--- doc/build/Attic/install.html 2000/11/21 15:35:09 1.7 +++ doc/build/Attic/install.html 2002/06/03 06:13:08 1.29 @@ -1,138 +1,248 @@ - - -LON-CAPA Installation - - -

LON-CAPA Installation

-

Current Installation Procedure

-

-Scott Harrison -

-

-Last updated: 11/21/2000 -

-

-This is the current list of steps to support LON-CAPA installation. These steps have -been tested. -

    -
  1. Get Redhat 6.2 on a CD by - -
  2. Install RedHat 6.2 - -

    -

    -After installation, restart the computer. Login as root. Enter these two commands: -

      -
    1. lynx -source http://install.lon-capa.org/3.1/scripts/postinstall.pl>postinstall.pl -
    2. perl postinstall.pl -
    -

    -

    -As postinstall.pl runs, you will be asked various questions. Follow the instructions to correctly -enter in the appropriate parameter values. -

    -
    -

    Old steps; do not use these...

    -Last updated: 11/01/2000 -

    -

    -This is the current list of steps to support LON-CAPA installation. These steps have -been tested. -

      -
    1. Get Redhat 6.2 on a CD by -
        -
      • Using a RedHat 6.2 CD -
      • Downloading a RedHat 6.2 CD image and burning a CD -
      • Or, alternatively do a network install from a -RedHat 6.2 CD source tree. You need to burn a boot floppy disk with a network boot image; - -bootnet-20000407.img. (Download the image file; insert a blank floppy disk; and type a -command similar to: dd if=bootnet-20000407.img of=/dev/fd0). For installation, you -need to specify hobbes.lite.msu.edu/~loninst as your download URL, and /3.1/currentcdsource -as the source location. -
      -
    2. Install RedHat 6.2 -
        -
      • Important: Do a "GNOME Workstation Install" and go with their default list of packages -
      • Important: Make sure you add a user "www" -
      -
    3. After installation, install extra RPMs/upgrades by downloading all files from - -http://install.lon-capa.org/3.1/SupplementalRPMS. -
        -
      • Use this command to install the RPMs you download: rpm -Uvh --force *.rpm. -
      -
    4. Remove extra RPMs by downloading and running the script - -http://install.lon-capa.org/3.1/scripts/remove_extra.sh as root. -
    5. After installing the supplemental RPMS, install a final RPM set by downloading all files from - -http://install.lon-capa.org/3.1/FinalRPMS. -
        -
      • Use this command to install the RPMs you download: rpm -Uvh --force *.rpm. -
      -
    6. Configure needed files. - -
    7. Important files are /etc/httpd/conf/access.conf, /etc/ntp.conf, /etc/krb.conf, -/home/httpd/lonTabs/spare.tab, /home/httpd/lonTabs/hosts.tab (if setting up a cluster different -than MSU's). -
    8. Unshadow passwords -
        -
        You can do this by these 5 steps:
        -1. enter the system command, as "root", pwunconv
        -2. enter the system command, as "root", grpunconv
        -3. Set the following to be the /etc/pam.d/login file on your system
        -#%PAM-1.0
        -auth       required     /lib/security/pam_securetty.so
        -auth       required     /lib/security/pam_pwdb.so shadow nullok
        -auth       required     /lib/security/pam_nologin.so
        -account    required     /lib/security/pam_pwdb.so
        -password   required     /lib/security/pam_cracklib.so
        -password   required     /lib/security/pam_pwdb.so nullok use_authtok
        -session    required     /lib/security/pam_pwdb.so
        -session    optional     /lib/security/pam_console.so
        -4. Set the following to be the /etc/pam.d/passwd file on your system
        -#%PAM-1.0
        -auth       required     /lib/security/pam_pwdb.so shadow nullok
        -account    required     /lib/security/pam_pwdb.so
        -password   required     /lib/security/pam_cracklib.so retry=3
        -password   required     /lib/security/pam_pwdb.so use_authtok nullok
        -5. Set/reset passwords.  As "root" use 'passwd', and 'passwd www'
        -to change the important passwords.  This creates crypt-processible
        -passwords in /etc/passwd.
        -
        -
      -
    9. Run, as root, ln -s /etc/mime.types /etc/httpd/conf/mime.types -
    10. Run, as root, /etc/rc.d/init.d/httpd start. -
    11. Run, as root, /etc/rc.d/init.d/loncontrol start. -
    12. After 10 minutes, you should be able to check the file /home/httpd/html/lon-status/index.html -to see if your machine has been successfully set up. - -
    -

    -

    Future Installation Procedure (not yet implemented)

    -

    -In the future, LON-CAPA Installation will be distributed on a CD complete with a -customized interface. Many elements for doing this have been coded, and are in place, but -it awaits completion. -

    - - + + + + + + +LON-CAPA Installation + + + + + +
      +

    +You will need to check all the following things to ensure proper +installation of your LON-CAPA system. +

    + +
      + + + +

    Creating a user 'www'

    +

    +Execute the following command to create a user named 'www' on your +LON-CAPA server: +

    +
    +/usr/sbin/useradd www +
    +
    +

    Make a LON-CAPA system work with shadow passwords

    + + + + + + + + + +
    Step #Description
    +1 + +

    Is your system using shadow passwords? (Note: LON-CAPA will +work with either MD5/non-MD5 configured systems). If your +system is not using shadow passwords, then do not perform +any of the additional steps. If your system is using shadow +passwords, then you will need to perform the additional steps below. +

    +

    +How to detect: +
    command: cat /etc/passwd | grep ':x:' +

    +

    If there is output such as "root:x:0:0:root:/root:/bin/bash", +then your system is using shadow passwords and you will need to continue with +the steps below. +

    +
    +2 + +

    Retrieve the mod_auth_external source by +running the following command +

    +

    +wget http://www.wwnet.net/~janc/software/mod_auth_external-2.1.13.tar.gz + +

    +
    +3 + +

    Unpack the mod_auth_external source by +running the following command +

    +

    +tar xzvf mod_auth_external-2.1.13.tar.gz +

    +
    +4 + +

    Go to the pwauth directory by +running the following command +

    +

    +cd mod_auth_external-2.1.13/pwauth/ +

    +
    +5 + +

    Edit config.h and change SERVER_UIDS definition +

    +

    +Determine the user id of 'www': +
    grep ^www /etc/passwd | cut -d':' -f3 +
    +Change the line +
    #define SERVER_UIDS 99 /* user "nobody" */ +
    to be +
    #define SERVER_UIDS 513 /* user "www" */ +
    where in this example 513 corresponds to the user id of 'www'. +

    +
    +6 + +

    Compile the pwauth executable by +running the following command +

    +

    +make +

    +
    +7 + +

    Install pwauth by doing the following +

    +

    +cp pwauth /usr/local/sbin/ +
    chmod 6755 /usr/local/sbin/pwauth +

    +

    +Edit (creating the file) /etc/pam.d/pwauth to have the contents: +

    +
    +        auth       required     /lib/security/pam_pwdb.so shadow nullok
    +        auth       required     /lib/security/pam_nologin.so
    +        account    required     /lib/security/pam_pwdb.so
    +
    +
    +
    +

    Installing LON-CAPA files

    +

    +Download the most current + +loncapa.tar.gz. +

    + + +
    wget http://install.lon-capa.org/versions/current/loncapa.tar.gz + +
    +tar xzvf loncapa.tar.gz +
    +cd loncapa
    +

    +The UPDATE command will refresh your filesystem with all +the latest LON-CAPA software. +

    + + +
    ./UPDATE
    + +

    Checking your Linux RPMs

    +

    +The CHECKRPMS command will check the RPMs on your machine +against an FTP repository. +

    + + +
    ./CHECKRPMS
    +
    +

    Configuring the MySQL database

    +

    +The following commands describe how to configure the MySQL database +on your LON-CAPA server. +
    Note: +

    +
      +
    • you should substitute 'ROOTPASSWORD' with something very hard to guess +(it does not have to be the Linux OS root password) +
    • +
    • The MySQL www@localhost user must always have a password of 'localhostkey' +in order for there to be correct operation of a standard LON-CAPA system. +
    • +
    +

    +The following instructions assume you are logged in as 'root'. +

    +

    Entering the mysql shell

    +
    +
    +mysql -u root -p mysql
    +OR
    +mysql -u root mysql (depending on whether you have set a root password)
    +
    +
    +

    Creating the mysql 'www' user (after entering mysql shell)

    +
    +
    +mysql> CREATE DATABASE loncapa;
    +
    +mysql> INSERT INTO user (Host, User, Password)
    +mysql> VALUES ('localhost','www',password('localhostkey'));
    +
    +mysql> GRANT ALL PRIVILEGES ON *.* TO www@localhost;
    +
    +mysql> FLUSH PRIVILEGES;
    +
    +
    +

    SECURITY: set a password for the mysql 'root' user

    +
    +
    +shell> mysql -u root mysql
    +mysql> SET PASSWORD FOR root@localhost=PASSWORD('ROOTPASSWORD');
    +
    +
    +

    SECURITY: only allow access from localhost

    +
    +
    +shell> mysql -u root -p mysql
    +mysql> DELETE FROM user WHERE host<>'localhost';
    +
    +
    +
    +

    Testing to see if the LON-CAPA server is operational

    +

    +The TEST command will check the installation software, +the perl libraries on your system, the MySQL database, and +will also automatically test the real-time operation of the +LON-CAPA Apache web server. +

    + + +
    ./TEST
    +

    +Using the TEST command will likely +be an iterative process. +It is normal to expect that the TEST command +will recommend you perform various steps to ensure optimal +performance of your LON-CAPA server. +

    + + + +