--- loncom/build/Attic/postinstall.pl	2000/11/17 22:33:35	1.1
+++ loncom/build/Attic/postinstall.pl	2000/11/21 15:08:19	1.6
@@ -4,15 +4,237 @@
 # to finalize a LON-CAPA
 # installation.
 
-# get wget
-# download SupplementalRPMS
-# download remove_extra.sh
-# download FinalRPMS
+# set /etc/hosts.deny to be ALL: ALL
+open OUT, ">/etc/hosts.deny";
+print OUT "ALL: ALL\n";
+close OUT;
+
+# get wget and install
+system('lynx -source http://install.lon-capa.org/3.1/SupplementalRPMS/wget-1.5.3-6.i386.rpm > wget-1.5.3-6.i386.rpm');
+system('rpm -Uvh --force wget-1.5.3-6.i386.rpm');
+
+# download SupplementalRPMS and install
+system('wget','-r','http://install.lon-capa.org/3.1/SupplementalRPMS');
+system('rpm -Uvh --force install.lon-capa.org/3.1/SupplementalRPMS/*.rpm');
+
+# download remove_extra.sh and run
+system('wget','http://install.lon-capa.org/3.1/scripts/remove_extra.sh');
+system('sh','./remove_extra.sh');
+
+# download FinalRPMS and install
+system('wget','-r','http://install.lon-capa.org/3.1/FinalRPMS');
+system('rpm','-Uvh','--force','install.lon-capa.org/3.1/FinalRPMS/*.rpm');
+
 # allow entry of new access.conf parameters
+my @perlsetvars=("lonHostID","lonRole","lonAdmEMail","lonDefDomain","lonLoadLim","lonExpire");
+my %psvinfo=(
+	     "lonHostID" => <<END
+LON Host ID is an internal ID within the LON-CAPA
+network used to specify the uniqueness of a particular
+LON-CAPA server.  Current examples include "msul1", "msua3",
+"103l1", "fsul1", and "107a1".
+END
+,	     "lonRole" => <<END
+LON Role specifies the role this machine plays within
+the LON-CAPA network.  There are two valid values for
+this:
+ * library
+ * access
+END
+,	     "lonAdmEMail" => <<END
+LON System Administrator E-Mail specifies the e-mail
+address of an institutional member responsible for
+direct upkeep of this server.
+END
+,	     "lonDefDomain" => <<END
+LON Domain is a unique internal identifier within the LON-CAPA network
+specific to the home institution.  Current examples include
+"msu", "fsu", "103", and "107".
+END
+,	     "lonLoadLim" => <<END
+LON Load Limit specifies a threshold of activity within The Learning
+Online Network that this machine should provide.  We strongly recommend
+a value of 2.00.  Depending on processor architecture (dual processor),
+this value may be increased, but there is no readily available measure
+in this regard.
+END
+,	     "lonExpire" => <<END
+LON Expiration Time indicates, in seconds, how long distributed resources
+should be held in the server's cache when not being accessed by students,
+instructors, or any other class of user.  We recommend a value of 86400.
+END
+	     );
+my $template=`/bin/cat /etc/httpd/conf/access.conf`;
+my $okay=0;
+while ($okay==0) {
+    foreach my $psv (@perlsetvars) {
+        print "\n";
+        print $psvinfo{$psv};
+        print "\nEnter in value for $psv: "; my $input=<>; chop $input;
+        my $pval=$input;
+        $template=~s/(\nPerlSetVar\s+$psv\s+)\S+/$1$pval/;
+        $pvar{$psv}=$pval;
+    }
+    print "\n\nThese are the current values:\n";
+    foreach my $psv (@perlsetvars) {
+        print "$psv\t\t$pvar{$psv}\n";
+    }
+    print "Are these correct? (y/n)";
+    my $input=<>;
+    if ($input=~/^y/i) {
+        $okay=1;
+    }
+}
+open OUT,">/etc/httpd/conf/access.conf";
+print OUT $template;
+close OUT;
+
+$template=`/bin/cat /etc/smb.conf`;
+foreach my $psv (@perlsetvars) {
+    $template=~s/\{\{\{\{\[(.*?)\]\}\}\}\}/$pvar{$1}/ge;
+}
+open OUT,">/etc/smb.conf";
+print OUT $template;
+close OUT;
+
 # unshadow passwords
+# change this line in /etc/pam.d/login
+# password   required     /lib/security/pam_pwdb.so nullok use_authtok md5 shadow
+$template=`/bin/cat /etc/pam.d/login`;
+$template=~s|password   required     /lib/security/pam_pwdb\.so nullok use_authtok md5 shadow|password   required     /lib/security/pam_pwdb.so nullok use_authtok|;
+open OUT, ">/etc/pam.d/login";
+print OUT $template;
+close OUT;
+# change this line in /etc/pam.d/passwd
+# password   required     /lib/security/pam_pwdb.so use_authtok nullok md5 shadow 
+$template=`/bin/cat /etc/pam.d/passwd`;
+$template=~s|password   required     /lib/security/pam_pwdb\.so nullok use_authtok md5 shadow|password   required     /lib/security/pam_pwdb.so nullok use_authtok|;
+open OUT, ">/etc/pam.d/passwd";
+print OUT $template;
+close OUT;
+`/usr/sbin/pwunconv`;
+`/usr/sbin/grpunconv`;
+# set new passwords
+print "Now we need to have passwords entered in order to unshadow this machine.\n";
+system('stty -echo');
+$okay=0;
+my $input1;
+my $input2;
+while ($okay==0) {
+    print "Enter in password for root: ";
+    $input1=<>; chop $input1;
+    print "\nEnter in password again for root: ";
+    $input2=<>; chop $input2;
+    if ($input1 ne $input2) {
+        print "\nPasswords do not match, try again.\n";
+    }
+    else {
+        $okay=1;
+    }
+}
+open OUT, "|/usr/sbin/chpasswd";
+print OUT "root:$input1\n";
+close OUT;
+
+$okay=0;
+while ($okay==0) {
+    print "\nEnter in password for www: ";
+    $input1=<>; chop $input1;
+    print "\nEnter in password again for www: ";
+    $input2=<>; chop $input2;
+    if ($input1 ne $input2) {
+        print "\nPasswords do not match, try again.\n";
+    }
+    else {
+        $okay=1;
+    }
+}
+open OUT, "|/usr/sbin/chpasswd";
+print OUT "www:$input1\n";
+close OUT;
+system('stty echo');
+
 # create mime.types link
+`ln -s /etc/mime.types /etc/httpd/conf/mime.types`;
+
 # restart network and inet services
+system('/etc/rc.d/init.d/network','reload');
+system('/etc/rc.d/init.d/inet','restart');
 # restart httpd
+system('/etc/rc.d/init.d/httpd','restart');
+
+# fix the setup of init.d processes
+# nfs
+# bash$ diff nfs nfs~
+# 6c6
+# < # chkconfig: 345 60 20
+# ---
+# > # chkconfig: - 60 20
+# then chkconfig
+$template=`/bin/cat /etc/rc.d/init.d/nfs`;
+$template=~s/\# chkconfig: - 60 20/\# chkconfig: 345 60 20/;
+open OUT,">/etc/rc.d/init.d/nfs";
+print OUT $template;
+close OUT;
+$template=`/bin/cat /etc/rc.d/init.d/xntpd`;
+$template=~s/\# chkconfig: - 55 10/\# chkconfig: 345 55 10/;
+open OUT,">/etc/rc.d/init.d/xntpd";
+print OUT $template;
+close OUT;
+
+# ntp
+# chkconfig 345
+# then chkconfig
+
+# make atalk specific modifications
+# /etc/atalk/config
+open OUT, ">/etc/atalk/config";
+print OUT <<END;
+# Appletalk configuration
+# Change this to increase the maximum number of clients that can connect:
+AFPD_MAX_CLIENTS=5
+# Change this to set the machine's atalk name:
+# ATALK_NAME=`echo \${HOSTNAME}|cut -d. -f1`
+ATALK_NAME=`grep '^PerlSetVar.*lonHostID' /etc/httpd/conf/access.conf | perl -e '\$_=<>; split(/\s+/); print "LONCAPA_\$_[2]";
+'`
+# Set which daemons to run:
+PAPD_RUN=no
+AFPD_RUN=yes
+# Control whether the daemons are started in the background
+ATALK_BGROUND=no
+END
+close OUT;
+# /etc/conf.modules should have this line
+#      alias net-pf-5 appletalk
+# depmod -a
+$template=`/bin/cat /etc/conf.modules`;
+$template.="alias net-pf-5 appletalk\n";
+open OUT, ">/etc/conf.modules";
+print OUT $template;
+close OUT;
+system('depmod -a');
+
+# restart nfs, smb, xntpd and atalk services
+system('/etc/rc.d/init.d/smb','restart');
+system('/etc/rc.d/init.d/atalk','restart');
+system('/etc/rc.d/init.d portmap','stop');
+system('/etc/rc.d/init.d nfs','stop');
+system('/etc/rc.d/init.d portmap','start');
+system('/etc/rc.d/init.d nfs','start');
+system('/etc/rc.d/init.d/smb','restart');
+system('/etc/rc.d/init.d/inet','restart');
+system('/etc/rc.d/init.d/xntpd','restart');
+
 # restart loncontrol
-# set /etc/hosts.deny to be ALL: ALL
+print "Please be patient while loncontrol services are restarted (approximately 10 minutes).\n";
+system('/etc/rc.d/init.d/loncontrol','restart');
+
 # warn about /etc/hosts.allow
+print <<END;
+Final note:  Currently your machine is set-up
+to disable many different kinds of network
+connectivity.  To enable network connectivity
+different than that needed for LON-CAPA, you
+must make appropriate adjustment to the
+/etc/hosts.allow file.
+END