--- doc/install/linux/install.pl 2021/03/11 21:00:36 1.45.2.10 +++ doc/install/linux/install.pl 2021/03/28 22:10:35 1.45.2.15 @@ -27,6 +27,7 @@ use strict; use File::Copy; use Term::ReadKey; use DBI; +use File::Spec; use Cwd(); use File::Basename(); use lib File::Basename::dirname(Cwd::abs_path($0)); @@ -75,7 +76,7 @@ if (!open(LOG,">>loncapa_install.log")) &mt('Stopping execution.')."\n"; exit; } else { - print LOG '$Id: install.pl,v 1.45.2.10 2021/03/11 21:00:36 raeburn Exp $'."\n"; + print LOG '$Id: install.pl,v 1.45.2.15 2021/03/28 22:10:35 raeburn Exp $'."\n"; } # @@ -209,7 +210,7 @@ sub get_distro { $distro = 'rhes'.$1; $updatecmd = 'dnf install LONCAPA-prerequisites'; $installnow = 'dnf -y install LONCAPA-prerequisites'; - } elsif ($versionstring =~ /CentOS(?:| Linux) release (\d+)/) { + } elsif ($versionstring =~ /CentOS(?:| Linux| Stream) release (\d+)/) { $distro = 'centos'.$1; $updatecmd = 'yum install LONCAPA-prerequisites'; $installnow = 'yum -y install LONCAPA-prerequisites'; @@ -457,7 +458,7 @@ sub check_required { } my ($mysqlon,$mysqlsetup,$mysqlrestart,$dbh,$has_pass,$mysql_unix_socket,$has_lcdb, %recommended,$downloadstatus,$filetouse,$production,$testing,$apachefw, - $tostop,$uses_systemctl); + $tostop,$uses_systemctl,$mysql_has_wwwuser); my $wwwuid = &uid_of_www(); my $wwwgid = getgrnam('www'); if (($wwwuid eq '') || ($wwwgid eq '')) { @@ -468,9 +469,8 @@ sub check_required { } $mysqlon = &check_mysql_running($distro); if ($mysqlon) { - my $mysql_has_wwwuser = &check_mysql_wwwuser(); - ($mysqlsetup,$has_pass,$dbh,$mysql_has_wwwuser,$mysql_unix_socket) = - &check_mysql_setup($instdir,$dsn,$distro,$mysql_has_wwwuser); + ($mysqlsetup,$has_pass,$dbh,$mysql_has_wwwuser,$mysql_unix_socket) = + &check_mysql_setup($instdir,$dsn,$distro); if ($mysqlsetup eq 'needsrestart') { $mysqlrestart = ''; if ($distro eq 'ubuntu') { @@ -799,13 +799,13 @@ sub uses_firewalld { } if ($checkfirewalld) { my ($loaded,$active); - if (open(PIPE,"systemctl status firewalld |")) { + if (open(PIPE,"systemctl status firewalld 2>/dev/null |")) { while () { chomp(); if (/^\s*Loaded:\s+(\w+)/) { $loaded = $1; } - if (/^\s*Active\s+(\w+)/) { + if (/^\s*Active:\s+(\w+)/) { $active = $1; } } @@ -1154,8 +1154,8 @@ sub need_download { } sub check_mysql_setup { - my ($instdir,$dsn,$distro,$mysql_has_wwwuser) = @_; - my ($mysqlsetup,$has_pass,$mysql_unix_socket); + my ($instdir,$dsn,$distro) = @_; + my ($mysqlsetup,$has_pass,$mysql_unix_socket,$mysql_has_wwwuser); my $dbh = DBI->connect($dsn,'root','',{'PrintError'=>0}); my ($mysqlversion,$mysqlsubver,$mysqlname) = &get_mysql_version(); if (($mysqlname =~ /^MariaDB/i) && ($mysqlversion >= 10.4)) { @@ -1163,7 +1163,7 @@ sub check_mysql_setup { my $sth = $dbh->prepare("SELECT Priv FROM mysql.global_priv WHERE (User = 'root' AND Host ='localhost')"); $sth->execute(); while (my $priv = $sth->fetchrow_array) { - if ($priv =~ /unix_socket/) { + if ($priv =~ /unix_socket/) { $mysql_unix_socket = 1; last; } @@ -1172,16 +1172,30 @@ sub check_mysql_setup { if ($mysql_unix_socket) { print_and_log(&mt('MariaDB using unix_socket for root access from localhost.')."\n"); $mysqlsetup = 'rootok'; - $mysql_unix_socket = 1; - unless ($mysql_has_wwwuser) { - $mysql_has_wwwuser = &check_mysql_wwwuser(); - } + $mysql_has_wwwuser = &check_mysql_wwwuser($dbh); return ($mysqlsetup,$has_pass,$dbh,$mysql_has_wwwuser,$mysql_unix_socket); } } } if ($dbh) { - $mysqlsetup = 'noroot'; + $mysqlsetup = 'noroot'; + if (($mysqlname !~ /^MariaDB/i) && ($mysqlversion >= 5.7)) { + my $sth = $dbh->prepare("SELECT plugin from mysql.user where User='root'"); + $sth->execute(); + while (my $priv = $sth->fetchrow_array) { + if ($priv =~ /auth_socket/) { + $mysql_unix_socket = 1; + last; + } + } + $sth->finish(); + if ($mysql_unix_socket) { + print_and_log(&mt('MySQL using unix_socket for root access from localhost.')."\n"); + $mysqlsetup = 'rootok'; + $mysql_has_wwwuser = &check_mysql_wwwuser($dbh); + return ($mysqlsetup,$has_pass,$dbh,$mysql_has_wwwuser,$mysql_unix_socket); + } + } } elsif ($DBI::err =~ /1045/) { $has_pass = 1; } elsif ($distro =~ /^ubuntu(\d+)$/) { @@ -1194,16 +1208,15 @@ sub check_mysql_setup { } close(PIPE); } - unless ($mysql_has_wwwuser) { - $mysql_has_wwwuser = &check_mysql_wwwuser(); - } $dbh = DBI->connect($dsn,'root','',{'PrintError'=>0}); if ($dbh) { $mysqlsetup = 'noroot'; + $mysql_has_wwwuser = &check_mysql_wwwuser($dbh); } elsif ($DBI::err =~ /1045/) { $has_pass = 1; } else { $mysqlsetup = 'needsrestart'; + $mysql_has_wwwuser = &check_mysql_wwwuser(); return ($mysqlsetup,$has_pass,$dbh,$mysql_has_wwwuser); } } @@ -1215,6 +1228,7 @@ sub check_mysql_setup { if ($dbh) { $mysqlsetup = 'rootok'; print_and_log(&mt('Password accepted.')."\n"); + $mysql_has_wwwuser = &check_mysql_wwwuser($dbh); } else { $mysqlsetup = 'rootfail'; print_and_log(&mt('Problem accessing MySQL.')."\n"); @@ -1226,27 +1240,35 @@ sub check_mysql_setup { if ($dbh) { $mysqlsetup = 'rootok'; print_and_log(&mt('Password accepted.')."\n"); + $mysql_has_wwwuser = &check_mysql_wwwuser($dbh); } else { if ($DBI::err =~ /1045/) { print_and_log(&mt('Incorrect password.')."\n"); } + $mysql_has_wwwuser = &check_mysql_wwwuser(); } } } } elsif ($mysqlsetup ne 'noroot') { print_and_log(&mt('Problem accessing MySQL.')."\n"); $mysqlsetup = 'rootfail'; + $mysql_has_wwwuser = &check_mysql_wwwuser(); } return ($mysqlsetup,$has_pass,$dbh,$mysql_has_wwwuser); } sub check_mysql_wwwuser { + my ($dbh) = @_; my $mysql_wwwuser; - my $dbhn = DBI->connect("DBI:mysql:database=information_schema",'www','localhostkey', - {PrintError => +0}) || return; - if ($dbhn) { - $mysql_wwwuser = 1; - $dbhn->disconnect; + if ($dbh) { + $mysql_wwwuser = $dbh->selectrow_array("SELECT COUNT(User) FROM mysql.user WHERE (User = 'www' AND Host ='localhost')"); + } else { + my $dbhn = DBI->connect("DBI:mysql:database=information_schema",'www','localhostkey', + {PrintError => +0}) || return; + if ($dbhn) { + $mysql_wwwuser = 1; + $dbhn->disconnect; + } } return $mysql_wwwuser; } @@ -1646,7 +1668,7 @@ if ($callsub{'pwauth'}) { if ($callsub{'mysql'}) { if ($dbh) { &setup_mysql($callsub{'mysqlperms'},$dbh,$has_pass, - $mysql_unix_socket,$has_lcdb); + $mysql_unix_socket,$has_lcdb,$distro); } else { print &mt('Unable to configure MySQL because access is denied.')."\n"; } @@ -1733,14 +1755,16 @@ if ($callsub{'firewall'}) { if (keys(%added) > 0) { print &mt('Firewall configured to allow access for: [_1].', join(', ',sort(keys(%added))))."\n"; + system('firewall-cmd --reload'); } if ($current{'http'} || $current{'https'}) { print &mt('Firewall already configured to allow access for:[_1].', (($current{'http'})? ' http':'').(($current{'https'})? ' https':''))."\n"; } unless ($current{'ssh'}) { - print &mt('If you would the like to allow access to ssh from outside, use the command[_1].', - "firewall-cmd --permanent --zone=$zone --add-service=ssh")."\n"; + print &mt('If you would like to allow access to ssh from outside, use the commands:')."\n". + "firewall-cmd --permanent --zone=$zone --add-service=ssh\n". + "firewall-cmd --reload\n"; } } elsif ($distro =~ /^(suse|sles)/) { print &mt('Use [_1] to configure the firewall to allow access for [_2].', @@ -1829,32 +1853,73 @@ if ($callsub{'download'}) { } print "\n".&mt('Requested configuration complete.')."\n\n"; -my $apachename; if ($have_tarball && !$updateshown) { my ($lcdir) = ($sourcetarball =~ /^([\w.\-]+)\.tar.gz$/); + my ($apachename,$lc_uses_systemctl,$uses_sudo); + if ($distro =~ /^(suse|sles|debian|ubuntu)([\d.]+)/) { + if (($1 eq 'suse') && ($2 < 10)) { + $apachename = 'apache'; + } else { + $apachename = 'apache2'; + } + } else { + $apachename = 'httpd'; + } + if ($distro =~ /^oracle(\d+)$/) { + if ($1 > 6) { + $lc_uses_systemctl = 1; + } + } elsif ($distro =~ /^(?:rhes|centos)(\d+)$/) { + if ($1 > 7) { + $lc_uses_systemctl = 1; + } + } elsif ($distro =~ /^ubuntu(\d+)$/) { + if ($1 > 16) { + $lc_uses_systemctl = 1; + } + $uses_sudo = 1; + } elsif ($distro =~ /^sles(\d+)$/) { + if ($1 > 12) { + $lc_uses_systemctl = 1; + } + } if (!-e '/etc/loncapa-release') { print &mt('If you are now ready to install LON-CAPA, enter the following commands:')."\n\n"; } else { - print &mt('If you are now ready to update LON-CAPA, enter the following commands:')."\n\n". - "/etc/init.d/loncontrol stop\n"; - if ($distro =~ /^(suse|sles|debian|ubuntu)([\d.]+)/) { - if (($1 eq 'suse') && ($2 < 10)) { - $apachename = 'apache'; - } else { - $apachename = 'apache2'; - } - } else { - $apachename = 'httpd'; + my $lcstop = '/etc/init.d/loncontrol stop'; + if ($lc_uses_systemctl) { + $lcstop = 'systemctl stop loncontrol'; + } + my $apachestop = "/etc/init.d/$apachename stop"; + if ($uses_systemctl) { + $apachestop = "systemctl stop $apachename"; + } + if ($uses_sudo) { + $lcstop = 'sudo '.$lcstop; + $apachestop = 'sudo '.$apachestop; } - print "/etc/init.d/$apachename stop\n"; + print &mt('If you are now ready to update LON-CAPA, enter the following commands:'). + "\n\n$lcstop\n$apachestop\n"; } print "cd /root\n". "tar zxf $sourcetarball\n". "cd $lcdir\n". "./UPDATE\n"; if (-e '/etc/loncapa-release') { - print "/etc/init.d/loncontrol start\n"; - print "/etc/init.d/$apachename start\n"; + my $lcstart = '/etc/init.d/loncontrol start'; + if ($lc_uses_systemctl) { + $lcstart = '/home/httpd/perl/loncontrol start'; + } + my $apachestart = "/etc/init.d/$apachename start"; + if ($uses_systemctl) { + $apachestart = "systemctl start $apachename"; + } + if ($uses_sudo) { + $lcstart = 'sudo '.$lcstart; + $apachestart = 'sudo '.$apachestart; + } + print "$lcstart\n"; + print "$apachestart\n"; } } exit; @@ -2038,10 +2103,20 @@ sub kill_extra_services { } sub setup_mysql { - my ($setup_mysql_permissions,$dbh,$has_pass,$mysql_unix_socket,$has_lcdb) = @_; + my ($setup_mysql_permissions,$dbh,$has_pass,$mysql_unix_socket,$has_lcdb,$distro) = @_; my @mysql_lc_commands; unless ($has_lcdb) { - push(@mysql_lc_commands,"CREATE DATABASE loncapa"); + my $createcmd = 'CREATE DATABASE loncapa'; + if ($distro =~ /^sles(\d+)/) { + if ($1 > 11) { + $createcmd .= ' CHARACTER SET utf8 COLLATE utf8_general_ci'; + } + } elsif ($distro =~ /^ubuntu(\d+)/) { + if ($1 > 16) { + $createcmd .= ' CHARACTER SET latin1 COLLATE latin1_swedish_ci'; + } + } + push(@mysql_lc_commands,$createcmd); } push(@mysql_lc_commands,"USE loncapa"); push(@mysql_lc_commands,qq{ @@ -2087,7 +2162,8 @@ sub setup_mysql_permissions { if ($usescreate) { @mysql_commands = ("CREATE USER 'www'\@'localhost' IDENTIFIED BY 'localhostkey'"); } elsif ($usesauth) { - @mysql_commands = ("INSERT user (Host, User, ssl_cipher, x509_issuer, x509_subject, authentication_string) VALUES('localhost','www','','','','')"); + @mysql_commands = ("INSERT user (Host, User, ssl_cipher, x509_issuer, x509_subject, authentication_string) VALUES('localhost','www','','','','')", + "FLUSH PRIVILEGES"); if ($is_mariadb) { push(@mysql_commands,"ALTER USER 'www'\@'localhost' IDENTIFIED BY 'localhostkey'"); } else { @@ -2324,10 +2400,15 @@ sub copy_apache2_debconf { copy("$apache2_conf_available_dir/loncapa","$apache2_conf_available_dir/loncapa.conf.original"); } else { copy("$apache2_conf_available_dir/loncapa","$apache2_conf_available_dir/loncapa.conf"); - symlink("$apache2_conf_available_dir/loncapa.conf","$defaultconf"); + chdir($apache2_conf_enabled_dir); + symlink('../conf-available/loncapa.conf','loncapa.conf'); + chdir($instdir); } if (-l $defaultconf) { my $linkfname = readlink($defaultconf); + if ($linkfname ne '') { + $linkfname = Cwd::abs_path(File::Spec->rel2abs($linkfname,$apache2_conf_enabled_dir)); + } if ($linkfname eq "$apache2_conf_available_dir/loncapa") { unlink($defaultconf); } @@ -2345,6 +2426,9 @@ sub copy_apache2_debconf { } if (-l $defaultconf) { my $linkfname = readlink($defaultconf); + if ($linkfname ne '') { + $linkfname = Cwd::abs_path(File::Spec->rel2abs($linkfname,$apache2_conf_enabled_dir)); + } if ($linkfname eq "$apache2_conf_available_dir/loncapa.conf") { unless ($diffres) { $skipconf = 1; @@ -2360,7 +2444,9 @@ sub copy_apache2_debconf { if (-l $defaultconf) { unlink($defaultconf); } - symlink("$apache2_conf_available_dir/loncapa.conf","$defaultconf"); + chdir($apache2_conf_enabled_dir); + symlink('../conf-available/loncapa.conf','loncapa.conf'); + chdir($instdir); } my $stdsite = "$instdir/debian-ubuntu/ubuntu14/loncapa_site"; if ((-e $stdsite) && (-e "$apache2_sites_available_dir/loncapa")) { @@ -2375,6 +2461,9 @@ sub copy_apache2_debconf { } if (-l $defaultconfig) { my $linkfname = readlink($defaultconfig); + if ($linkfname ne '') { + $linkfname = Cwd::abs_path(File::Spec->rel2abs($linkfname,$apache2_sites_enabled_dir)); + } if ($linkfname eq "$apache2_sites_available_dir/loncapa") { unlink($defaultconfig); } @@ -2392,7 +2481,10 @@ sub copy_apache2_debconf { } if (-l $defaultsite) { my $linkfname = readlink($defaultsite); - if ($linkfname eq "$apache2_conf_available_dir/loncapa.conf") { + if ($linkfname ne '') { + $linkfname = Cwd::abs_path(File::Spec->rel2abs($linkfname,$apache2_sites_enabled_dir)); + } + if ($linkfname eq "$apache2_sites_available_dir/loncapa.conf") { unless ($diffres) { $skipsite = 1; } @@ -2404,11 +2496,16 @@ sub copy_apache2_debconf { print_and_log(&mt('Copying loncapa [_1] site file to [_2] and pointing [_3] to it from sites-enabled.',"'apache2'","'/etc/apache2/sites-available'","'loncapa.conf symlink'")."\n"); copy("$instdir/debian-ubuntu/ubuntu14/loncapa_site","$apache2_sites_available_dir/loncapa.conf"); chmod(0444,"$apache2_sites_available_dir/loncapa.conf"); - symlink("$apache2_sites_available_dir/loncapa.conf","$defaultsite"); + chdir($apache2_sites_enabled_dir); + symlink('../sites-available/loncapa.conf','loncapa.conf'); + chdir($instdir); } - if (-l defaultconfig) { + if (-l $defaultconfig) { my $linkfname = readlink($defaultconfig); - if ($linkfname eq "$apache2_sites_available_dir/000-default") { + if ($linkfname ne '') { + $linkfname = Cwd::abs_path(File::Spec->rel2abs($linkfname,$apache2_sites_enabled_dir)); + } + if ($linkfname eq "$apache2_sites_available_dir/000-default.conf") { unlink($defaultconfig); } }