version 1.1, 2000/11/17 22:33:35
|
version 1.2, 2000/11/20 22:52:05
|
Line 4
|
Line 4
|
# to finalize a LON-CAPA |
# to finalize a LON-CAPA |
# installation. |
# installation. |
|
|
# get wget |
# set /etc/hosts.deny to be ALL: ALL |
# download SupplementalRPMS |
open OUT, ">/etc/hosts.deny"; |
# download remove_extra.sh |
print OUT "ALL: ALL\n"; |
# download FinalRPMS |
close OUT; |
|
|
|
if (1==0) { |
|
# get wget and install |
|
system('lynx -source http://install.lon-capa.org/3.1/SupplementalRPMS/wget-1.5.3-6.i386.rpm > wget-1.5.3-6.i386.rpm'); |
|
system('rpm','-Uvh','--force','wget-1.5.3-6.i386.rpm'); |
|
|
|
# download SupplementalRPMS and install |
|
system('wget','-r','http://install.lon-capa.org/3.1/SupplementalRPMS'); |
|
system('rpm','-Uvh','--force','install.lon-capa.org/3.1/SupplementalRPMS'); |
|
|
|
# download remove_extra.sh and run |
|
system('wget','http://install.lon-capa.org/3.1/scripts/remove_extra.sh'); |
|
system('sh','./remove_extra.sh'); |
|
|
|
# download FinalRPMS and install |
|
system('wget','-r','http://install.lon-capa.org/3.1/FinalRPMS'); |
|
system('rpm','-Uvh','--force','install.lon-capa.org/3.1/FinalRPMS'); |
|
|
# allow entry of new access.conf parameters |
# allow entry of new access.conf parameters |
|
my @perlsetvars=("lonHostID","lonRole","lonAdmEMail","lonDefDomain","lonLoadLim","lonExpire"); |
|
my %psvinfo=( |
|
"lonHostID" => <<END |
|
LON Host ID is an internal ID within the LON-CAPA |
|
network used to specify the uniqueness of a particular |
|
LON-CAPA server. Current examples include "msul1", "msua3", |
|
"103l1", "fsul1", and "107a1". |
|
END |
|
, "lonRole" => <<END |
|
LON Role specifies the role this machine plays within |
|
the LON-CAPA network. There are two valid values for |
|
this: |
|
* library |
|
* access |
|
END |
|
, "lonAdmEMail" => <<END |
|
LON System Administrator E-Mail specifies the e-mail |
|
address of an institutional member responsible for |
|
direct upkeep of this server. |
|
END |
|
, "lonDefDomain" => <<END |
|
LON Domain is a unique internal identifier within the LON-CAPA network |
|
specific to the home institution. Current examples include |
|
"msu", "fsu", "103", and "107". |
|
END |
|
, "lonLoadLim" => <<END |
|
LON Load Limit specifies a threshold of activity within The Learning |
|
Online Network that this machine should provide. We strongly recommend |
|
a value of 2.00. Depending on processor architecture (dual processor), |
|
this value may be increased, but there is no readily available measure |
|
in this regard. |
|
END |
|
, "lonExpire" => <<END |
|
LON Expiration Time indicates, in seconds, how long distributed resources |
|
should be held in the server's cache when not being accessed by students, |
|
instructors, or any other class of user. We recommend a value of 86400. |
|
END |
|
); |
|
my $template=`/bin/cat /etc/httpd/conf/access.conf`; |
|
my $okay=0; |
|
while ($okay==0) { |
|
foreach my $psv (@perlsetvars) { |
|
print "\n"; |
|
print $psvinfo{$psv}; |
|
print "\nEnter in value for $psv: "; my $input=<>; chop $input; |
|
my $pval=$input; |
|
$template=~s/(\nPerlSetVar\s+$psv\s+)\S+/$1$pval/; |
|
$pvar{$psv}=$pval; |
|
} |
|
print "\n\nThese are the current values:\n"; |
|
foreach my $psv (@perlsetvars) { |
|
print "$psv\t\t$pvar{$psv}\n"; |
|
} |
|
print "Are these correct? (y/n)"; |
|
my $input=<>; |
|
if ($input=~/^y/i) { |
|
$okay=1; |
|
} |
|
} |
|
open OUT,">/etc/httpd/conf/access.conf"; |
|
print OUT $template; |
|
close OUT; |
|
|
|
$template=`/bin/cat /etc/smb.conf`; |
|
foreach my $psv (@perlsetvars) { |
|
$template=~s/\{\{\{\{\[(.*?)\]\}\}\}\}/$pvar{$1}/ge; |
|
} |
|
open OUT,">/etc/smb.conf"; |
|
print OUT $template; |
|
close OUT; |
|
} |
# unshadow passwords |
# unshadow passwords |
|
# change this line in /etc/pam.d/login |
|
# password required /lib/security/pam_pwdb.so nullok use_authtok md5 shadow |
|
$template=`/bin/cat /etc/pam.d/login`; |
|
$template=~s|password required /lib/security/pam_pwdb\.so nullok use_authtok md5 shadow|password required /lib/security/pam_pwdb.so nullok use_authtok|; |
|
open OUT, ">/etc/pam.d/login"; |
|
print OUT $template; |
|
close OUT; |
|
# change this line in /etc/pam.d/passwd |
|
# password required /lib/security/pam_pwdb.so use_authtok nullok md5 shadow |
|
$template=`/bin/cat /etc/pam.d/passwd`; |
|
$template=~s|password required /lib/security/pam_pwdb\.so nullok use_authtok md5 shadow|password required /lib/security/pam_pwdb.so nullok use_authtok|; |
|
open OUT, ">/etc/pam.d/passwd"; |
|
print OUT $template; |
|
close OUT; |
|
`/usr/sbin/pwunconv`; |
|
`/usr/sbin/grpunconv`; |
|
# set new passwords |
|
print "Now we need to have passwords entered in order to unshadow this machine.\n"; |
|
system('stty -echo'); |
|
$okay=0; |
|
my $input1; |
|
my $input2; |
|
while ($okay==0) { |
|
print "Enter in password for root: "; |
|
$input1=<>; chop $input1; |
|
print "\nEnter in password again for root: "; |
|
$input2=<>; chop $input2; |
|
if ($input1 ne $input2) { |
|
print "\nPasswords do not match, try again.\n"; |
|
} |
|
else { |
|
$okay=1; |
|
} |
|
} |
|
open OUT, "|/usr/sbin/chpasswd"; |
|
print OUT "root:$input1\n"; |
|
close OUT; |
|
|
|
$okay=0; |
|
while ($okay==0) { |
|
print "\nEnter in password for www: "; |
|
$input1=<>; chop $input1; |
|
print "\nEnter in password again for www: "; |
|
$input2=<>; chop $input2; |
|
if ($input1 ne $input2) { |
|
print "\nPasswords do not match, try again.\n"; |
|
} |
|
else { |
|
$okay=1; |
|
} |
|
} |
|
open OUT, "|/usr/sbin/chpasswd"; |
|
print OUT "www:$input1\n"; |
|
close OUT; |
|
system('stty echo'); |
|
|
|
|
|
if (1==0) { |
# create mime.types link |
# create mime.types link |
|
`ln -s /etc/mime.types /etc/httpd/conf/mime.types`; |
|
|
# restart network and inet services |
# restart network and inet services |
|
system('/etc/rc.d/init.d/network','reload'); |
|
system('/etc/rc.d/init.d/inet','restart'); |
# restart httpd |
# restart httpd |
|
system('/etc/rc.d/init.d/httpd','restart'); |
|
|
|
# fix the setup of init.d processes |
|
# nfs |
|
# atalk |
|
|
|
# make atalk specific modifications |
|
# /etc/services |
|
# /etc/atalk/conf |
|
|
|
# restart nfs, smb, and atalk services |
|
system('/etc/rc.d/init.d/smb','restart'); |
|
system('/etc/rc.d/init.d/atalk','restart'); |
|
|
|
|
# restart loncontrol |
# restart loncontrol |
# set /etc/hosts.deny to be ALL: ALL |
print "Please be patient while loncontrol services are restarted (approximately 10 minutes).\n"; |
|
system('/etc/rc.d/init.d/loncontrol','restart'); |
|
|
# warn about /etc/hosts.allow |
# warn about /etc/hosts.allow |
|
print <<END; |
|
Final note: Currently your machine is set-up |
|
to disable many different kinds of network |
|
connectivity. To enable network connectivity |
|
different than that needed for LON-CAPA, you |
|
must make appropriate adjustment to the |
|
/etc/hosts.allow file. |
|
END |
|
} |