh,"</etc/sysconfig/language")) { |
print &mt('Failed to open: [_1], default locale not checked.', |
print &mt('Failed to open: [_1], default locale not checked.', |
'/etc/sysconfig/language'); |
'/etc/sysconfig/language'); |
|
$earlyout = 1; |
} |
} |
$langvar = 'RC_LANG'; |
$langvar = 'RC_LANG'; |
} |
} |
Line 431 sub check_locale {
|
Line 465 sub check_locale {
|
if (!open($fh,"</etc/locale.conf")) { |
if (!open($fh,"</etc/locale.conf")) { |
print &mt('Failed to open: [_1], default locale not checked.', |
print &mt('Failed to open: [_1], default locale not checked.', |
'/etc/locale.conf'); |
'/etc/locale.conf'); |
|
$earlyout = 1; |
} |
} |
} elsif (!open($fh,"</etc/sysconfig/i18n")) { |
} elsif (!open($fh,"</etc/sysconfig/i18n")) { |
print &mt('Failed to open: [_1], default locale not checked.', |
print &mt('Failed to open: [_1], default locale not checked.', |
'/etc/sysconfig/i18n'); |
'/etc/sysconfig/i18n'); |
|
$earlyout = 1; |
} |
} |
} elsif ($distro =~ /^(?:rhes|centos|scientific)(\d+)/) { |
} elsif ($distro =~ /^(?:rhes|centos|scientific|oracle|rocky|alma)(\d+)/) { |
if ($1 >= 7) { |
if ($1 >= 7) { |
if (!open($fh,"</etc/locale.conf")) { |
if (!open($fh,"</etc/locale.conf")) { |
print &mt('Failed to open: [_1], default locale not checked.', |
print &mt('Failed to open: [_1], default locale not checked.', |
'/etc/locale.conf'); |
'/etc/locale.conf'); |
|
$earlyout = 1; |
} |
} |
} elsif (!open($fh,"</etc/sysconfig/i18n")) { |
} elsif (!open($fh,"</etc/sysconfig/i18n")) { |
print &mt('Failed to open: [_1], default locale not checked.', |
print &mt('Failed to open: [_1], default locale not checked.', |
'/etc/sysconfig/i18n'); |
'/etc/sysconfig/i18n'); |
|
$earlyout = 1; |
} |
} |
} else { |
} else { |
if (!open($fh,"</etc/sysconfig/i18n")) { |
if (!open($fh,"</etc/sysconfig/i18n")) { |
print &mt('Failed to open: [_1], default locale not checked.', |
print &mt('Failed to open: [_1], default locale not checked.', |
'/etc/sysconfig/i18n'); |
'/etc/sysconfig/i18n'); |
|
$earlyout = 1; |
} |
} |
} |
} |
|
return if ($earlyout); |
my @data = <$fh>; |
my @data = <$fh>; |
chomp(@data); |
chomp(@data); |
foreach my $item (@data) { |
foreach my $item (@data) { |
Line 465 sub check_locale {
|
Line 505 sub check_locale {
|
$command = 'sudo locale-gen en_US.UTF-8'."\n". |
$command = 'sudo locale-gen en_US.UTF-8'."\n". |
'sudo update-locale LANG=en_US.UTF-8'; |
'sudo update-locale LANG=en_US.UTF-8'; |
} elsif ($distro =~ /^(suse|sles)/) { |
} elsif ($distro =~ /^(suse|sles)/) { |
$command = 'yast language'; |
$command = 'yast language'; |
} else { |
} elsif (-e '/usr/bin/system-config-language') { |
$command = 'system-config-language'; |
$command = 'system-config-language'; |
|
} elsif (-e '/usr/bin/localectl') { |
|
$command = '/usr/bin/localectl set-locale LANG=en_US.UTF-8'; |
|
} else { |
|
$command = 'No standard command found'; |
} |
} |
} |
} |
last; |
last; |
Line 491 sub check_required {
|
Line 535 sub check_required {
|
unless ($localecmd eq '') { |
unless ($localecmd eq '') { |
return ($distro,$gotprereqs,$localecmd); |
return ($distro,$gotprereqs,$localecmd); |
} |
} |
my ($mysqlon,$mysqlsetup,$mysqlrestart,$dbh,$has_pass,$has_lcdb,%recommended, |
my ($mysqlon,$mysqlsetup,$mysqlrestart,$dbh,$has_pass,$mysql_unix_socket,$has_lcdb, |
$downloadstatus,$filetouse,$production,$testing,$apachefw,$tostop, |
%recommended,$downloadstatus,$filetouse,$production,$testing,$apachefw, |
$uses_systemctl,$hostname,$hostip); |
$tostop,$uses_systemctl,$mysql_has_wwwuser,$hostname,$hostip); |
my $wwwuid = &uid_of_www(); |
my $wwwuid = &uid_of_www(); |
my $wwwgid = getgrnam('www'); |
my $wwwgid = getgrnam('www'); |
if (($wwwuid eq '') || ($wwwgid eq '')) { |
if (($wwwuid eq '') || ($wwwgid eq '')) { |
Line 523 sub check_required {
|
Line 567 sub check_required {
|
print_and_log("\n".&mt('Hostname is [_1] and IP address is [_2]',$hostname,$hostip)."\n"); |
print_and_log("\n".&mt('Hostname is [_1] and IP address is [_2]',$hostname,$hostip)."\n"); |
$mysqlon = &check_mysql_running($distro); |
$mysqlon = &check_mysql_running($distro); |
if ($mysqlon) { |
if ($mysqlon) { |
my $mysql_has_wwwuser = &check_mysql_wwwuser(); |
($mysqlsetup,$has_pass,$dbh,$mysql_has_wwwuser,$mysql_unix_socket) = |
($mysqlsetup,$has_pass,$dbh,$mysql_has_wwwuser) = |
&check_mysql_setup($instdir,$dsn,$distro); |
&check_mysql_setup($instdir,$dsn,$distro,$mysql_has_wwwuser); |
|
if ($mysqlsetup eq 'needsrestart') { |
if ($mysqlsetup eq 'needsrestart') { |
$mysqlrestart = ''; |
$mysqlrestart = ''; |
if ($distro eq 'ubuntu') { |
if ($distro eq 'ubuntu') { |
$mysqlrestart = 'sudo '; |
$mysqlrestart = 'sudo '; |
} |
} |
$mysqlrestart .= 'service mysql restart'; |
$mysqlrestart .= 'service mysql restart'; |
return ($distro,$gotprereqs,$localecmd,$packagecmd,$updatecmd,$installnow,$mysqlrestart); |
return ($distro,$gotprereqs,$localecmd,$packagecmd,$updatecmd,$installnow,$mysqlrestart); |
Line 552 sub check_required {
|
Line 595 sub check_required {
|
my ($sslhostsfilesref,$has_std,$has_int,$rewritenum,$nochgstd,$nochgint); |
my ($sslhostsfilesref,$has_std,$has_int,$rewritenum,$nochgstd,$nochgint); |
($recommended{'firewall'},$apachefw) = &chkfirewall($distro); |
($recommended{'firewall'},$apachefw) = &chkfirewall($distro); |
($recommended{'runlevels'},$tostop,$uses_systemctl) = &chkconfig($distro,$instdir); |
($recommended{'runlevels'},$tostop,$uses_systemctl) = &chkconfig($distro,$instdir); |
|
if ((ref($uses_systemctl) eq 'HASH') && ($uses_systemctl->{'apache'})) { |
|
$recommended{'systemd'} = &check_systemd_security($distro); |
|
} |
$recommended{'apache'} = &chkapache($distro,$instdir); |
$recommended{'apache'} = &chkapache($distro,$instdir); |
($recommended{'apachessl'},$sslhostsfilesref,$has_std,$has_int,$rewritenum, |
($recommended{'apachessl'},$sslhostsfilesref,$has_std,$has_int,$rewritenum, |
$nochgstd,$nochgint) = &chkapachessl($distro,$instdir,$hostname,$hostip); |
$nochgstd,$nochgint) = &chkapachessl($distro,$instdir,$hostname,$hostip); |
$recommended{'stopsrvcs'} = &chksrvcs($distro,$tostop); |
$recommended{'stopsrvcs'} = &chksrvcs($distro,$tostop); |
($recommended{'download'},$downloadstatus,$filetouse,$production,$testing) |
($recommended{'download'},$downloadstatus,$filetouse,$production,$testing) |
= &need_download(); |
= &need_download($distro,$instdir); |
return ($distro,$gotprereqs,$localecmd,$packagecmd,$updatecmd,$installnow, |
return ($distro,$gotprereqs,$localecmd,$packagecmd,$updatecmd,$installnow, |
$mysqlrestart,\%recommended,$dbh,$has_pass,$has_lcdb,$downloadstatus, |
$mysqlrestart,\%recommended,$dbh,$has_pass,$mysql_unix_socket, |
$filetouse,$production,$testing,$apachefw,$uses_systemctl,$hostname, |
$has_lcdb,$downloadstatus,$filetouse,$production,$testing,$apachefw, |
$hostip,$sslhostsfilesref,$has_std,$has_int,$rewritenum,$nochgstd, |
$uses_systemctl,$hostname,$hostip,$sslhostsfilesref,$has_std,$has_int, |
$nochgint); |
$rewritenum,$nochgstd,$nochgint); |
} |
} |
|
|
sub check_mysql_running { |
sub check_mysql_running { |
Line 579 sub check_mysql_running {
|
Line 625 sub check_mysql_running {
|
$process = 'mysqld'; |
$process = 'mysqld'; |
$proc_owner = 'mysql'; |
$proc_owner = 'mysql'; |
} |
} |
|
if ($1 >= 16) { |
|
$use_systemctl = 1; |
|
} |
|
} elsif ($distro =~ /^debian(\w+)/) { |
|
if ($1 >= 10) { |
|
$process = 'mysql'; |
|
$proc_owner = 'mysql'; |
|
} |
|
if ($1 >= 11) { |
|
$mysqldaemon = 'mariadb'; |
|
} |
|
if ($1 >= 9) { |
|
$use_systemctl = 1; |
|
} |
} elsif ($distro =~ /^fedora(\d+)/) { |
} elsif ($distro =~ /^fedora(\d+)/) { |
if ($1 >= 16) { |
if ($1 >= 16) { |
$process = 'mysqld'; |
$process = 'mysqld'; |
Line 588 sub check_mysql_running {
|
Line 648 sub check_mysql_running {
|
if ($1 >= 19) { |
if ($1 >= 19) { |
$mysqldaemon ='mariadb'; |
$mysqldaemon ='mariadb'; |
} |
} |
} elsif ($distro =~ /^(?:centos|rhes|scientific)(\d+)/) { |
if ($1 >= 34) { |
|
$process = 'mariadb'; |
|
} |
|
} elsif ($distro =~ /^(?:centos|rhes|scientific|oracle|rocky|alma)(\d+)/) { |
if ($1 >= 7) { |
if ($1 >= 7) { |
$mysqldaemon ='mariadb'; |
$mysqldaemon ='mariadb'; |
$process = 'mysqld'; |
$process = 'mysqld'; |
$proc_owner = 'mysql'; |
$proc_owner = 'mysql'; |
$use_systemctl = 1; |
$use_systemctl = 1; |
} |
} |
|
if ($1 >= 9) { |
|
$process = 'mariadb'; |
|
} |
} elsif ($distro =~ /^sles(\d+)/) { |
} elsif ($distro =~ /^sles(\d+)/) { |
if ($1 >= 12) { |
if ($1 >= 12) { |
$use_systemctl = 1; |
$use_systemctl = 1; |
Line 715 sub chkconfig {
|
Line 781 sub chkconfig {
|
if (($distro =~ /^ubuntu/) && ($version <= 8)) { |
if (($distro =~ /^ubuntu/) && ($version <= 8)) { |
$daemon{'cups'} = 'cupsys'; |
$daemon{'cups'} = 'cupsys'; |
} |
} |
|
if ((($distro =~ /^ubuntu/) && ($version >= 18)) || |
|
(($distro =~ /^debian/) && ($version >= 10))) { |
|
$daemon{'ntp'} = 'chrony'; |
|
} |
|
if (($distro =~ /^debian/) && ($version >= 11)) { |
|
$daemon{'mysql'} = 'mariadb'; |
|
} |
} elsif ($distro =~ /^fedora(\d+)/) { |
} elsif ($distro =~ /^fedora(\d+)/) { |
my $version = $1; |
my $version = $1; |
if ($version >= 15) { |
if ($version >= 15) { |
Line 729 sub chkconfig {
|
Line 802 sub chkconfig {
|
if ($version >= 19) { |
if ($version >= 19) { |
$daemon{'mysql'} = 'mariadb'; |
$daemon{'mysql'} = 'mariadb'; |
} |
} |
} elsif ($distro =~ /^(?:centos|rhes|scientific)(\d+)/) { |
if ($version >= 26) { |
|
$daemon{'ntp'} = 'chronyd'; |
|
} |
|
} elsif ($distro =~ /^(?:centos|rhes|scientific|oracle|rocky|alma)(\d+)/) { |
my $version = $1; |
my $version = $1; |
if ($version >= 7) { |
if ($version >= 7) { |
$uses_systemctl{'ntp'} = 1; |
$uses_systemctl{'ntp'} = 1; |
Line 739 sub chkconfig {
|
Line 815 sub chkconfig {
|
$uses_systemctl{'cups'} = 1; |
$uses_systemctl{'cups'} = 1; |
$daemon{'mysql'} = 'mariadb'; |
$daemon{'mysql'} = 'mariadb'; |
} |
} |
|
if (($version >= 8) || ($distro eq 'oracle7')) { |
|
$daemon{'ntp'} = 'chronyd'; |
|
} |
} |
} |
my $nocheck; |
my $nocheck; |
if (! -x $checker_bin) { |
if (! -x $checker_bin) { |
Line 831 sub chkconfig {
|
Line 910 sub chkconfig {
|
return (\%needfix,\%tostop,\%uses_systemctl); |
return (\%needfix,\%tostop,\%uses_systemctl); |
} |
} |
|
|
|
sub check_systemd_security { |
|
my ($distro) = @_; |
|
my $service = 'httpd.service'; |
|
if ($distro =~ /^(suse|sles|ubuntu|debian)/) { |
|
$service = 'apache2.service'; |
|
} |
|
system("systemctl daemon-reload"); |
|
if (open(PIPE,"systemctl show $service --property=ProtectHome 2>/dev/null |")) { |
|
my $protection = <PIPE>; |
|
close(PIPE); |
|
chomp($protection); |
|
if ($protection =~ /^ProtectHome=(read-only|yes)$/i) { |
|
return 1; |
|
} |
|
} else { |
|
print &mt('Could not check systemctl configuration for Apache')."\n"; |
|
} |
|
return 0; |
|
} |
|
|
sub uses_firewalld { |
sub uses_firewalld { |
my ($distro) = @_; |
my ($distro) = @_; |
my ($inuse, $checkfirewalld); |
my ($inuse,$checkfirewalld,$zone); |
if ($distro =~ /^(suse|sles)([\d\.]+)$/) { |
if ($distro =~ /^(suse|sles)([\d\.]+)$/) { |
if (($1 eq 'sles') && ($2 >= 15)) { |
if (($1 eq 'sles') && ($2 >= 15)) { |
$checkfirewalld = 1; |
$checkfirewalld = 1; |
Line 842 sub uses_firewalld {
|
Line 941 sub uses_firewalld {
|
if ($1 >= 18) { |
if ($1 >= 18) { |
$checkfirewalld = 1; |
$checkfirewalld = 1; |
} |
} |
} elsif ($distro =~ /^(?:centos|rhes|scientific)(\d+)/) { |
} elsif ($distro =~ /^(?:centos|rhes|scientific|oracle|rocky|alma)(\d+)/) { |
if ($1 >= 7) { |
if ($1 >= 7) { |
$checkfirewalld = 1; |
$checkfirewalld = 1; |
} |
} |
} |
} |
if ($checkfirewalld) { |
if ($checkfirewalld) { |
my ($loaded,$active); |
my ($loaded,$active); |
if (open(PIPE,"systemctl status firewalld |")) { |
if (open(PIPE,"systemctl status firewalld 2>/dev/null |")) { |
while (<PIPE>) { |
while (<PIPE>) { |
chomp(); |
chomp(); |
if (/^\s*Loaded:\s+(\w+)/) { |
if (/^\s*Loaded:\s+(\w+)/) { |
$loaded = $1; |
$loaded = $1; |
} |
} |
if (/^\s*Active\s+(\w+)/) { |
if (/^\s*Active:\s+(\w+)/) { |
$active = $1; |
$active = $1; |
} |
} |
} |
} |
Line 863 sub uses_firewalld {
|
Line 962 sub uses_firewalld {
|
} |
} |
if (($loaded eq 'loaded') || ($active eq 'active')) { |
if (($loaded eq 'loaded') || ($active eq 'active')) { |
$inuse = 1; |
$inuse = 1; |
|
my $cmd = 'firewall-cmd --get-default-zone'; |
|
if (open(PIPE,"$cmd |")) { |
|
my $result = <PIPE>; |
|
chomp($result); |
|
close(PIPE); |
|
if ($result =~ /^\w+$/) { |
|
$zone = $result; |
|
} |
|
} |
} |
} |
} |
} |
return $inuse; |
return ($inuse,$zone); |
} |
} |
|
|
sub chkfirewall { |
sub chkfirewall { |
Line 876 sub chkfirewall {
|
Line 984 sub chkfirewall {
|
https => 443, |
https => 443, |
); |
); |
my %activefw; |
my %activefw; |
if (&firewall_is_active()) { |
my ($firewalld,$zone) = &uses_firewalld($distro); |
if (&uses_firewalld($distro)) { |
if ($firewalld) { |
my %current; |
my %current; |
if (open(PIPE,'firewall-cmd --permanent --zone=public --list-services |')) { |
if (open(PIPE,'firewall-cmd --permanent --zone='.$zone.' --list-services |')) { |
my $svc = <PIPE>; |
my $svc = <PIPE>; |
close(PIPE); |
close(PIPE); |
chomp($svc); |
chomp($svc); |
map { $current{$_} = 1; } (split(/\s+/,$svc)); |
map { $current{$_} = 1; } (split(/\s+/,$svc)); |
} |
} |
if ($current{'http'} && $current{'https'}) { |
if ($current{'http'} && $current{'https'}) { |
$configfirewall = 0; |
$configfirewall = 0; |
} |
} |
} else { |
} else { |
|
if (&firewall_is_active()) { |
my $iptables = &get_pathto_iptables(); |
my $iptables = &get_pathto_iptables(); |
if ($iptables eq '') { |
if ($iptables eq '') { |
print &mt('Firewall not checked as path to iptables not determined.')."\n"; |
print &mt('Firewall not checked as path to iptables not determined.')."\n"; |
Line 910 sub chkfirewall {
|
Line 1019 sub chkfirewall {
|
print &mt('Firewall not checked as iptables Chains not identified.')."\n"; |
print &mt('Firewall not checked as iptables Chains not identified.')."\n"; |
} |
} |
} |
} |
|
} else { |
|
print &mt('Firewall not enabled.')."\n"; |
} |
} |
} else { |
|
print &mt('Firewall not enabled.')."\n"; |
|
} |
} |
return ($configfirewall,\%activefw); |
return ($configfirewall,\%activefw); |
} |
} |
Line 924 sub chkapache {
|
Line 1033 sub chkapache {
|
my $distname = $1; |
my $distname = $1; |
my $version = $2; |
my $version = $2; |
my ($stdconf,$stdsite); |
my ($stdconf,$stdsite); |
if (($distname eq 'ubuntu') && ($version > 12)) { |
if ((($distname eq 'ubuntu') && ($version > 12)) || |
|
(($distname eq 'debian') && ($version >= 10))) { |
$stdconf = "$instdir/debian-ubuntu/ubuntu14/loncapa_conf"; |
$stdconf = "$instdir/debian-ubuntu/ubuntu14/loncapa_conf"; |
$stdsite = "$instdir/debian-ubuntu/ubuntu14/loncapa_sites"; |
$stdsite = "$instdir/debian-ubuntu/ubuntu14/loncapa_sites"; |
} else { |
} else { |
Line 935 sub chkapache {
|
Line 1045 sub chkapache {
|
print &mt('Warning: No LON-CAPA Apache configuration file found for installation check.')."\n"; |
print &mt('Warning: No LON-CAPA Apache configuration file found for installation check.')."\n"; |
} else { |
} else { |
my ($configfile,$sitefile); |
my ($configfile,$sitefile); |
if (($distname eq 'ubuntu') && ($version > 12)) { |
if ((($distname eq 'ubuntu') && ($version > 12)) || |
$sitefile = '/etc/apache2/sites-available/loncapa'; |
(($distname eq 'debian') && ($version >= 10))) { |
$configfile = "/etc/apache2/conf-available/loncapa"; |
$sitefile = '/etc/apache2/sites-available/loncapa.conf'; |
|
$configfile = '/etc/apache2/conf-available/loncapa.conf'; |
} else { |
} else { |
$configfile = "/etc/apache2/sites-available/loncapa"; |
$configfile = '/etc/apache2/sites-available/loncapa'; |
} |
} |
if (($configfile ne '') && (-e $configfile) && (-e $stdconf)) { |
if (($configfile ne '') && (-e $configfile) && (-e $stdconf)) { |
if (open(PIPE, "diff --brief $stdconf $configfile |")) { |
if (open(PIPE, "diff --brief $stdconf $configfile |")) { |
Line 951 sub chkapache {
|
Line 1062 sub chkapache {
|
} |
} |
} |
} |
} |
} |
if ((!$fixapache) && ($distname eq 'ubuntu') && ($version > 12)) { |
if ((!$fixapache) && ((($distname eq 'ubuntu') && ($version > 12)) || |
|
(($distname eq 'debian') && ($version >= 10)))) { |
if (($sitefile ne '') && (-e $sitefile) && (-e $stdsite)) { |
if (($sitefile ne '') && (-e $sitefile) && (-e $stdsite)) { |
if (open(PIPE, "diff --brief $stdsite $sitefile |")) { |
if (open(PIPE, "diff --brief $stdsite $sitefile |")) { |
my $diffres = <PIPE>; |
my $diffres = <PIPE>; |
close(PIPE); |
close(PIPE); |
chomp($diffres); |
chomp($diffres); |
unless ($diffres) { |
if ($diffres) { |
|
$fixapache = 1; |
|
} else { |
$fixapache = 0; |
$fixapache = 0; |
} |
} |
} |
} |
Line 971 sub chkapache {
|
Line 1085 sub chkapache {
|
} |
} |
} |
} |
} |
} |
|
if ((!$fixapache) && (($distname eq 'ubuntu') || ($distname eq 'debian'))) { |
|
my $sitestatus = "/etc/apache2/mods-available/status.conf"; |
|
my $stdstatus = "$instdir/debian-ubuntu/status.conf"; |
|
if ((-e $stdstatus) && (-e $sitestatus)) { |
|
if (open(PIPE, "diff --brief $stdstatus $sitestatus |")) { |
|
my $diffres = <PIPE>; |
|
close(PIPE); |
|
chomp($diffres); |
|
if ($diffres) { |
|
$fixapache = 1; |
|
} |
|
} |
|
} |
|
} |
} elsif ($distro =~ /^(suse|sles)([\d\.]+)$/) { |
} elsif ($distro =~ /^(suse|sles)([\d\.]+)$/) { |
my ($name,$version) = ($1,$2); |
my ($name,$version) = ($1,$2); |
my $apache = 'apache'; |
my $apache = 'apache'; |
my $conf_file = "$instdir/sles-suse/default-server.conf"; |
my $conf_file = "$instdir/sles-suse/default-server.conf"; |
if ($version >= 10) { |
if ($version >= 10) { |
$apache = 'apache2'; |
$apache = 'apache2'; |
} |
} |
if (($name eq 'sles') && ($version >= 12)) { |
if (($name eq 'sles') && ($version >= 12)) { |
$conf_file = "$instdir/sles-suse/apache2.4/default-server.conf"; |
$conf_file = "$instdir/sles-suse/apache2.4/default-server.conf"; |
} |
} |
if (!-e "$conf_file") { |
if (!-e $conf_file) { |
$fixapache = 0; |
$fixapache = 0; |
print &mt('Warning: No LON-CAPA Apache configuration file found for installation check.')."\n"; |
print &mt('Warning: No LON-CAPA Apache configuration file found for installation check.')."\n"; |
} elsif (-e "/etc/$apache/default-server.conf") { |
} elsif (-e "/etc/$apache/default-server.conf") { |
Line 1010 sub chkapache {
|
Line 1138 sub chkapache {
|
} |
} |
} else { |
} else { |
my $configfile = 'httpd.conf'; |
my $configfile = 'httpd.conf'; |
if ($distro =~ /^(?:centos|rhes|scientific)(\d+)$/) { |
my $mpmfile = 'mpm.conf'; |
|
if ($distro =~ /^(?:centos|rhes|scientific|oracle|rocky|alma)(\d+)/) { |
if ($1 >= 7) { |
if ($1 >= 7) { |
$configfile = 'apache2.4/httpd.conf'; |
$configfile = 'apache2.4/httpd.conf'; |
} elsif ($1 > 5) { |
} elsif ($1 > 5) { |
Line 1018 sub chkapache {
|
Line 1147 sub chkapache {
|
} |
} |
} elsif ($distro =~ /^fedora(\d+)$/) { |
} elsif ($distro =~ /^fedora(\d+)$/) { |
if ($1 > 17) { |
if ($1 > 17) { |
$configfile = 'apache2.4/httpd.conf'; |
$configfile = 'apache2.4/httpd.conf'; |
} elsif ($1 > 10) { |
} elsif ($1 > 10) { |
$configfile = 'new/httpd.conf'; |
$configfile = 'new/httpd.conf'; |
} |
} |
Line 1036 sub chkapache {
|
Line 1165 sub chkapache {
|
} |
} |
} |
} |
} |
} |
|
if (-e "/etc/httpd/conf.modules.d/00-mpm.conf") { |
|
if (!-e "$instdir/centos-rhes-fedora-sl/$mpmfile") { |
|
print &mt('Warning: No LON-CAPA Apache MPM configuration file found for installation check.')."\n"; |
|
} elsif ((-e "/etc/httpd/conf.modules.d/00-mpm.conf") && (-e "$instdir/centos-rhes-fedora-sl/$mpmfile")) { |
|
if (open(PIPE, "diff --brief $instdir/centos-rhes-fedora-sl/$mpmfile /etc/httpd/conf.modules.d/00-mpm.conf |")) { |
|
my $diffres = <PIPE>; |
|
close(PIPE); |
|
chomp($diffres); |
|
if ($diffres) { |
|
$fixapache = 1; |
|
} |
|
} |
|
} |
|
} |
} |
} |
return $fixapache; |
return $fixapache; |
} |
} |
Line 1293 sub chkapachessl {
|
Line 1436 sub chkapachessl {
|
foreach my $file (sort(keys(%{$sslfiles{$key}}))) { |
foreach my $file (sort(keys(%{$sslfiles{$key}}))) { |
unless ((-l "$enabled_dir/$file") && |
unless ((-l "$enabled_dir/$file") && |
(readlink("$enabled_dir/$file") eq "$ssldir/$file")) { |
(readlink("$enabled_dir/$file") eq "$ssldir/$file")) { |
print_and_log(&mt("Warning, use: 'sudo a2ensite $file' to activate LON-CAPA SSL Apache config\n")); |
if ($distro =~ /^debian(\d+)$/) { |
|
print_and_log(&mt("Warning, use: 'a2ensite $file' to activate LON-CAPA SSL Apache config\n")); |
|
} elsif ($distro =~ /^ubuntu(\d+)$/) { |
|
print_and_log(&mt("Warning, use: 'sudo a2ensite $file' to activate LON-CAPA SSL Apache config\n")); |
|
} |
} |
} |
} |
} |
} |
} |
Line 1364 sub chksrvcs {
|
Line 1511 sub chksrvcs {
|
} |
} |
|
|
sub need_download { |
sub need_download { |
|
my ($distro,$instdir) = @_; |
my $needs_download = 1; |
my $needs_download = 1; |
my ($production,$testing,$stdsizes) = &download_versionslist(); |
my ($production,$testing,$stdsizes) = &download_versionslist(); |
my ($rootdir,$localcurrent,$localtesting,%tarball,%localsize,%bymodtime, |
my ($localcurrent,$localtesting,%tarball,%localsize,%bymodtime, |
%bysize,$filetouse,$downloadstatus); |
%bysize,$filetouse,$downloadstatus); |
$rootdir = '/root'; |
if (opendir(my $dir,$instdir)) { |
if (opendir(my $dir,"$rootdir")) { |
|
my (@lcdownloads,$version); |
my (@lcdownloads,$version); |
foreach my $file (readdir($dir)) { |
foreach my $file (readdir($dir)) { |
if ($file =~ /^loncapa\-([\w\-.]+)\.tar\.gz$/) { |
if ($file =~ /^loncapa\-([\w\-.]+)\.tar\.gz$/) { |
Line 1379 sub need_download {
|
Line 1526 sub need_download {
|
} |
} |
if (ref($stdsizes) eq 'HASH') { |
if (ref($stdsizes) eq 'HASH') { |
if ($version eq 'current') { |
if ($version eq 'current') { |
my @stats = stat("$rootdir/$file"); |
my @stats = stat("$instdir/$file"); |
$localcurrent = $stats[7]; |
$localcurrent = $stats[7]; |
if ($localcurrent == $stdsizes->{$production}) { |
if ($localcurrent == $stdsizes->{$production}) { |
$needs_download = 0; |
$needs_download = 0; |
$filetouse = $file; |
$filetouse = $file; |
} |
} |
} elsif ($version eq 'testing') { |
} elsif ($version eq 'testing') { |
my @stats = stat("$rootdir/$file"); |
my @stats = stat("$instdir/$file"); |
$localtesting = $stats[7]; |
$localtesting = $stats[7]; |
if ($localtesting == $stdsizes->{$testing}) { |
if ($localtesting == $stdsizes->{$testing}) { |
$needs_download = 0; |
$needs_download = 0; |
Line 1400 sub need_download {
|
Line 1547 sub need_download {
|
if ($needs_download) { |
if ($needs_download) { |
if (@lcdownloads > 0) { |
if (@lcdownloads > 0) { |
foreach my $version (@lcdownloads) { |
foreach my $version (@lcdownloads) { |
my @stats = stat("$rootdir/$tarball{$version}"); |
my @stats = stat("$instdir/$tarball{$version}"); |
my $mtime = $stats[9]; |
my $mtime = $stats[9]; |
$localsize{$version} = $stats[7]; |
$localsize{$version} = $stats[7]; |
if ($mtime) { |
if ($mtime) { |
Line 1433 sub need_download {
|
Line 1580 sub need_download {
|
my $newest = $sorted[0]; |
my $newest = $sorted[0]; |
if (ref($bymodtime{$newest}) eq 'ARRAY') { |
if (ref($bymodtime{$newest}) eq 'ARRAY') { |
$downloadstatus = |
$downloadstatus = |
"Latest LON-CAPA source download in $rootdir is: ". |
"Latest LON-CAPA source download in $instdir is: ". |
join(',',@{$bymodtime{$newest}})." (downloaded ". |
join(',',@{$bymodtime{$newest}})." (downloaded ". |
localtime($newest).")\n"; |
localtime($newest).")\n"; |
} |
} |
} else { |
} else { |
$downloadstatus = |
$downloadstatus = |
"The $rootdir directory already contains the latest LON-CAPA version:". |
"The $instdir directory already contains the latest LON-CAPA version:". |
"\n".$filetouse."\n"."which can be used for installation.\n"; |
"\n".$filetouse."\n"."which can be used for installation.\n"; |
} |
} |
} else { |
} else { |
$downloadstatus = "The $rootdir directory does not appear to contain any downloaded LON-CAPA source code files which can be used for installation.\n"; |
$downloadstatus = "The $instdir directory does not appear to contain any downloaded LON-CAPA source code files which can be used for installation.\n"; |
} |
} |
} |
} |
} else { |
} else { |
$downloadstatus = "Could not open $rootdir directory to look for existing downloads of LON-CAPA source code.\n"; |
$downloadstatus = "Could not open $instdir directory to look for existing downloads of LON-CAPA source code.\n"; |
} |
} |
return ($needs_download,$downloadstatus,$filetouse,$production,$testing); |
return ($needs_download,$downloadstatus,$filetouse,$production,$testing); |
} |
} |
|
|
sub check_mysql_setup { |
sub check_mysql_setup { |
my ($instdir,$dsn,$distro,$mysql_has_wwwuser) = @_; |
my ($instdir,$dsn,$distro) = @_; |
my ($mysqlsetup,$has_pass); |
my ($mysqlsetup,$has_pass,$mysql_unix_socket,$mysql_has_wwwuser); |
my $dbh = DBI->connect($dsn,'root','',{'PrintError'=>0}); |
my $dbh = DBI->connect($dsn,'root','',{'PrintError'=>0}); |
|
my ($mysqlversion,$mysqlminorversion,$mysqlsubver,$mysqlname) = &get_mysql_version(); |
|
if (($mysqlname =~ /^MariaDB/i) && (($mysqlversion == 10 && $mysqlminorversion >= 4) || ($mysqlversion >= 11))) { |
|
if ($dbh) { |
|
my $sth = $dbh->prepare("SELECT Priv FROM mysql.global_priv WHERE (User = 'root' AND Host ='localhost')"); |
|
$sth->execute(); |
|
while (my $priv = $sth->fetchrow_array) { |
|
if ($priv =~ /unix_socket/) { |
|
$mysql_unix_socket = 1; |
|
last; |
|
} |
|
} |
|
$sth->finish(); |
|
if ($mysql_unix_socket) { |
|
print_and_log(&mt('MariaDB using unix_socket for root access from localhost.')."\n"); |
|
$mysqlsetup = 'rootok'; |
|
$mysql_has_wwwuser = &check_mysql_wwwuser($dbh); |
|
return ($mysqlsetup,$has_pass,$dbh,$mysql_has_wwwuser,$mysql_unix_socket); |
|
} |
|
} |
|
} |
if ($dbh) { |
if ($dbh) { |
$mysqlsetup = 'noroot'; |
$mysqlsetup = 'noroot'; |
|
if (($mysqlname !~ /^MariaDB/i) && (($mysqlversion == 5 && $mysqlminorversion >= 7) || ($mysqlversion >= 6))) { |
|
my $sth = $dbh->prepare("SELECT plugin from mysql.user where User='root'"); |
|
$sth->execute(); |
|
while (my $priv = $sth->fetchrow_array) { |
|
if ($priv =~ /auth_socket/) { |
|
$mysql_unix_socket = 1; |
|
last; |
|
} |
|
} |
|
$sth->finish(); |
|
if ($mysql_unix_socket) { |
|
print_and_log(&mt('MySQL using unix_socket for root access from localhost.')."\n"); |
|
$mysqlsetup = 'rootok'; |
|
$mysql_has_wwwuser = &check_mysql_wwwuser($dbh); |
|
return ($mysqlsetup,$has_pass,$dbh,$mysql_has_wwwuser,$mysql_unix_socket); |
|
} |
|
} |
} elsif ($DBI::err =~ /1045/) { |
} elsif ($DBI::err =~ /1045/) { |
$has_pass = 1; |
$has_pass = 1; |
} elsif ($distro =~ /^ubuntu(\d+)$/) { |
} elsif ($distro =~ /^ubuntu(\d+)$/) { |
Line 1470 sub check_mysql_setup {
|
Line 1654 sub check_mysql_setup {
|
} |
} |
close(PIPE); |
close(PIPE); |
} |
} |
unless ($mysql_has_wwwuser) { |
|
$mysql_has_wwwuser = &check_mysql_wwwuser(); |
|
} |
|
$dbh = DBI->connect($dsn,'root','',{'PrintError'=>0}); |
$dbh = DBI->connect($dsn,'root','',{'PrintError'=>0}); |
if ($dbh) { |
if ($dbh) { |
$mysqlsetup = 'noroot'; |
$mysqlsetup = 'noroot'; |
|
$mysql_has_wwwuser = &check_mysql_wwwuser($dbh); |
} elsif ($DBI::err =~ /1045/) { |
} elsif ($DBI::err =~ /1045/) { |
$has_pass = 1; |
$has_pass = 1; |
} else { |
} else { |
$mysqlsetup = 'needsrestart'; |
$mysqlsetup = 'needsrestart'; |
|
$mysql_has_wwwuser = &check_mysql_wwwuser(); |
return ($mysqlsetup,$has_pass,$dbh,$mysql_has_wwwuser); |
return ($mysqlsetup,$has_pass,$dbh,$mysql_has_wwwuser); |
} |
} |
} |
} |
Line 1491 sub check_mysql_setup {
|
Line 1674 sub check_mysql_setup {
|
if ($dbh) { |
if ($dbh) { |
$mysqlsetup = 'rootok'; |
$mysqlsetup = 'rootok'; |
print_and_log(&mt('Password accepted.')."\n"); |
print_and_log(&mt('Password accepted.')."\n"); |
|
$mysql_has_wwwuser = &check_mysql_wwwuser($dbh); |
} else { |
} else { |
$mysqlsetup = 'rootfail'; |
$mysqlsetup = 'rootfail'; |
print_and_log(&mt('Problem accessing MySQL.')."\n"); |
print_and_log(&mt('Problem accessing MySQL.')."\n"); |
Line 1502 sub check_mysql_setup {
|
Line 1686 sub check_mysql_setup {
|
if ($dbh) { |
if ($dbh) { |
$mysqlsetup = 'rootok'; |
$mysqlsetup = 'rootok'; |
print_and_log(&mt('Password accepted.')."\n"); |
print_and_log(&mt('Password accepted.')."\n"); |
|
$mysql_has_wwwuser = &check_mysql_wwwuser($dbh); |
} else { |
} else { |
if ($DBI::err =~ /1045/) { |
if ($DBI::err =~ /1045/) { |
print_and_log(&mt('Incorrect password.')."\n"); |
print_and_log(&mt('Incorrect password.')."\n"); |
} |
} |
|
$mysql_has_wwwuser = &check_mysql_wwwuser(); |
} |
} |
} |
} |
} |
} |
} elsif ($mysqlsetup ne 'noroot') { |
} elsif ($mysqlsetup ne 'noroot') { |
print_and_log(&mt('Problem accessing MySQL.')."\n"); |
print_and_log(&mt('Problem accessing MySQL.')."\n"); |
$mysqlsetup = 'rootfail'; |
$mysqlsetup = 'rootfail'; |
|
$mysql_has_wwwuser = &check_mysql_wwwuser(); |
} |
} |
return ($mysqlsetup,$has_pass,$dbh,$mysql_has_wwwuser); |
return ($mysqlsetup,$has_pass,$dbh,$mysql_has_wwwuser); |
} |
} |
|
|
sub check_mysql_wwwuser { |
sub check_mysql_wwwuser { |
|
my ($dbh) = @_; |
my $mysql_wwwuser; |
my $mysql_wwwuser; |
my $dbhn = DBI->connect("DBI:mysql:database=information_schema",'www','localhostkey', |
if ($dbh) { |
{PrintError => +0}) || return; |
$mysql_wwwuser = $dbh->selectrow_array("SELECT COUNT(User) FROM mysql.user WHERE (User = 'www' AND Host ='localhost')"); |
if ($dbhn) { |
} else { |
$mysql_wwwuser = 1; |
my $dbhn = DBI->connect("DBI:mysql:database=information_schema",'www','localhostkey', |
$dbhn->disconnect; |
{PrintError => +0}) || return; |
|
if ($dbhn) { |
|
$mysql_wwwuser = 1; |
|
$dbhn->disconnect; |
|
} |
} |
} |
return $mysql_wwwuser; |
return $mysql_wwwuser; |
} |
} |
Line 1558 sub get_pathto_iptables {
|
Line 1750 sub get_pathto_iptables {
|
|
|
sub firewall_is_active { |
sub firewall_is_active { |
if (-e '/proc/net/ip_tables_names') { |
if (-e '/proc/net/ip_tables_names') { |
|
my $status; |
if (open(PIPE,'cat /proc/net/ip_tables_names |grep filter |')) { |
if (open(PIPE,'cat /proc/net/ip_tables_names |grep filter |')) { |
my $status = <PIPE>; |
$status = <PIPE>; |
close(PIPE); |
close(PIPE); |
chomp($status); |
chomp($status); |
if ($status eq 'filter') { |
if ($status eq 'filter') { |
return 1; |
return 1; |
} |
} |
} |
} |
|
unless ($status) { |
|
if (open(PIPE,'nft list tables |')) { |
|
while(<PIPE>) { |
|
chomp(); |
|
if (/filter$/) { |
|
$status = 1; |
|
last; |
|
} |
|
} |
|
close(PIPE); |
|
if ($status) { |
|
return 1; |
|
} |
|
} |
|
} |
} |
} |
return 0; |
return 0; |
} |
} |
Line 1727 print "
|
Line 1935 print "
|
".&mt('3.')." ".&mt('Set-up the MySQL database.')." |
".&mt('3.')." ".&mt('Set-up the MySQL database.')." |
".&mt('4.')." ".&mt('Set-up MySQL permissions.')." |
".&mt('4.')." ".&mt('Set-up MySQL permissions.')." |
".&mt('5.')." ".&mt('Configure Apache web server.')." |
".&mt('5.')." ".&mt('Configure Apache web server.')." |
".&mt('6.')." ".&mt('Configure SSL for Apache web server.')." |
".&mt('6.')." ".&mt('Configure systemd security settings for Apache web server.')." |
".&mt('7.')." ".&mt('Configure start-up of services.')." |
".&mt('7.')." ".&mt('Configure SSL for Apache web server.')." |
".&mt('8.')." ".&mt('Check firewall settings.')." |
".&mt('8.')." ".&mt('Configure start-up of services.')." |
".&mt('9.')." ".&mt('Stop services not used by LON-CAPA,')." |
".&mt('9.')." ".&mt('Check firewall settings.')." |
|
".&mt('10.')." ".&mt('Stop services not used by LON-CAPA,')." |
".&mt('i.e., services for a print server: [_1] daemon.',"'cups'")." |
".&mt('i.e., services for a print server: [_1] daemon.',"'cups'")." |
".&mt('10.')." ".&mt('Download LON-CAPA source code in readiness for installation.')." |
".&mt('11.')." ".&mt('Download LON-CAPA source code in readiness for installation.')." |
|
|
".&mt('Typically, you will run this script only once, when you first install LON-CAPA.')." |
".&mt('Typically, you will run this script only once, when you first install LON-CAPA.')." |
|
|
Line 1761 my $instdir = `pwd`;
|
Line 1970 my $instdir = `pwd`;
|
chomp($instdir); |
chomp($instdir); |
|
|
my %callsub; |
my %callsub; |
my @actions = ('wwwuser','pwauth','mysql','mysqlperms','apache', |
my @actions = ('wwwuser','pwauth','mysql','mysqlperms','apache','systemd', |
'apachessl','runlevels','firewall','stopsrvcs','download'); |
'apachessl','runlevels','firewall','stopsrvcs','download'); |
my %prompts = &texthash( |
my %prompts = &texthash( |
wwwuser => "Create the 'www' user?", |
wwwuser => "Create the 'www' user?", |
Line 1769 my %prompts = &texthash(
|
Line 1978 my %prompts = &texthash(
|
mysql => 'Set-up the MySQL database?', |
mysql => 'Set-up the MySQL database?', |
mysqlperms => 'Set-up MySQL permissions?', |
mysqlperms => 'Set-up MySQL permissions?', |
apache => 'Configure Apache web server?', |
apache => 'Configure Apache web server?', |
apachessl => 'Configure SSL for Apache web server?', |
systemd => 'Configure systemd security settings for Apache web server?', |
|
apachessl => 'Configure SSL for Apache web server?', |
runlevels => 'Set overrides for start-up order of services?', |
runlevels => 'Set overrides for start-up order of services?', |
firewall => 'Configure firewall settings for Apache', |
firewall => 'Configure firewall settings for Apache', |
stopsrvcs => 'Stop extra services not required on a LON-CAPA server?', |
stopsrvcs => 'Stop extra services not required on a LON-CAPA server?', |
Line 1780 print "\n".&mt('Checking system status .
|
Line 1990 print "\n".&mt('Checking system status .
|
|
|
my $dsn = "DBI:mysql:database=mysql"; |
my $dsn = "DBI:mysql:database=mysql"; |
my ($distro,$gotprereqs,$localecmd,$packagecmd,$updatecmd,$installnow,$mysqlrestart, |
my ($distro,$gotprereqs,$localecmd,$packagecmd,$updatecmd,$installnow,$mysqlrestart, |
$recommended,$dbh,$has_pass,$has_lcdb,$downloadstatus,$filetouse,$production, |
$recommended,$dbh,$has_pass,$mysql_unix_socket,$has_lcdb,$downloadstatus, |
$testing,$apachefw,$uses_systemctl,$hostname,$hostip,$sslhostsfiles,$has_std, |
$filetouse,$production,$testing,$apachefw,$uses_systemctl,$hostname,$hostip, |
$has_int,$rewritenum,$nochgstd,$nochgint) = &check_required($instdir,$dsn); |
$sslhostsfiles,$has_std,$has_int,$rewritenum,$nochgstd,$nochgint) = |
|
&check_required($instdir,$dsn); |
if ($distro eq '') { |
if ($distro eq '') { |
print "\n".&mt('Linux distribution could not be verified as a supported distribution.')."\n". |
print "\n".&mt('Linux distribution could not be verified as a supported distribution.')."\n". |
&mt('The following are supported: [_1].', |
&mt('The following are supported: [_1].', |
'CentOS, RedHat Enterprise, Fedora, Scientific Linux, '. |
'CentOS, RedHat Enterprise, Fedora, Scientific Linux, '. |
'openSuSE, SLES, Ubuntu LTS, Debian')."\n\n". |
'Oracle Linux, openSuSE, SLES, Ubuntu LTS, Debian')."\n\n". |
&mt('Stopping execution.')."\n"; |
&mt('Stopping execution.')."\n"; |
exit; |
exit; |
} |
} |
Line 1810 if (!$gotprereqs) {
|
Line 2021 if (!$gotprereqs) {
|
&mt('The following command can be used to install the package (and dependencies):')."\n\n". |
&mt('The following command can be used to install the package (and dependencies):')."\n\n". |
$updatecmd."\n\n"; |
$updatecmd."\n\n"; |
if ($installnow eq '') { |
if ($installnow eq '') { |
|
print &mt('Stopping execution.')."\n"; |
exit; |
exit; |
} else { |
} else { |
print &mt('Run command? ~[Y/n~]'); |
print &mt('Run command? ~[Y/n~]'); |
Line 1824 if (!$gotprereqs) {
|
Line 2036 if (!$gotprereqs) {
|
exit; |
exit; |
} else { |
} else { |
($distro,$gotprereqs,$localecmd,$packagecmd,$updatecmd,$installnow, |
($distro,$gotprereqs,$localecmd,$packagecmd,$updatecmd,$installnow, |
$mysqlrestart,$recommended,$dbh,$has_pass,$has_lcdb,$downloadstatus, |
$mysqlrestart,$recommended,$dbh,$has_pass,$mysql_unix_socket, |
$filetouse,$production,$testing,$apachefw,$uses_systemctl) = |
$has_lcdb,$downloadstatus,$filetouse,$production,$testing,$apachefw, |
&check_required($instdir,$dsn); |
$uses_systemctl,$hostname,$hostip,$sslhostsfiles,$has_std,$has_int, |
|
$rewritenum,$nochgstd,$nochgint) = &check_required($instdir,$dsn); |
} |
} |
} else { |
} else { |
print &mt('Failed to run command to install LONCAPA-prerequisites')."\n"; |
print &mt('Failed to run command to install LONCAPA-prerequisites')."\n"; |
Line 1880 my $lctarball = 'loncapa-current.tar.gz'
|
Line 2093 my $lctarball = 'loncapa-current.tar.gz'
|
my $sourcetarball = $lctarball; |
my $sourcetarball = $lctarball; |
if ($callsub{'download'}) { |
if ($callsub{'download'}) { |
my ($production,$testing,$sizes) = &download_versionslist(); |
my ($production,$testing,$sizes) = &download_versionslist(); |
|
my $homedir = '/root'; |
|
if ($distro =~ /^ubuntu/) { |
|
if ($instdir ne $homedir) { |
|
($homedir) = ($instdir =~ m{^(.*)/[^/]+$}); |
|
} |
|
} |
if ($production && $testing) { |
if ($production && $testing) { |
if ($production ne $testing) { |
if ($production ne $testing) { |
print &mt('Two recent LON-CAPA releases are available: ')."\n". |
print &mt('Two recent LON-CAPA releases are available: ')."\n". |
&mt('1.').' '.&mt('A production release - version: [_1].',$production)."\n". |
&mt('1.').' '.&mt('A production release - version: [_1].',$production)."\n". |
&mt('2.').' '.&mt('A testing release - version: [_1].',$testing)."\n\n". |
&mt('2.').' '.&mt('A testing release - version: [_1].',$testing)."\n\n". |
&mt('Download the production release? ~[Y/n~]'); |
&mt("After download, the tar.gz file will be extracted into $homedir")."\n\n". |
|
&mt("Download the production release into $instdir? ~[Y/n~]"); |
if (&get_user_selection(1)) { |
if (&get_user_selection(1)) { |
$sourcetarball = 'loncapa-'.$production.'.tar.gz'; |
$sourcetarball = 'loncapa-'.$production.'.tar.gz'; |
|
print "$sourcetarball will be downloaded into $instdir\n"; |
} else { |
} else { |
print "\n".&mt('Download the testing release? ~[Y/n~]'); |
print "\n".&mt('Download the testing release? ~[Y/n~]'); |
if (&get_user_selection(1)) { |
if (&get_user_selection(1)) { |
$sourcetarball = 'loncapa-'.$testing.'.tar.gz'; |
$sourcetarball = 'loncapa-'.$testing.'.tar.gz'; |
|
print "$sourcetarball will be downloaded into $instdir\n"; |
|
} else { |
|
$callsub{'download'} = 0; |
} |
} |
} |
} |
} |
} |
} elsif ($production) { |
} elsif ($production) { |
print &mt('The most recent LON-CAPA release is version: [_1].',$production)."\n". |
print &mt('The most recent LON-CAPA release is version: [_1].',$production)."\n". |
&mt('Download the production release? ~[Y/n~]'); |
&mt("After download, the tar.gz file will be extracted into $homedir")."\n\n". |
|
&mt("Download the production release into $instdir? ~[Y/n~]"); |
if (&get_user_selection(1)) { |
if (&get_user_selection(1)) { |
$sourcetarball = 'loncapa-'.$production.'.tar.gz'; |
$sourcetarball = 'loncapa-'.$production.'.tar.gz'; |
|
print "$sourcetarball will be downloaded into $instdir\n"; |
|
} else { |
|
$callsub{'download'} = 0; |
} |
} |
} |
} |
} elsif ($filetouse ne '') { |
} elsif ($filetouse ne '') { |
Line 1923 if ($callsub{'pwauth'}) {
|
Line 2151 if ($callsub{'pwauth'}) {
|
|
|
if ($callsub{'mysql'}) { |
if ($callsub{'mysql'}) { |
if ($dbh) { |
if ($dbh) { |
&setup_mysql($callsub{'mysqlperms'},$distro,$dbh,$has_pass,$has_lcdb); |
&setup_mysql($callsub{'mysqlperms'},$dbh,$has_pass, |
|
$mysql_unix_socket,$has_lcdb,$distro); |
} else { |
} else { |
print &mt('Unable to configure MySQL because access is denied.')."\n"; |
print &mt('Unable to configure MySQL because access is denied.')."\n"; |
} |
} |
Line 1931 if ($callsub{'mysql'}) {
|
Line 2160 if ($callsub{'mysql'}) {
|
&print_and_log(&mt('Skipping configuration of MySQL.')."\n"); |
&print_and_log(&mt('Skipping configuration of MySQL.')."\n"); |
if ($callsub{'mysqlperms'}) { |
if ($callsub{'mysqlperms'}) { |
if ($dbh) { |
if ($dbh) { |
&setup_mysql_permissions($dbh,$has_pass); |
&setup_mysql_permissions($dbh,$has_pass,$mysql_unix_socket); |
} else { |
} else { |
print &mt('Unable to configure MySQL because access is denied.')."\n"; |
print &mt('Unable to configure MySQL because access is denied.')."\n"; |
} |
} |
Line 1954 if ($callsub{'apache'}) {
|
Line 2183 if ($callsub{'apache'}) {
|
©_apache2_debconf($instdir,$distro,$hostname); |
©_apache2_debconf($instdir,$distro,$hostname); |
} else { |
} else { |
©_httpd_conf($instdir,$distro,$hostname); |
©_httpd_conf($instdir,$distro,$hostname); |
|
©_mpm_conf($instdir,$distro); |
} |
} |
} else { |
} else { |
print_and_log(&mt('Skipping configuration of Apache web server.')."\n"); |
print_and_log(&mt('Skipping configuration of Apache web server.')."\n"); |
} |
} |
|
|
|
if ($callsub{'systemd'}) { |
|
&check_systemd_update($distro); |
|
} else { |
|
print_and_log('Skipping systemd configuration update for web server'); |
|
} |
|
|
if ($callsub{'apachessl'}) { |
if ($callsub{'apachessl'}) { |
my $targetdir = '/etc/httpd/conf.d'; |
my $targetdir = '/etc/httpd/conf.d'; |
if ($distro =~ /^(suse|sles)/) { |
if ($distro =~ /^(suse|sles)/) { |
Line 2023 if ($callsub{'runlevels'}) {
|
Line 2259 if ($callsub{'runlevels'}) {
|
} |
} |
|
|
if ($callsub{'firewall'}) { |
if ($callsub{'firewall'}) { |
if (&uses_firewalld($distro)) { |
my ($firewalld,$zone) = &uses_firewalld($distro); |
|
if ($firewalld) { |
my (%current,%added); |
my (%current,%added); |
if (open(PIPE,'firewall-cmd --permanent --zone=public --list-services |')) { |
if (open(PIPE,"firewall-cmd --permanent --zone=$zone --list-services |")) { |
my $svc = <PIPE>; |
my $svc = <PIPE>; |
close(PIPE); |
close(PIPE); |
chomp($svc); |
chomp($svc); |
Line 2033 if ($callsub{'firewall'}) {
|
Line 2270 if ($callsub{'firewall'}) {
|
} |
} |
foreach my $service ('http','https') { |
foreach my $service ('http','https') { |
unless ($current{$service}) { |
unless ($current{$service}) { |
if (open(PIPE,"firewall-cmd --permanent --zone=public --add-service=$service |")) { |
if (open(PIPE,"firewall-cmd --permanent --zone=$zone --add-service=$service |")) { |
my $result = <PIPE>; |
my $result = <PIPE>; |
if ($result =~ /^success/) { |
if ($result =~ /^success/) { |
$added{$service} = 1; |
$added{$service} = 1; |
Line 2044 if ($callsub{'firewall'}) {
|
Line 2281 if ($callsub{'firewall'}) {
|
if (keys(%added) > 0) { |
if (keys(%added) > 0) { |
print &mt('Firewall configured to allow access for: [_1].', |
print &mt('Firewall configured to allow access for: [_1].', |
join(', ',sort(keys(%added))))."\n"; |
join(', ',sort(keys(%added))))."\n"; |
|
system('firewall-cmd --reload'); |
} |
} |
if ($current{'http'} || $current{'https'}) { |
if ($current{'http'} || $current{'https'}) { |
print &mt('Firewall already configured to allow access for:[_1].', |
print &mt('Firewall already configured to allow access for:[_1].', |
(($current{'http'})? ' http':'').(($current{'https'})? ' https':''))."\n"; |
(($current{'http'})? ' http':'').(($current{'https'})? ' https':''))."\n"; |
} |
} |
unless ($current{'ssh'}) { |
unless ($current{'ssh'}) { |
print &mt('If you would the like to allow access to ssh from outside, use the command[_1].', |
print &mt('If you would like to allow access to ssh from outside, use the commands:')."\n". |
'firewall-cmd --permanent --zone=public --add-service=ssh')."\n"; |
"firewall-cmd --permanent --zone=$zone --add-service=ssh\n". |
|
"firewall-cmd --reload\n"; |
} |
} |
} elsif ($distro =~ /^(suse|sles)/) { |
} elsif ($distro =~ /^(suse|sles)/) { |
print &mt('Use [_1] to configure the firewall to allow access for [_2].', |
print &mt('Use [_1] to configure the firewall to allow access for [_2].', |
Line 2073 if ($callsub{'firewall'}) {
|
Line 2312 if ($callsub{'firewall'}) {
|
} |
} |
} |
} |
} |
} |
} elsif ($distro =~ /^scientific/) { |
} elsif ($distro =~ /^(scientific|oracle)/) { |
print &mt('Use [_1] to configure the firewall to allow access for [_2].', |
print &mt('Use [_1] to configure the firewall to allow access for [_2].', |
'system-config-firewall-tui -- Customize', |
'system-config-firewall-tui -- Customize', |
'ssh, http')."\n"; |
'ssh, http')."\n"; |
} else { |
} else { |
print &mt('Use [_1] to configure the firewall to allow access for [_2].', |
my $version; |
'setup -- Firewall configuration -> Customize', |
if ($distro =~ /^(redhat|centos|rocky|alma)(\d+)/) { |
'ssh, http, https')."\n"; |
$version = $1; |
|
} |
|
if ($version > 5) { |
|
print &mt('Use [_1] to configure the firewall to allow access for [_2].', |
|
'system-config-firewall-tui -- Customize', |
|
'ssh, http')."\n"; |
|
} else { |
|
print &mt('Use [_1] to configure the firewall to allow access for [_2].', |
|
'setup -- Firewall configuration -> Customize', |
|
'ssh, http, https')."\n"; |
|
} |
} |
} |
} else { |
} else { |
&print_and_log(&mt('Skipping Firewall configuration.')."\n"); |
&print_and_log(&mt('Skipping Firewall configuration.')."\n"); |
Line 2100 if ($callsub{'download'}) {
|
Line 2349 if ($callsub{'download'}) {
|
print &mt('LON-CAPA is available for download from: [_1]', |
print &mt('LON-CAPA is available for download from: [_1]', |
'http://install.loncapa.org/')."\n"; |
'http://install.loncapa.org/')."\n"; |
if (!-e '/etc/loncapa-release') { |
if (!-e '/etc/loncapa-release') { |
&print_and_log(&mt('LON-CAPA is not yet installed on your system.'). |
&print_and_log(&mt('LON-CAPA is not yet installed on your system.')."\n\n"); |
"\n\n". |
unless ($filetouse) { |
&mt('You may retrieve the source for LON-CAPA by executing:')."\n". |
&print_and_log(&mt('You may retrieve the source for LON-CAPA by executing:')."\n". |
"wget http://install.loncapa.org/versions/$lctarball\n"); |
"wget http://install.loncapa.org/versions/$lctarball\n"); |
|
} |
} else { |
} else { |
my $currentversion; |
my $currentversion; |
if (open(my $fh,"</etc/loncapa-release")) { |
if (open(my $fh,"</etc/loncapa-release")) { |
Line 2130 if ($callsub{'download'}) {
|
Line 2380 if ($callsub{'download'}) {
|
} |
} |
|
|
print "\n".&mt('Requested configuration complete.')."\n\n"; |
print "\n".&mt('Requested configuration complete.')."\n\n"; |
my $apachename; |
|
if ($have_tarball && !$updateshown) { |
if ($have_tarball && !$updateshown) { |
my ($lcdir) = ($sourcetarball =~ /^([\w.\-]+)\.tar.gz$/); |
my ($lcdir) = ($sourcetarball =~ /^([\w.\-]+)\.tar.gz$/); |
if (!-e '/etc/loncapa-release') { |
if ($lcdir eq 'loncapa-current') { |
print &mt('If you are now ready to install LON-CAPA, enter the following commands:')."\n\n"; |
$lcdir = "loncapa-X.Y.Z (X.Y.Z should correspond to a version number like '2.11.3')"; |
} else { |
} |
print &mt('If you are now ready to update LON-CAPA, enter the following commands:')."\n\n". |
my ($apachename,$lc_uses_systemctl,$uses_sudo); |
"/etc/init.d/loncontrol stop\n"; |
if ($distro =~ /^(suse|sles|debian|ubuntu)([\d.]+)/) { |
if ($distro =~ /^(suse|sles|debian|ubuntu)([\d.]+)/) { |
if (($1 eq 'suse') && ($2 < 10)) { |
if (($1 eq 'suse') && ($2 < 10)) { |
$apachename = 'apache'; |
$apachename = 'apache'; |
|
} else { |
|
$apachename = 'apache2'; |
|
} |
|
} else { |
} else { |
$apachename = 'httpd'; |
$apachename = 'apache2'; |
} |
} |
print "/etc/init.d/$apachename stop\n"; |
} else { |
|
$apachename = 'httpd'; |
} |
} |
print "cd /root\n". |
if ($distro =~ /^oracle(\d+)$/) { |
"tar zxf $sourcetarball\n". |
if ($1 > 6) { |
"cd $lcdir\n". |
$lc_uses_systemctl = 1; |
"./UPDATE\n"; |
} |
|
} elsif ($distro =~ /^(?:rhes|centos|rocky|alma)(\d+)/) { |
|
if ($1 > 7) { |
|
$lc_uses_systemctl = 1; |
|
} |
|
} elsif ($distro =~ /^ubuntu(\d+)$/) { |
|
if ($1 > 16) { |
|
$lc_uses_systemctl = 1; |
|
} |
|
$uses_sudo = 1; |
|
} elsif ($distro =~ /^debian(\d+)$/) { |
|
if ($1 >= 10) { |
|
$lc_uses_systemctl = 1; |
|
} |
|
} elsif ($distro =~ /^sles(\d+)$/) { |
|
if ($1 > 12) { |
|
$lc_uses_systemctl = 1; |
|
} |
|
} elsif ($distro =~ /^fedora(\d+)$/) { |
|
if ($1 > 25) { |
|
$lc_uses_systemctl = 1; |
|
} |
|
} |
|
if (!-e '/etc/loncapa-release') { |
|
print &mt('If you are now ready to install LON-CAPA, enter the following commands:')."\n\n"; |
|
} else { |
|
my $lcstop = '/etc/init.d/loncontrol stop'; |
|
if ($lc_uses_systemctl) { |
|
$lcstop = 'systemctl stop loncontrol'; |
|
} |
|
my $apachestop = "/etc/init.d/$apachename stop"; |
|
if ($uses_systemctl) { |
|
$apachestop = "systemctl stop $apachename"; |
|
} |
|
if ($uses_sudo) { |
|
$lcstop = 'sudo '.$lcstop; |
|
$apachestop = 'sudo '.$apachestop; |
|
} |
|
print &mt('If you are now ready to update LON-CAPA, enter the following commands:'). |
|
"\n\n$lcstop\n$apachestop\n"; |
|
} |
|
my ($extract,$update); |
|
my $homedir = '/root'; |
|
if ($uses_sudo) { |
|
$extract = 'sudo '; |
|
$update = 'sudo '; |
|
if ($instdir ne $homedir) { |
|
($homedir) = ($instdir =~ m{^(.*)/[^/]+$}); |
|
} |
|
} |
|
$extract .= "tar zxf $sourcetarball --directory $homedir"; |
|
$update .= './UPDATE'; |
|
print "$extract\n". |
|
"cd $homedir/$lcdir\n". |
|
"$update\n"; |
if (-e '/etc/loncapa-release') { |
if (-e '/etc/loncapa-release') { |
print "/etc/init.d/loncontrol start\n"; |
my $lcstart = '/etc/init.d/loncontrol start'; |
print "/etc/init.d/$apachename start\n"; |
if ($lc_uses_systemctl) { |
|
$lcstart = '/home/httpd/perl/loncontrol start'; |
|
} |
|
my $apachestart = "/etc/init.d/$apachename start"; |
|
if ($uses_systemctl) { |
|
$apachestart = "systemctl start $apachename"; |
|
} |
|
if ($uses_sudo) { |
|
$lcstart = 'sudo '.$lcstart; |
|
$apachestart = 'sudo '.$apachestart; |
|
} |
|
print "$lcstart\n"; |
|
print "$apachestart\n"; |
} |
} |
} |
} |
exit; |
exit; |
Line 2224 sub build_and_install_mod_auth_external
|
Line 2536 sub build_and_install_mod_auth_external
|
> #define SERVER_UIDS $num /* user "www" */ |
> #define SERVER_UIDS $num /* user "www" */ |
ENDPATCH |
ENDPATCH |
|
|
|
my $patch_code = <<"ENDPATCH"; |
|
127a128 |
|
> #include <string.h> |
|
214a216 |
|
> #include <time.h> |
|
566c568 |
|
< check_fails() |
|
--- |
|
> int check_fails() |
|
589c591 |
|
< log_failure() |
|
--- |
|
> void log_failure() |
|
629c631 |
|
< snooze(int seconds) |
|
--- |
|
> void snooze(int seconds) |
|
653c655 |
|
< main(int argc, char **argv) |
|
--- |
|
> int main(int argc, char **argv) |
|
ENDPATCH |
|
|
if (! -e "/usr/bin/patch") { |
if (! -e "/usr/bin/patch") { |
print_and_log(&mt('You must install the software development tools package: [_1], when installing Linux.',"'patch'")."\n"); |
print_and_log(&mt('You must install the software development tools package: [_1], when installing Linux.',"'patch'")."\n"); |
print_and_log(&mt('Authentication installation not completed.')."\n"); |
print_and_log(&mt('Authentication installation not completed.')."\n"); |
Line 2234 ENDPATCH
|
Line 2569 ENDPATCH
|
return; |
return; |
} |
} |
my $dir = "/tmp/pwauth-2.2.8"; |
my $dir = "/tmp/pwauth-2.2.8"; |
|
my $patchedok; |
if (open(PATCH,"| patch $dir/config.h")) { |
if (open(PATCH,"| patch $dir/config.h")) { |
print PATCH $patch; |
print PATCH $patch; |
close(PATCH); |
close(PATCH); |
|
if (open(PATCH,"| patch $dir/pwauth.c")) { |
|
print PATCH $patch_code; |
|
close(PATCH); |
|
$patchedok = 1; |
|
} |
|
} |
|
if ($patchedok) { |
print_and_log("\n"); |
print_and_log("\n"); |
## |
## |
## Compile patched pwauth |
## Compile patched pwauth |
Line 2307 sub kill_extra_services {
|
Line 2650 sub kill_extra_services {
|
&print_and_log(&mt('Removing [_1] from startup.',$service)."\n"); |
&print_and_log(&mt('Removing [_1] from startup.',$service)."\n"); |
if ($distro =~ /^(?:debian|ubuntu)(\d+)/) { |
if ($distro =~ /^(?:debian|ubuntu)(\d+)/) { |
my $version = $1; |
my $version = $1; |
if (($distro =~ /^ubuntu/) && ($version > 16)) { |
if ((($distro =~ /^ubuntu/) && ($version > 16)) || |
|
(($distro =~ /^debian/) && ($version >= 10))) { |
if (ref($uses_systemctl) eq 'HASH') { |
if (ref($uses_systemctl) eq 'HASH') { |
if ($uses_systemctl->{$service}) { |
if ($uses_systemctl->{$service}) { |
if (`systemctl is-enabled $service`) { |
if (`systemctl is-enabled $service`) { |
Line 2339 sub kill_extra_services {
|
Line 2683 sub kill_extra_services {
|
} |
} |
|
|
sub setup_mysql { |
sub setup_mysql { |
my ($setup_mysql_permissions,$distro,$dbh,$has_pass,$has_lcdb) = @_; |
my ($setup_mysql_permissions,$dbh,$has_pass,$mysql_unix_socket,$has_lcdb,$distro) = @_; |
my @mysql_lc_commands; |
my @mysql_lc_commands; |
unless ($has_lcdb) { |
unless ($has_lcdb) { |
push(@mysql_lc_commands,"CREATE DATABASE loncapa"); |
my $createcmd = 'CREATE DATABASE loncapa'; |
|
if ($distro =~ /^sles(\d+)/) { |
|
if ($1 > 11) { |
|
$createcmd .= ' CHARACTER SET utf8 COLLATE utf8_general_ci'; |
|
} |
|
} elsif ($distro =~ /^ubuntu(\d+)/) { |
|
if ($1 > 16) { |
|
$createcmd .= ' CHARACTER SET latin1 COLLATE latin1_swedish_ci'; |
|
} |
|
} |
|
push(@mysql_lc_commands,$createcmd); |
} |
} |
push(@mysql_lc_commands,"USE loncapa"); |
push(@mysql_lc_commands,"USE loncapa"); |
push(@mysql_lc_commands,qq{ |
push(@mysql_lc_commands,qq{ |
CREATE TABLE IF NOT EXISTS metadata (title TEXT, author TEXT, subject TEXT, url TEXT, keywords TEXT, version TEXT, notes TEXT, abstract TEXT, mime TEXT, language TEXT, creationdate DATETIME, lastrevisiondate DATETIME, owner TEXT, copyright TEXT, domain TEXT, dependencies TEXT, modifyinguser TEXT, authorspace TEXT, lowestgradelevel TEXT, highestgradelevel TEXT, standards TEXT, count INT, course INT, course_list TEXT, goto INT, goto_list TEXT, comefrom INT, comefrom_list TEXT, sequsage INT, sequsage_list TEXT, stdno INT, stdno_list TEXT, avetries FLOAT, avetries_list TEXT, difficulty FLOAT, difficulty_list TEXT, disc FLOAT, disc_list TEXT, clear FLOAT, technical FLOAT, correct FLOAT, helpful FLOAT, depth FLOAT, hostname TEXT, FULLTEXT idx_title (title), FULLTEXT idx_author (author), FULLTEXT idx_subject (subject), FULLTEXT idx_url (url), FULLTEXT idx_keywords (keywords), FULLTEXT idx_version (version), FULLTEXT idx_notes (notes), FULLTEXT idx_abstract (abstract), FULLTEXT idx_mime (mime), FULLTEXT idx_language (language), FULLTEXT idx_owner (owner), FULLTEXT idx_copyright (copyright)) ENGINE=MYISAM |
CREATE TABLE IF NOT EXISTS metadata (title TEXT, author TEXT, subject TEXT, url TEXT, keywords TEXT, version TEXT, notes TEXT, abstract TEXT, mime TEXT, language TEXT, creationdate DATETIME, lastrevisiondate DATETIME, owner TEXT, copyright TEXT, domain TEXT, dependencies TEXT, modifyinguser TEXT, authorspace TEXT, lowestgradelevel TEXT, highestgradelevel TEXT, standards TEXT, count INT, course INT, course_list TEXT, goto INT, goto_list TEXT, comefrom INT, comefrom_list TEXT, sequsage INT, sequsage_list TEXT, stdno INT, stdno_list TEXT, avetries FLOAT, avetries_list TEXT, difficulty FLOAT, difficulty_list TEXT, disc FLOAT, disc_list TEXT, clear FLOAT, technical FLOAT, correct FLOAT, helpful FLOAT, depth FLOAT, hostname TEXT, FULLTEXT idx_title (title), FULLTEXT idx_author (author), FULLTEXT idx_subject (subject), FULLTEXT idx_url (url), FULLTEXT idx_keywords (keywords), FULLTEXT idx_version (version), FULLTEXT idx_notes (notes), FULLTEXT idx_abstract (abstract), FULLTEXT idx_mime (mime), FULLTEXT idx_language (language), FULLTEXT idx_owner (owner), FULLTEXT idx_copyright (copyright)) ENGINE=MYISAM |
}); |
}); |
if ($setup_mysql_permissions) { |
if ($setup_mysql_permissions) { |
&setup_mysql_permissions($dbh,$has_pass,@mysql_lc_commands); |
&setup_mysql_permissions($dbh,$has_pass,$mysql_unix_socket,@mysql_lc_commands); |
} else { |
} else { |
print_and_log(&mt('Skipping MySQL permissions setup.')."\n"); |
print_and_log(&mt('Skipping MySQL permissions setup.')."\n"); |
if ($dbh) { |
if ($dbh) { |
Line 2366 CREATE TABLE IF NOT EXISTS metadata (tit
|
Line 2720 CREATE TABLE IF NOT EXISTS metadata (tit
|
} |
} |
|
|
sub setup_mysql_permissions { |
sub setup_mysql_permissions { |
my ($dbh,$has_pass,@mysql_lc_commands) = @_; |
my ($dbh,$has_pass,$mysql_unix_socket,@mysql_lc_commands) = @_; |
my ($mysqlversion,$mysqlsubver,$mysqlname) = &get_mysql_version(); |
my ($mysqlversion,$mysqlminorversion,$mysqlsubver,$mysqlname) = &get_mysql_version(); |
my ($usesauth,$is_mariadb,$hasauthcol,@mysql_commands); |
my ($usescreate,$usesauth,$is_mariadb,$hasauthcol,@mysql_commands); |
if ($mysqlname =~ /^MariaDB/i) { |
if ($mysqlname =~ /^MariaDB/i) { |
$is_mariadb = 1; |
$is_mariadb = 1; |
if ($mysqlversion >= 10.2) { |
if ((($mysqlversion == 10) && ($mysqlminorversion >= 4)) || ($mysqlversion >= 11)) { |
|
$usescreate = 1; |
|
} elsif (($mysqlversion == 10) && ($mysqlminorversion >= 2)) { |
$usesauth = 1; |
$usesauth = 1; |
} elsif ($mysqlversion >= 5.5) { |
} elsif (($mysqlversion == 5) && ($mysqlminorversion >= 5)) { |
$hasauthcol = 1; |
$hasauthcol = 1; |
} |
} |
} else { |
} else { |
if (($mysqlversion > 5.7) || (($mysqlversion == 5.7) && ($mysqlsubver > 5))) { |
if (($mysqlversion > 5) || (($mysqlminorversion == 5) && ($mysqlminorversion > 7)) || |
|
(($mysqlversion == 5) && ($mysqlminorversion == 7) && ($mysqlsubver > 5))) { |
$usesauth = 1; |
$usesauth = 1; |
} elsif (($mysqlversion >= 5.6) || (($mysqlversion == 5.5) && ($mysqlsubver >= 7))) { |
} elsif (($mysqlversion == 5) && |
|
(($mysqlminorversion >= 6) || (($mysqlminorversion == 5) && ($mysqlsubver >= 7)))) { |
$hasauthcol = 1; |
$hasauthcol = 1; |
} |
} |
} |
} |
if ($usesauth) { |
if ($usescreate) { |
@mysql_commands = ("INSERT user (Host, User, ssl_cipher, x509_issuer, x509_subject, authentication_string) VALUES('localhost','www','','','','')"); |
@mysql_commands = ("CREATE USER 'www'\@'localhost' IDENTIFIED BY 'localhostkey'"); |
|
} elsif ($usesauth) { |
|
@mysql_commands = ("INSERT user (Host, User, ssl_cipher, x509_issuer, x509_subject, authentication_string) VALUES('localhost','www','','','','')", |
|
"FLUSH PRIVILEGES"); |
if ($is_mariadb) { |
if ($is_mariadb) { |
push(@mysql_commands,"ALTER USER 'www'\@'localhost' IDENTIFIED BY 'localhostkey'"); |
push(@mysql_commands,"ALTER USER 'www'\@'localhost' IDENTIFIED BY 'localhostkey'"); |
} else { |
} else { |
Line 2403 INSERT db (Host,Db,User,Select_priv,Inse
|
Line 2764 INSERT db (Host,Db,User,Select_priv,Inse
|
INSERT db (Host,Db,User,Select_priv,Insert_priv,Update_priv,Delete_priv,Create_priv,Drop_priv,Grant_priv,References_priv,Index_priv,Alter_priv,Create_tmp_table_priv,Lock_tables_priv) VALUES('localhost','loncapa','www','Y','Y','Y','Y','Y','Y','N','Y','Y','Y','Y','Y')"); |
INSERT db (Host,Db,User,Select_priv,Insert_priv,Update_priv,Delete_priv,Create_priv,Drop_priv,Grant_priv,References_priv,Index_priv,Alter_priv,Create_tmp_table_priv,Lock_tables_priv) VALUES('localhost','loncapa','www','Y','Y','Y','Y','Y','Y','N','Y','Y','Y','Y','Y')"); |
} |
} |
push(@mysql_commands,"DELETE FROM user WHERE host<>'localhost'"); |
push(@mysql_commands,"DELETE FROM user WHERE host<>'localhost'"); |
if ($has_pass) { |
if (($has_pass) || ($mysql_unix_socket)) { |
if ($dbh) { |
if ($dbh) { |
push(@mysql_commands,"FLUSH PRIVILEGES"); |
push(@mysql_commands,"FLUSH PRIVILEGES"); |
if (@mysql_commands) { |
if (@mysql_commands) { |
Line 2490 sub new_mysql_rootpasswd {
|
Line 2851 sub new_mysql_rootpasswd {
|
} |
} |
|
|
sub get_mysql_version { |
sub get_mysql_version { |
my ($version,$subversion,$name); |
my ($version,$minorversion,$subversion,$name); |
if (open(PIPE," mysql -V |")) { |
if (open(PIPE," mysql -V |")) { |
my $info = <PIPE>; |
my $info = <PIPE>; |
chomp($info); |
chomp($info); |
close(PIPE); |
close(PIPE); |
($version,$subversion,$name) = ($info =~ /(\d+\.\d+)\.(\d+)\-?(\w*),/); |
($version,$minorversion,$subversion,$name) = ($info =~ /(\d+)\.(\d+)\.(\d+)(?:\-?(\w*),|)/); |
} else { |
} else { |
print &mt('Could not determine which version of MySQL is installed.'). |
print &mt('Could not determine which version of MySQL is installed.'). |
"\n"; |
"\n"; |
} |
} |
return ($version,$subversion,$name); |
return ($version,$minorversion,$subversion,$name); |
|
} |
|
|
|
sub check_systemd_update { |
|
my ($distro) = @_; |
|
my ($use_systemctl,$service); |
|
$service = 'apache2.service'; |
|
if ($distro =~ /^ubuntu(\w+)/) { |
|
if ($1 >= 16) { |
|
$use_systemctl = 1; |
|
} |
|
} elsif ($distro =~ /^debian(\w+)/) { |
|
if ($1 >= 9) { |
|
$use_systemctl = 1; |
|
} |
|
} elsif ($distro =~ /^fedora(\d+)/) { |
|
$service = 'httpd.service'; |
|
if ($1 >= 16) { |
|
$use_systemctl = 1; |
|
} |
|
} elsif ($distro =~ /^(?:centos|rhes|scientific|oracle|rocky|alma)(\d+)/) { |
|
$service = 'httpd.service'; |
|
if ($1 >= 7) { |
|
$use_systemctl = 1; |
|
} |
|
} elsif ($distro =~ /^sles(\d+)/) { |
|
if ($1 >= 12) { |
|
$use_systemctl = 1; |
|
} |
|
} elsif ($distro =~ /^suse(\d+)/) { |
|
if ($1 >= 13) { |
|
$use_systemctl = 1; |
|
} |
|
} |
|
if ($use_systemctl) { |
|
my $needsupdate = &check_systemd_security($distro); |
|
if ($needsupdate) { |
|
if (!-d '/etc/systemd/system/'.$service.'.d') { |
|
mkdir '/etc/systemd/system/'.$service.'.d', 0755; |
|
} |
|
if (-d '/etc/systemd/system/'.$service.'.d') { |
|
if (-e '/etc/systemd/system/'.$service.'.d/override.conf') { |
|
if (open(my $fh,'<','/etc/systemd/system/'.$service.'.d/override.conf')) { |
|
my ($inservice,$addservice,$protectoff,$linenum,$change,@lines); |
|
while (my $entry = <$fh>) { |
|
$linenum ++; |
|
chomp($entry); |
|
if ($entry eq '[Service]') { |
|
if (!$protectoff) { |
|
$inservice = $linenum; |
|
push(@lines,$entry); |
|
} else { |
|
$addservice = 1; |
|
next; |
|
} |
|
} |
|
if ($entry =~ /^ProtectHome\s*=\s*([\w-]+)\s*$/) { |
|
my $value = $1; |
|
if ($protectoff) { |
|
next; |
|
if (lc($value) eq 'no') { |
|
$protectoff = $linenum; |
|
push(@lines,$entry); |
|
} else { |
|
if ($protectoff) { |
|
next; |
|
} else { |
|
push(@lines,'ProtectHome=no'); |
|
$protectoff = $linenum; |
|
$change = $linenum; |
|
} |
|
} |
|
} |
|
} |
|
} |
|
close($fh); |
|
if ($addservice || $change || !$protectoff) { |
|
if (open(my $fh,'>','/etc/systemd/system/'.$service.'.d/override.conf')) { |
|
if ($addservice) { |
|
print $fh "[Service]\n"; |
|
} |
|
foreach my $entry (@lines) { |
|
print $fh "$entry\n"; |
|
} |
|
close($fh); |
|
print_and_log('Updated /etc/systemd/system/'.$service.'.d/override.conf'); |
|
system('systemctl daemon-reload'); |
|
} else { |
|
print_and_log('Could not open /etc/systemd/system/'.$service.'.d/override.conf for writing.'); |
|
} |
|
} else { |
|
print_and_log('No change needed in /etc/systemd/system/'.$service.'.d/override.conf'); |
|
} |
|
} else { |
|
print_and_log('Could not open /etc/systemd/system/'.$service.'.d/override.conf for reading.'); |
|
} |
|
} else { |
|
if (open(my $fh,'>','/etc/systemd/system/'.$service.'.d/override.conf')) { |
|
print $fh '[Service]'."\n".'ProtectHome=no'."\n"; |
|
close($fh); |
|
print_and_log('Created /etc/systemd/system/'.$service.'.d/override.conf'); |
|
} |
|
} |
|
} else { |
|
print_and_log('No /etc/systemd/system/'.$service.'.d directory exists and creating one failed,'); |
|
} |
|
} else { |
|
print_and_log('No update needed to systemd security settings for Apache web server.'); |
|
} |
|
} else { |
|
print_and_log('No update needed to systemd, as this Linux distro does not use systemctl'); |
|
} |
} |
} |
|
|
########################################################### |
########################################################### |
Line 2513 sub get_mysql_version {
|
Line 2985 sub get_mysql_version {
|
sub copy_httpd_conf { |
sub copy_httpd_conf { |
my ($instdir,$distro,$hostname) = @_; |
my ($instdir,$distro,$hostname) = @_; |
my $configfile = 'httpd.conf'; |
my $configfile = 'httpd.conf'; |
if ($distro =~ /^(?:centos|rhes|scientific)(\d+)$/) { |
if ($distro =~ /^(?:centos|rhes|scientific|oracle|rocky|alma)(\d+)/) { |
if ($1 >= 7) { |
if ($1 >= 7) { |
$configfile = 'apache2.4/httpd.conf'; |
$configfile = 'apache2.4/httpd.conf'; |
} elsif ($1 > 5) { |
} elsif ($1 > 5) { |
Line 2534 sub copy_httpd_conf {
|
Line 3006 sub copy_httpd_conf {
|
print_and_log("\n"); |
print_and_log("\n"); |
} |
} |
|
|
|
########################################################### |
|
## |
|
## RHEL/CentOS/Fedora/Scientific Linux |
|
## Copy LON-CAPA mpm.conf to /etc/httpd/conf.modules.d/00-mpm.conf |
|
## |
|
## The LON-CAPA mpm.conf enables the prefork MPM module in |
|
## Apache. This is also the default for RHEL/CentOS/Oracle |
|
## Linux 7 and earlier, and Fedora 26 and earlier. For more |
|
## recent versions of those distros, the event MPM is enabled |
|
## by default. After ©_mpm_conf() is run, the prefork MPM |
|
## module will be enabled instead of the event MPM module. |
|
## |
|
########################################################### |
|
|
|
sub copy_mpm_conf { |
|
my ($instdir,$distro) = @_; |
|
my $mpmfile = 'mpm.conf'; |
|
if ((-e "/etc/httpd/conf.modules.d/00-mpm.conf") && |
|
(-e "$instdir/centos-rhes-fedora-sl/$mpmfile")) { |
|
print_and_log(&mt('Copying the LON-CAPA [_1] to [_2].',"'mpm.conf'", |
|
"'/etc/httpd/conf.modules.d/00-mpm.conf'")."\n"); |
|
copy "$instdir/centos-rhes-fedora-sl/$mpmfile","/etc/httpd/conf.modules.d/00-mpm.conf"; |
|
chmod(0644,"/etc/httpd/conf.modules.d/00-mpm.conf"); |
|
print_and_log("\n"); |
|
} else { |
|
my $logfail; |
|
if ($distro =~ /^(?:centos|rhes|scientific|oracle|rocky|alma)(\d+)/) { |
|
if ($1 > 7) { |
|
$logfail = 1; |
|
} |
|
} elsif ($distro =~ /^fedora(\d+)$/) { |
|
if ($1 > 26) { |
|
$logfail = 1; |
|
} |
|
} |
|
if ($logfail) { |
|
print_and_log(&mt('Warning: copying the LON-CAPA [_1] failed because [_2] and/or [_3] are missing.', |
|
$mpmfile,"'$instdir/centos-rhes-fedora-sl/$mpmfile'", |
|
"'/etc/httpd/conf.modules.d/00-mpm.conf'")); |
|
print_and_log("\n"); |
|
} |
|
} |
|
} |
|
|
############################################### |
############################################### |
## |
## |
## Copy loncapassl.conf and sslrewrite.conf |
## Copy loncapassl.conf and sslrewrite.conf |
Line 3031 sub copy_apache2_debconf {
|
Line 3547 sub copy_apache2_debconf {
|
my $apache2_sites_enabled_dir = '/etc/apache2/sites-enabled'; |
my $apache2_sites_enabled_dir = '/etc/apache2/sites-enabled'; |
my $apache2_sites_available_dir = '/etc/apache2/sites-available'; |
my $apache2_sites_available_dir = '/etc/apache2/sites-available'; |
my $defaultconfig = "$apache2_sites_enabled_dir/000-default"; |
my $defaultconfig = "$apache2_sites_enabled_dir/000-default"; |
|
my $defaultsite = "$apache2_sites_enabled_dir/loncapa.conf"; |
my ($distname,$version); |
my ($distname,$version); |
if ($distro =~ /^(debian|ubuntu)(\d+)$/) { |
if ($distro =~ /^(debian|ubuntu)(\d+)$/) { |
$distname = $1; |
$distname = $1; |
$version = $2; |
$version = $2; |
} |
} |
if (($distname eq 'ubuntu') && ($version > 12)) { |
if ((($distname eq 'ubuntu') && ($version > 12)) || |
|
(($distname eq 'debian') && ($version >= 10))) { |
$defaultconfig = "$apache2_sites_enabled_dir/000-default.conf"; |
$defaultconfig = "$apache2_sites_enabled_dir/000-default.conf"; |
} |
} |
if (-l $defaultconfig) { |
my ($skipconf,$skipsite,$skipstatus); |
unlink($defaultconfig); |
if ((($distname eq 'ubuntu') && ($version > 12)) || |
} |
(($distname eq 'debian') && ($version >= 10))) { |
if (($distname eq 'ubuntu') && ($version > 12)) { |
|
print_and_log(&mt('Copying loncapa [_1] config file to [_2] and pointing [_3] to it from conf-enabled.',"'apache2'","'/etc/apache2/conf-available'","'loncapa.conf symlink'")."\n"); |
|
my $apache2_conf_enabled_dir = '/etc/apache2/conf-enabled'; |
my $apache2_conf_enabled_dir = '/etc/apache2/conf-enabled'; |
my $apache2_conf_available_dir = '/etc/apache2/conf-available'; |
my $apache2_conf_available_dir = '/etc/apache2/conf-available'; |
if (-e "$apache2_conf_available_dir/loncapa") { |
|
copy("$apache2_conf_available_dir/loncapa","$apache2_conf_available_dir/loncapa.original"); |
|
} |
|
my $defaultconf = $apache2_conf_enabled_dir.'/loncapa.conf'; |
my $defaultconf = $apache2_conf_enabled_dir.'/loncapa.conf'; |
copy("$instdir/debian-ubuntu/ubuntu14/loncapa_conf","$apache2_conf_available_dir/loncapa"); |
if ((-e "$apache2_conf_available_dir/loncapa") && (-e "$instdir/debian-ubuntu/ubuntu14/loncapa_conf")) { |
chmod(0444,"$apache2_conf_available_dir/loncapa"); |
if (open(PIPE, "diff --brief $apache2_conf_available_dir/loncapa $instdir/debian-ubuntu/ubuntu14/loncapa_conf |")) { |
if (-l $defaultconf) { |
my $diffres = <PIPE>; |
unlink($defaultconf); |
close(PIPE); |
} |
chomp($diffres); |
symlink("$apache2_conf_available_dir/loncapa","$defaultconf"); |
if ($diffres) { |
print_and_log(&mt('Copying loncapa [_1] site file to [_2] and pointing [_3] to it from sites-enabled.',"'apache2'","'/etc/apache2/sites-available'","'000-default.conf symlink'")."\n"); |
copy("$apache2_conf_available_dir/loncapa","$apache2_conf_available_dir/loncapa.conf.original"); |
copy("$instdir/debian-ubuntu/ubuntu14/loncapa_site","$apache2_sites_available_dir/loncapa"); |
} else { |
chmod(0444,"$apache2_sites_available_dir/loncapa"); |
copy("$apache2_conf_available_dir/loncapa","$apache2_conf_available_dir/loncapa.conf"); |
symlink("$apache2_sites_available_dir/loncapa","$defaultconfig"); |
chdir($apache2_conf_enabled_dir); |
} else { |
symlink('../conf-available/loncapa.conf','loncapa.conf'); |
print_and_log(&mt('Copying loncapa [_1] config file to [_2] and pointing [_3] to it from sites-enabled.',"'apache2'","'/etc/apache2/sites-available'","'000-default symlink'")."\n"); |
chdir($instdir); |
if (-e "$apache2_sites_available_dir/loncapa") { |
} |
copy("$apache2_sites_available_dir/loncapa","$apache2_sites_available_dir/loncapa.original"); |
if (-l $defaultconf) { |
} |
my $linkfname = readlink($defaultconf); |
copy("$instdir/debian-ubuntu/loncapa","$apache2_sites_available_dir/loncapa"); |
if ($linkfname ne '') { |
chmod(0444,"$apache2_sites_available_dir/loncapa"); |
$linkfname = Cwd::abs_path(File::Spec->rel2abs($linkfname,$apache2_conf_enabled_dir)); |
symlink("$apache2_sites_available_dir/loncapa","$apache2_sites_enabled_dir/000-default"); |
} |
|
if ($linkfname eq "$apache2_conf_available_dir/loncapa") { |
|
unlink($defaultconf); |
|
} |
|
} |
|
unlink("$apache2_conf_available_dir/loncapa"); |
|
} |
|
} |
|
if ((-e "$apache2_conf_available_dir/loncapa.conf") && (-e "$instdir/debian-ubuntu/ubuntu14/loncapa_conf")) { |
|
if (open(PIPE, "diff --brief $apache2_conf_available_dir/loncapa.conf $instdir/debian-ubuntu/ubuntu14/loncapa_conf |")) { |
|
my $diffres = <PIPE>; |
|
close(PIPE); |
|
chomp($diffres); |
|
if ($diffres) { |
|
copy("$apache2_conf_available_dir/loncapa.conf","$apache2_conf_available_dir/loncapa.conf.original"); |
|
} |
|
if (-l $defaultconf) { |
|
my $linkfname = readlink($defaultconf); |
|
if ($linkfname ne '') { |
|
$linkfname = Cwd::abs_path(File::Spec->rel2abs($linkfname,$apache2_conf_enabled_dir)); |
|
} |
|
if ($linkfname eq "$apache2_conf_available_dir/loncapa.conf") { |
|
unless ($diffres) { |
|
$skipconf = 1; |
|
} |
|
} |
|
} |
|
} |
|
} |
|
unless ($skipconf) { |
|
print_and_log(&mt('Copying loncapa [_1] config file to [_2] and pointing [_3] to it from conf-enabled.',"'apache2'","'/etc/apache2/conf-available'","'loncapa.conf symlink'")."\n"); |
|
copy("$instdir/debian-ubuntu/ubuntu14/loncapa_conf","$apache2_conf_available_dir/loncapa.conf"); |
|
chmod(0444,"$apache2_conf_available_dir/loncapa.conf"); |
|
if (-l $defaultconf) { |
|
unlink($defaultconf); |
|
} |
|
chdir($apache2_conf_enabled_dir); |
|
symlink('../conf-available/loncapa.conf','loncapa.conf'); |
|
chdir($instdir); |
|
} |
|
my $stdsite = "$instdir/debian-ubuntu/ubuntu14/loncapa_site"; |
|
if ((-e $stdsite) && (-e "$apache2_sites_available_dir/loncapa")) { |
|
if (open(PIPE, "diff --brief $stdsite $apache2_sites_available_dir/loncapa |")) { |
|
my $diffres = <PIPE>; |
|
close(PIPE); |
|
chomp($diffres); |
|
if ($diffres) { |
|
copy("$apache2_sites_available_dir/loncapa","$apache2_sites_available_dir/loncapa.conf.original"); |
|
} else { |
|
copy("$apache2_sites_available_dir/loncapa","$apache2_sites_available_dir/loncapa.conf"); |
|
} |
|
if (-l $defaultconfig) { |
|
my $linkfname = readlink($defaultconfig); |
|
if ($linkfname ne '') { |
|
$linkfname = Cwd::abs_path(File::Spec->rel2abs($linkfname,$apache2_sites_enabled_dir)); |
|
} |
|
if ($linkfname eq "$apache2_sites_available_dir/loncapa") { |
|
unlink($defaultconfig); |
|
} |
|
} |
|
unlink("$apache2_sites_available_dir/loncapa"); |
|
} |
|
} |
|
if ((-e $stdsite) && (-e "$apache2_sites_available_dir/loncapa.conf")) { |
|
if (open(PIPE, "diff --brief $stdsite $apache2_sites_available_dir/loncapa.conf |")) { |
|
my $diffres = <PIPE>; |
|
close(PIPE); |
|
chomp($diffres); |
|
if ($diffres) { |
|
copy("$apache2_sites_available_dir/loncapa.conf","$apache2_sites_available_dir/loncapa.conf.original"); |
|
} |
|
if (-l $defaultsite) { |
|
my $linkfname = readlink($defaultsite); |
|
if ($linkfname ne '') { |
|
$linkfname = Cwd::abs_path(File::Spec->rel2abs($linkfname,$apache2_sites_enabled_dir)); |
|
} |
|
if ($linkfname eq "$apache2_sites_available_dir/loncapa.conf") { |
|
unless ($diffres) { |
|
$skipsite = 1; |
|
} |
|
} |
|
} |
|
} |
|
} |
|
unless ($skipsite) { |
|
print_and_log(&mt('Copying loncapa [_1] site file to [_2] and pointing [_3] to it from sites-enabled.',"'apache2'","'/etc/apache2/sites-available'","'loncapa.conf symlink'")."\n"); |
|
copy("$instdir/debian-ubuntu/ubuntu14/loncapa_site","$apache2_sites_available_dir/loncapa.conf"); |
|
chmod(0444,"$apache2_sites_available_dir/loncapa.conf"); |
|
chdir($apache2_sites_enabled_dir); |
|
symlink('../sites-available/loncapa.conf','loncapa.conf'); |
|
chdir($instdir); |
|
} |
|
if (-l $defaultconfig) { |
|
my $linkfname = readlink($defaultconfig); |
|
if ($linkfname ne '') { |
|
$linkfname = Cwd::abs_path(File::Spec->rel2abs($linkfname,$apache2_sites_enabled_dir)); |
|
} |
|
if ($linkfname eq "$apache2_sites_available_dir/000-default.conf") { |
|
unlink($defaultconfig); |
|
} |
|
} |
|
} else { |
|
if ((-e "$instdir/debian-ubuntu/loncapa") && (-e "$apache2_sites_available_dir/loncapa")) { |
|
if (open(PIPE, "diff --brief $instdir/debian-ubuntu/loncapa $apache2_sites_available_dir/loncapa |")) { |
|
my $diffres = <PIPE>; |
|
close(PIPE); |
|
chomp($diffres); |
|
if ($diffres) { |
|
copy("$apache2_sites_available_dir/loncapa","$apache2_sites_available_dir/loncapa.original"); |
|
} |
|
if (-l $defaultconfig) { |
|
my $linkfname = readlink($defaultconfig); |
|
if ($linkfname eq "$apache2_sites_available_dir/loncapa") { |
|
unless ($diffres) { |
|
$skipsite = 1; |
|
} |
|
} |
|
} |
|
} |
|
} |
|
unless ($skipsite) { |
|
if (-l $defaultconfig) { |
|
unlink($defaultconfig); |
|
} |
|
print_and_log(&mt('Copying loncapa [_1] config file to [_2] and pointing [_3] to it from sites-enabled.',"'apache2'","'/etc/apache2/sites-available'","'000-default symlink'")."\n"); |
|
if (-e "$instdir/debian-ubuntu/loncapa") { |
|
copy("$instdir/debian-ubuntu/loncapa","$apache2_sites_available_dir/loncapa"); |
|
chmod(0444,"$apache2_sites_available_dir/loncapa"); |
|
symlink("$apache2_sites_available_dir/loncapa","$apache2_sites_enabled_dir/000-default"); |
|
} |
|
} |
|
} |
|
if (($distname eq 'ubuntu') || ($distname eq 'debian')) { |
|
my $sitestatus = "$apache2_mods_available_dir/status.conf"; |
|
my $stdstatus = "$instdir/debian-ubuntu/status.conf"; |
|
if ((-e $sitestatus) && (-e $stdstatus)) { |
|
if (open(PIPE, "diff --brief $stdstatus $sitestatus |")) { |
|
my $diffres = <PIPE>; |
|
close(PIPE); |
|
chomp($diffres); |
|
if ($diffres) { |
|
copy("$apache2_mods_available_dir/status.conf","$apache2_mods_available_dir/status.conf.original"); |
|
} else { |
|
$skipstatus = 1; |
|
} |
|
} |
|
} |
|
unless ($skipstatus) { |
|
if (-e $stdstatus) { |
|
print_and_log(&mt('Copying loncapa [_1] file to [_2],',"'status.conf'","'/etc/apache2/mods-available/status.conf'")."\n"); |
|
copy($stdstatus,$sitestatus); |
|
chmod(0644,$sitestatus); |
|
} |
|
} |
} |
} |
print_and_log("\n"); |
print_and_log("\n"); |
} |
} |
Line 3139 sub copy_sysconfig_apache2_file {
|
Line 3805 sub copy_sysconfig_apache2_file {
|
if (($name eq 'sles') && ($version >= 12)) { |
if (($name eq 'sles') && ($version >= 12)) { |
$sysconf_file = "$instdir/sles-suse/apache2.4/sysconfig_apache2"; |
$sysconf_file = "$instdir/sles-suse/apache2.4/sysconfig_apache2"; |
} |
} |
copy "$sysconf_file","/etc/sysconfig/apache2"; |
copy $sysconf_file,"/etc/sysconfig/apache2"; |
chmod(0444,"/etc/sysconfig/apache2"); |
chmod(0444,"/etc/sysconfig/apache2"); |
} |
} |
|
|
Line 3247 sub download_loncapa {
|
Line 3913 sub download_loncapa {
|
print_and_log(" |
print_and_log(" |
------------------------------------------------------------------------ |
------------------------------------------------------------------------ |
|
|
".&mt('You seem to have a version of loncapa-current.tar.gz in [_1]',$instdir)."\n". |
".&mt('You seem to have a version of [_1] in [_2]',$lctarball,$instdir)."\n". |
&mt('This copy will be used and a new version will NOT be downloaded.')."\n". |
&mt('This copy will be used and a new version will NOT be downloaded.')."\n". |
&mt('If you wish, you may download a new version by executing:')." |
&mt('If you wish, you may download a new version by executing:')." |
|
|
wget http://install.loncapa.org/versions/loncapa-current.tar.gz |
wget http://install.loncapa.org/versions/$lctarball |
|
|
------------------------------------------------------------------------ |
------------------------------------------------------------------------ |
"); |
"); |
} |
} |
|
|
## |
## |
## untar loncapa.tar.gz |
## untar loncapa-X.Y.Z.tar.gz |
## |
## |
if ($have_tarball) { |
if ($have_tarball) { |
|
my $homedir = '/root'; |
|
my ($targetdir,$chdircmd,$updatecmd); |
|
if (($distro =~ /^ubuntu/) && ($instdir ne $homedir)) { |
|
($homedir) = ($instdir =~ m{^(.*)/[^/]+$}); |
|
$updatecmd = 'sudo ./UPDATE'; |
|
} else { |
|
$updatecmd = './UPDATE'; |
|
} |
print_and_log(&mt('Extracting LON-CAPA source files')."\n"); |
print_and_log(&mt('Extracting LON-CAPA source files')."\n"); |
writelog(`cd ~root; tar zxf $instdir/$lctarball`); |
if (-e $homedir) { |
|
writelog(`tar zxf $instdir/$lctarball --directory $homedir`); |
|
$targetdir = $homedir; |
|
} else { |
|
writelog(`tar zxf $instdir/$lctarball`); |
|
$targetdir = $instdir; |
|
} |
|
if ($lctarball =~ /^loncapa\-(\d+\.\d+\.\d+(?:|[^.]+))\.tar\.gz$/) { |
|
$chdircmd = "cd $targetdir/loncapa-".$1; |
|
} else { |
|
$chdircmd = "cd $targetdir/loncapa-X.Y.Z (X.Y.Z should correspond to a version number like '2.11.3')"; |
|
} |
print_and_log("\n"); |
print_and_log("\n"); |
print &mt('LON-CAPA source files extracted.')."\n". |
print &mt('LON-CAPA source files extracted.')."\n". |
&mt('It remains for you to execute the following commands:')." |
&mt('It remains for you to execute the following commands:'). |
|
"\n$chdircmd\n$updatecmd\n". |
cd /root/loncapa-N.N (N.N should correspond to a version number like '0.4') |
&mt('If you have any trouble, please see [_1] and [_2]', |
./UPDATE |
'http://install.loncapa.org/','http://help.loncapa.org/')."\n"; |
|
|
".&mt('If you have any trouble, please see [_1] and [_2]', |
|
'http://install.loncapa.org/','http://help.loncapa.org/')."\n"; |
|
$updateshown = 1; |
$updateshown = 1; |
} |
} |
return ($have_tarball,$updateshown); |
return ($have_tarball,$updateshown); |