--- doc/install/linux/install.pl 2011/05/22 11:56:15 1.14 +++ doc/install/linux/install.pl 2018/07/11 01:58:41 1.46 @@ -26,7 +26,11 @@ use strict; use File::Copy; use Term::ReadKey; +use Sys::Hostname::FQDN(); use DBI; +use Cwd(); +use File::Basename(); +use lib File::Basename::dirname(Cwd::abs_path($0)); use LCLocalization::localize; # ========================================================= The language handle @@ -72,7 +76,7 @@ if (!open(LOG,">>loncapa_install.log")) &mt('Stopping execution.')."\n"; exit; } else { - print LOG '$Id: install.pl,v 1.14 2011/05/22 11:56:15 raeburn Exp $'."\n"; + print LOG '$Id: install.pl,v 1.46 2018/07/11 01:58:41 raeburn Exp $'."\n"; } # @@ -191,11 +195,11 @@ sub get_distro { $distro = 'rhes'.$1; $updatecmd = 'yum install LONCAPA-prerequisites'; $installnow = 'yum -y install LONCAPA-prerequisites'; - } elsif ($versionstring =~ /CentOS release (\d+)/) { + } elsif ($versionstring =~ /CentOS(?:| Linux) release (\d+)/) { $distro = 'centos'.$1; $updatecmd = 'yum install LONCAPA-prerequisites'; $installnow = 'yum -y install LONCAPA-prerequisites'; - } elsif ($versionstring =~ /Scientific Linux (SL )?release ([\d.]+) /) { + } elsif ($versionstring =~ /Scientific Linux (?:SL )?release ([\d.]+) /) { my $ver = $1; $ver =~ s/\.\d+$//; $distro = 'scientific'.$ver; @@ -277,6 +281,26 @@ sub get_distro { return ($distro,$packagecmd,$updatecmd,$installnow); } +sub get_hostname { + my $hostname; + print &mt('Enter the hostname of this server, e.g., loncapa.somewhere.edu'."\n"); + my $choice = ; + chomp($choice); + $choice =~ s/(^\s+|\s+$)//g; + if ($choice eq '') { + print &mt("Hostname you entered was either blank or contanied only white space.\n"); + } elsif ($choice =~ /^[\w\.\-]+$/) { + $hostname = $choice; + } else { + print &mt("Hostname you entered was invalid -- a hostname may only contain letters, numbers, - and .\n"); + } + while ($hostname eq '') { + $hostname = &get_hostname(); + } + print "\n"; + return $hostname; +} + sub check_prerequisites { my ($packagecmd,$distro) = @_; my $gotprereqs; @@ -320,6 +344,26 @@ sub check_locale { '/etc/sysconfig/language'); } $langvar = 'RC_LANG'; + } elsif ($distro =~ /^fedora(\d+)/) { + if ($1 >= 18) { + if (!open($fh,"= 7) { + if (!open($fh,"; chomp(@data); foreach my $item (@data) { - if ($item =~ /^\Q$langvar\E=\"([^\"]*)\"/) { + if ($item =~ /^\Q$langvar\E=\"?([^\"]*)\"?/) { my $default = $1; if ($default ne 'en_US.UTF-8') { if ($distro =~ /^debian/) { - $command = 'dpkg-reconfigure locales'; + $command = 'locale-gen en_US.UTF-8'."\n". + 'update-locale LANG=en_US.UTF-8'; } elsif ($distro =~ /^ubuntu/) { - $command = 'sudo set-language-env -E'; + $command = 'sudo locale-gen en_US.UTF-8'."\n". + 'sudo update-locale LANG=en_US.UTF-8'; } elsif ($distro =~ /^(suse|sles)/) { $command = 'yast language'; } else { @@ -357,14 +403,15 @@ sub check_required { } my $gotprereqs = &check_prerequisites($packagecmd,$distro); if ($gotprereqs eq '') { - return ($distro,$gotprereqs); + return ($distro,$gotprereqs,'',$packagecmd,$updatecmd); } my $localecmd = &check_locale($distro); unless ($localecmd eq '') { return ($distro,$gotprereqs,$localecmd); } - my ($mysqlon,$mysqlsetup,$dbh,$has_pass,$has_lcdb,%recommended,$downloadstatus, - $filetouse,$production,$testing,$apachefw,$tostop); + my ($mysqlon,$mysqlsetup,$mysqlrestart,$dbh,$has_pass,$has_lcdb,%recommended, + $downloadstatus,$filetouse,$production,$testing,$apachefw,$tostop, + $uses_systemctl,$hostname); my $wwwuid = &uid_of_www(); my $wwwgid = getgrnam('www'); if (($wwwuid eq '') || ($wwwgid eq '')) { @@ -373,38 +420,59 @@ sub check_required { unless( -e "/usr/local/sbin/pwauth") { $recommended{'pwauth'} = 1; } + my $hostname = Sys::Hostname::FQDN::fqdn(); + if ($hostname eq '') { + $hostname =&get_hostname(); + } else { + print &mt("Hostname detected: $hostname. Is that correct? ~[Y/n~]"); + if (!&get_user_selection(1)) { + $hostname =&get_hostname(); + } + } + print_and_log(&mt('Hostname is [_1]',$hostname)."\n"); $mysqlon = &check_mysql_running($distro); if ($mysqlon) { my $mysql_has_wwwuser = &check_mysql_wwwuser(); - ($mysqlsetup,$has_pass,$dbh) = - &check_mysql_setup($instdir,$dsn); - if ($mysqlsetup eq 'noroot') { - $recommended{'mysqlperms'} = 1; + ($mysqlsetup,$has_pass,$dbh,$mysql_has_wwwuser) = + &check_mysql_setup($instdir,$dsn,$distro,$mysql_has_wwwuser); + if ($mysqlsetup eq 'needsrestart') { + $mysqlrestart = ''; + if ($distro eq 'ubuntu') { + $mysqlrestart = 'sudo '; + } + $mysqlrestart .= 'service mysql restart'; + return ($distro,$gotprereqs,$localecmd,$packagecmd,$updatecmd,$installnow,$mysqlrestart); } else { - unless ($mysql_has_wwwuser) { + if ($mysqlsetup eq 'noroot') { $recommended{'mysqlperms'} = 1; + } else { + unless ($mysql_has_wwwuser) { + $recommended{'mysqlperms'} = 1; + } + } + if ($dbh) { + $has_lcdb = &check_loncapa_mysqldb($dbh); + } + unless ($has_lcdb) { + $recommended{'mysql'} = 1; } - } - if ($dbh) { - $has_lcdb = &check_loncapa_mysqldb($dbh); - } - unless ($has_lcdb) { - $recommended{'mysql'} = 1; } } ($recommended{'firewall'},$apachefw) = &chkfirewall($distro); - ($recommended{'runlevels'},$tostop) = &chkconfig($distro,$instdir); + ($recommended{'runlevels'},$tostop,$uses_systemctl) = &chkconfig($distro,$instdir); $recommended{'apache'} = &chkapache($distro,$instdir); + $recommended{'apachessl'} = &chkapachessl($distro,$instdir,$hostname); $recommended{'stopsrvcs'} = &chksrvcs($distro,$tostop); ($recommended{'download'},$downloadstatus,$filetouse,$production,$testing) = &need_download(); return ($distro,$gotprereqs,$localecmd,$packagecmd,$updatecmd,$installnow, - \%recommended,$dbh,$has_pass,$has_lcdb,$downloadstatus, - $filetouse,$production,$testing,$apachefw); + $mysqlrestart,\%recommended,$dbh,$has_pass,$has_lcdb,$downloadstatus, + $filetouse,$production,$testing,$apachefw,$uses_systemctl,$hostname); } sub check_mysql_running { my ($distro) = @_; + my $use_systemctl; my $mysqldaemon ='mysqld'; if ($distro =~ /^(suse|sles|debian|ubuntu)/) { $mysqldaemon = 'mysql'; @@ -416,8 +484,34 @@ sub check_mysql_running { $process = 'mysqld'; $proc_owner = 'mysql'; } + } elsif ($distro =~ /^fedora(\d+)/) { + if ($1 >= 16) { + $process = 'mysqld'; + $proc_owner = 'mysql'; + $use_systemctl = 1; + } + if ($1 >= 19) { + $mysqldaemon ='mariadb'; + } + } elsif ($distro =~ /^(?:centos|rhes|scientific)(\d+)/) { + if ($1 >= 7) { + $mysqldaemon ='mariadb'; + $process = 'mysqld'; + $proc_owner = 'mysql'; + $use_systemctl = 1; + } + } elsif ($distro =~ /^sles(\d+)/) { + if ($1 >= 12) { + $use_systemctl = 1; + $proc_owner = 'mysql'; + $process = 'mysqld'; + } + } elsif ($distro =~ /^suse(\d+)/) { + if ($1 >= 13) { + $use_systemctl = 1; + } } - if (open(PIPE,"ps -ef |grep $process |grep -v grep 2>&1 |")) { + if (open(PIPE,"ps -ef |grep $process |grep ^$proc_owner |grep -v grep 2>&1 |")) { my $status = ; close(PIPE); chomp($status); @@ -425,7 +519,11 @@ sub check_mysql_running { print_and_log(&mt('MySQL is running.')."\n"); return 1; } else { - system("/etc/init.d/$mysqldaemon start >/dev/null 2>&1 "); + if ($use_systemctl) { + system("/bin/systemctl start $mysqldaemon.service >/dev/null 2>&1 "); + } else { + system("/etc/init.d/$mysqldaemon start >/dev/null 2>&1 "); + } print_and_log(&mt('Waiting for MySQL to start.')."\n"); sleep 5; if (open(PIPE,"ps -ef |grep $process |grep -v grep 2>&1 |")) { @@ -460,8 +558,9 @@ sub check_mysql_running { sub chkconfig { my ($distro,$instdir) = @_; - my (%needfix,%tostop); + my (%needfix,%tostop,%uses_systemctl); my $checker_bin = '/sbin/chkconfig'; + my $sysctl_bin = '/bin/systemctl'; my %daemon = ( mysql => 'mysqld', apache => 'httpd', @@ -480,66 +579,135 @@ sub chkconfig { if ($distro =~ /^(suse|sles)9/) { $daemon{'apache'} = 'apache'; } + if ($distro =~ /^(suse|sles)([\d\.]+)/) { + my $name = $1; + my $num = $2; + if ($num > 11) { + $uses_systemctl{'apache'} = 1; + if (($name eq 'sles') || ($name eq 'suse' && $num >= 13.2)) { + $uses_systemctl{'mysql'} = 1; + $uses_systemctl{'ntp'} = 1; + $uses_systemctl{'cups'} = 1; + $uses_systemctl{'memcached'} = 1; + $daemon{'ntp'} = 'ntpd'; + } + } + } } elsif ($distro =~ /^(?:debian|ubuntu)(\d+)/) { my $version = $1; @runlevels = qw/2 3 4 5/; @norunlevels = qw/0 1 6/; - $checker_bin = '/usr/sbin/sysv-rc-conf'; + if (($distro =~ /^ubuntu/) && ($version <= 16)) { + $checker_bin = '/usr/sbin/sysv-rc-conf'; + } else { + $uses_systemctl{'ntp'} = 1; + $uses_systemctl{'mysql'} = 1; + $uses_systemctl{'apache'} = 1; + $uses_systemctl{'memcached'} = 1; + $uses_systemctl{'cups'} = 1; + } $daemon{'mysql'} = 'mysql'; $daemon{'apache'} = 'apache2'; $daemon{'ntp'} = 'ntp'; if (($distro =~ /^ubuntu/) && ($version <= 8)) { $daemon{'cups'} = 'cupsys'; } + } elsif ($distro =~ /^fedora(\d+)/) { + my $version = $1; + if ($version >= 15) { + $uses_systemctl{'ntp'} = 1; + } + if ($version >= 16) { + $uses_systemctl{'mysql'} = 1; + $uses_systemctl{'apache'} = 1; + $uses_systemctl{'memcached'} = 1; + $uses_systemctl{'cups'} = 1; + } + if ($version >= 19) { + $daemon{'mysql'} = 'mariadb'; + } + } elsif ($distro =~ /^(?:centos|rhes|scientific)(\d+)/) { + my $version = $1; + if ($version >= 7) { + $uses_systemctl{'ntp'} = 1; + $uses_systemctl{'mysql'} = 1; + $uses_systemctl{'apache'} = 1; + $uses_systemctl{'memcached'} = 1; + $uses_systemctl{'cups'} = 1; + $daemon{'mysql'} = 'mariadb'; + } } + my $nocheck; if (! -x $checker_bin) { + if ($uses_systemctl{'mysql'} && $uses_systemctl{'apache'}) { + if (! -x $sysctl_bin) { + $nocheck = 1; + } + } else { + $nocheck = 1; + } + } + if ($nocheck) { print &mt('Could not check runlevel status for MySQL or Apache')."\n"; return; } my $rlstr = join('',@runlevels); my $nrlstr = join('',@norunlevels); + foreach my $type ('apache','mysql','ntp','cups','memcached') { my $service = $daemon{$type}; - my $command = $checker_bin.' --list '.$service.' 2>/dev/null'; - if ($type eq 'cups') { - if ($distro =~ /^(?:debian|ubuntu)(\d+)/) { - my $version = $1; - if (($distro =~ /^ubuntu/) && ($version <= 8)) { - $command = $checker_bin.' --list cupsys 2>/dev/null'; + if ($uses_systemctl{$type}) { + if (($type eq 'memcached') || ($type eq 'cups')) { + if (-l "/etc/systemd/system/multi-user.target.wants/$service.service") { + $tostop{$type} = 1; } - } - } - my $results = `$command`; - my $tofix; - if ($results eq '') { - if (($type eq 'apache') || ($type eq 'mysql') || ($type eq 'ntp')) { - if ($distro =~ /^(debian|ubuntu)/) { - $tofix = "update-rc.d $type defaults"; - } else { - $tofix = "$checker_bin --add $service\n"; + } else { + if (!-l "/etc/systemd/system/multi-user.target.wants/$service.service") { + $needfix{$type} = "systemctl enable $service.service"; } } } else { - my %curr_runlevels; - for (my $rl=0; $rl<=6; $rl++) { - if ($results =~ /$rl:on/) { $curr_runlevels{$rl}++; } + my $command = $checker_bin.' --list '.$service.' 2>/dev/null'; + if ($type eq 'cups') { + if ($distro =~ /^(?:debian|ubuntu)(\d+)/) { + my $version = $1; + if (($distro =~ /^ubuntu/) && ($version <= 8)) { + $command = $checker_bin.' --list cupsys 2>/dev/null'; + } + } } - if (($type eq 'apache') || ($type eq 'mysql') || ($type eq 'ntp')) { - my $warning; - foreach my $rl (@runlevels) { - if (!exists($curr_runlevels{$rl})) { - $warning = 1; + my $results = `$command`; + my $tofix; + if ($results eq '') { + if (($type eq 'apache') || ($type eq 'mysql') || ($type eq 'ntp')) { + if ($distro =~ /^(debian|ubuntu)/) { + $tofix = "update-rc.d $type defaults"; + } else { + $tofix = "$checker_bin --add $service\n"; } } - if ($warning) { - $tofix = "$checker_bin --level $rlstr $service on\n"; + } else { + my %curr_runlevels; + for (my $rl=0; $rl<=6; $rl++) { + if ($results =~ /$rl:on/) { $curr_runlevels{$rl}++; } + } + if (($type eq 'apache') || ($type eq 'mysql') || ($type eq 'ntp')) { + my $warning; + foreach my $rl (@runlevels) { + if (!exists($curr_runlevels{$rl})) { + $warning = 1; + } + } + if ($warning) { + $tofix = "$checker_bin --level $rlstr $service on\n"; + } + } elsif (keys(%curr_runlevels) > 0) { + $tostop{$type} = 1; } - } elsif (keys(%curr_runlevels) > 0) { - $tostop{$type} = 1; } - } - if ($tofix) { - $needfix{$type} = $tofix; + if ($tofix) { + $needfix{$type} = $tofix; + } } } if ($distro =~ /^(suse|sles)([\d\.]+)$/) { @@ -557,7 +725,7 @@ sub chkconfig { } } } - return (\%needfix,\%tostop); + return (\%needfix,\%tostop,\%uses_systemctl); } sub chkfirewall { @@ -599,17 +767,47 @@ sub chkfirewall { sub chkapache { my ($distro,$instdir) = @_; my $fixapache = 1; - if ($distro =~ /^(debian|ubuntu)/) { - if (!-e "$instdir/debian-ubuntu/apache2.conf") { + if ($distro =~ /^(debian|ubuntu)(\d+)$/) { + my $distname = $1; + my $version = $2; + my ($stdconf,$stdsite); + if (($distname eq 'ubuntu') && ($version > 12)) { + $stdconf = "$instdir/debian-ubuntu/ubuntu14/loncapa_conf"; + $stdsite = "$instdir/debian-ubuntu/ubuntu14/loncapa_sites"; + } else { + $stdconf = "$instdir/debian-ubuntu/loncapa"; + } + if (!-e $stdconf) { $fixapache = 0; print &mt('Warning: No LON-CAPA Apache configuration file found for installation check.')."\n"; - } elsif ((-e "/etc/apache2/sites-available/loncapa") && (-e "$instdir/debian-ubuntu/apache2.conf")) { - if (open(PIPE, "diff --brief $instdir/debian-ubuntu/apache2.conf /etc/apache2/sites-available/loncapa |")) { - my $diffres = ; - close(PIPE); - chomp($diffres); - unless ($diffres) { - $fixapache = 0; + } else { + my ($configfile,$sitefile); + if (($distname eq 'ubuntu') && ($version > 12)) { + $sitefile = '/etc/apache2/sites-available/loncapa'; + $configfile = "/etc/apache2/conf-available/loncapa"; + } else { + $configfile = "/etc/apache2/sites-available/loncapa"; + } + if (($configfile ne '') && (-e $configfile) && (-e $stdconf)) { + if (open(PIPE, "diff --brief $stdconf $configfile |")) { + my $diffres = ; + close(PIPE); + chomp($diffres); + unless ($diffres) { + $fixapache = 0; + } + } + } + if ((!$fixapache) && ($distname eq 'ubuntu') && ($version > 12)) { + if (($sitefile ne '') && (-e $sitefile) && (-e $stdsite)) { + if (open(PIPE, "diff --brief $stdsite $sitefile |")) { + my $diffres = ; + close(PIPE); + chomp($diffres); + unless ($diffres) { + $fixapache = 0; + } + } } } } @@ -655,12 +853,16 @@ sub chkapache { } else { my $configfile = 'httpd.conf'; if ($distro =~ /^(?:centos|rhes|scientific)(\d+)$/) { - if ($1 > 5) { + if ($1 >= 7) { + $configfile = 'apache2.4/httpd.conf'; + } elsif ($1 > 5) { $configfile = 'new/httpd.conf'; } } elsif ($distro =~ /^fedora(\d+)$/) { - if ($1 > 10) { - $conftype = 'new/httpd.conf'; + if ($1 > 17) { + $configfile = 'apache2.4/httpd.conf'; + } elsif ($1 > 10) { + $configfile = 'new/httpd.conf'; } } if (!-e "$instdir/centos-rhes-fedora-sl/$configfile") { @@ -680,6 +882,44 @@ sub chkapache { return $fixapache; } +sub chkapachessl { + my ($distro,$instdir,$hostname) = @_; + my $fixapachessl = 1; + my $stdconf = "$instdir/loncapassl.conf"; + if (!-e $stdconf) { + $fixapachessl = 0; + print &mt('Warning: No LON-CAPA SSL Apache configuration file found for installation check.')."\n"; + } else { + my $sslfile; + if ($distro =~ /^(debian|ubuntu)(\d+)$/) { + $sslfile = '/etc/apache2/sites-available/loncapassl.conf'; + } elsif ($distro =~ /(suse|sles)/) { + $sslfile = '/etc/apache2/vhosts.d/loncapassl.conf'; + } else { + $sslfile = '/etc/httpd/conf.d/loncapassl.conf'; + } + if ((-e $sslfile) && (-e $stdconf)) { + if (open(PIPE, "diff -y -bi --suppress-common-lines $stdconf $sslfile |")) { + my $diffres = ; + close(PIPE); + chomp($diffres); + if ($diffres =~ /^\QServerName internal-{[[[[Hostname]]]]}\E\s+\|\s+\QServerName internal-\E$hostname$/) { + $fixapachessl = 0; + } + } + } + unless ($fixapachessl) { + if ($distro =~ /^(debian|ubuntu)(\d+)$/) { + unless ((-l '/etc/apache2/sites-enabled/loncapassl.conf') && + (readlink('/etc/apache2/sites-enabled/loncapassl.conf') eq '/etc/apache2/sites-available/loncapassl.conf')) { + print_and_log(&mt("Warning, use: 'sudo a2ensite loncapassl.conf' to activate LON-CAPA SSL Apache config\n")); + } + } + } + } + return $fixapachessl; +} + sub chksrvcs { my ($distro,$tostop) = @_; my %stopsrvcs; @@ -699,10 +939,10 @@ sub chksrvcs { close(PIPE); if ($daemonrunning) { if ($service eq 'memcached') { - my $cmd = '/usr/sbin/memcached'; - if ($distro =~ /^centos|fedora|scientific|rhes/) { - $cmd = '/usr/bin/memcached'; - } + my $cmd = '/usr/bin/memcached'; + if ($distro =~ /^(suse|sles)/) { + $cmd = '/usr/sbin/memcached'; + } unless ($daemonrunning =~ m{^www[^/]+\Q$cmd -m 400 -v\E$}) { $stopsrvcs{$service} = 1; } @@ -805,13 +1045,36 @@ sub need_download { } sub check_mysql_setup { - my ($instdir,$dsn) = @_; + my ($instdir,$dsn,$distro,$mysql_has_wwwuser) = @_; my ($mysqlsetup,$has_pass); my $dbh = DBI->connect($dsn,'root','',{'PrintError'=>0}); if ($dbh) { $mysqlsetup = 'noroot'; } elsif ($DBI::err =~ /1045/) { $has_pass = 1; + } elsif ($distro =~ /^ubuntu(\d+)$/) { + my $version = $1; + if ($1 > 12) { + print_and_log(&mt('Restarting mysql, please be patient')."\n"); + if (open (PIPE, "service mysql restart 2>&1 |")) { + while () { + print $_; + } + close(PIPE); + } + unless ($mysql_has_wwwuser) { + $mysql_has_wwwuser = &check_mysql_wwwuser(); + } + $dbh = DBI->connect($dsn,'root','',{'PrintError'=>0}); + if ($dbh) { + $mysqlsetup = 'noroot'; + } elsif ($DBI::err =~ /1045/) { + $has_pass = 1; + } else { + $mysqlsetup = 'needsrestart'; + return ($mysqlsetup,$has_pass,$dbh,$mysql_has_wwwuser); + } + } } if ($has_pass) { print &mt('You have already set a root password for the MySQL database.')."\n"; @@ -838,11 +1101,11 @@ sub check_mysql_setup { } } } - } elsif ($mysqlsetup ne 'noroot') { + } elsif ($mysqlsetup ne 'noroot') { print_and_log(&mt('Problem accessing MySQL.')."\n"); $mysqlsetup = 'rootfail'; } - return ($mysqlsetup,$has_pass,$dbh); + return ($mysqlsetup,$has_pass,$dbh,$mysql_has_wwwuser); } sub check_mysql_wwwuser { @@ -1048,11 +1311,12 @@ print " ".&mt('3.')." ".&mt('Set-up the MySQL database.')." ".&mt('4.')." ".&mt('Set-up MySQL permissions.')." ".&mt('5.')." ".&mt('Configure Apache web server.')." -".&mt('6.')." ".&mt('Configure start-up of services.')." -".&mt('7.')." ".&mt('Check firewall settings.')." -".&mt('8.')." ".&mt('Stop services not used by LON-CAPA,')." +".&mt('6.')." ".&mt('Configure SSL for Apache web server.')." +".&mt('7.')." ".&mt('Configure start-up of services.')." +".&mt('8.')." ".&mt('Check firewall settings.')." +".&mt('9.')." ".&mt('Stop services not used by LON-CAPA,')." ".&mt('i.e., services for a print server: [_1] daemon.',"'cups'")." -".&mt('9.')." ".&mt('Download LON-CAPA source code in readiness for installation.')." +".&mt('10.')." ".&mt('Download LON-CAPA source code in readiness for installation.')." ".&mt('Typically, you will run this script only once, when you first install LON-CAPA.')." @@ -1082,25 +1346,26 @@ chomp($instdir); my %callsub; my @actions = ('wwwuser','pwauth','mysql','mysqlperms','apache', - 'runlevels','firewall','stopsrvcs','download'); + 'apachessl','runlevels','firewall','stopsrvcs','download'); my %prompts = &texthash( wwwuser => "Create the 'www' user?", pwauth => 'Install the package LON-CAPA uses to authenticate users?', mysql => 'Set-up the MySQL database?', mysqlperms => 'Set-up MySQL permissions?', apache => 'Configure Apache web server?', + apachessl => 'Configure SSL for Apache web server?', runlevels => 'Set overrides for start-up order of services?', firewall => 'Configure firewall settings for Apache', stopsrvcs => 'Stop extra services not required on a LON-CAPA server?', download => 'Download LON-CAPA source code in readiness for installation?', ); -print "\n".&mt('Checking system status ...')."\n"; +print "\n".&mt('Checking system status ...')."\n\n"; my $dsn = "DBI:mysql:database=mysql"; -my ($distro,$gotprereqs,$localecmd,$packagecmd,$updatecmd,$installnow,$recommended, - $dbh,$has_pass,$has_lcdb,$downloadstatus,$filetouse,$production, - $testing,$apachefw) = &check_required($instdir,$dsn); +my ($distro,$gotprereqs,$localecmd,$packagecmd,$updatecmd,$installnow,$mysqlrestart, + $recommended,$dbh,$has_pass,$has_lcdb,$downloadstatus,$filetouse,$production, + $testing,$apachefw,$uses_systemctl,$hostname) = &check_required($instdir,$dsn); if ($distro eq '') { print "\n".&mt('Linux distribution could not be verified as a supported distribution.')."\n". &mt('The following are supported: [_1].', @@ -1109,6 +1374,13 @@ if ($distro eq '') { &mt('Stopping execution.')."\n"; exit; } +if ($mysqlrestart) { + print "\n".&mt('The mysql daemon needs to be restarted using the following command:')."\n". + $mysqlrestart."\n\n". + &mt('Stopping execution of install.pl script.')."\n". + &mt('Please run the install.pl script again, once you have restarted mysql.')."\n"; + exit; +} if ($localecmd ne '') { print "\n".&mt('Although the LON-CAPA application itself is localized for a number of different languages, the default locale language for the Linux OS on which it runs should be US English.')."\n"; print "\n".&mt('Run the following command from the command line to set the default language for your OS, and then run this LON-CAPA installation set-up script again.')."\n\n". @@ -1121,7 +1393,6 @@ if (!$gotprereqs) { &mt('The following command can be used to install the package (and dependencies):')."\n\n". $updatecmd."\n\n"; if ($installnow eq '') { - print &mt('Stopping execution.')."\n"; exit; } else { print &mt('Run command? ~[Y/n~]'); @@ -1136,8 +1407,8 @@ if (!$gotprereqs) { exit; } else { ($distro,$gotprereqs,$localecmd,$packagecmd,$updatecmd,$installnow, - $recommended,$dbh,$has_pass,$has_lcdb,$downloadstatus, - $filetouse,$production,$testing,$apachefw) = + $mysqlrestart,$recommended,$dbh,$has_pass,$has_lcdb,$downloadstatus, + $filetouse,$production,$testing,$apachefw,$uses_systemctl) = &check_required($instdir,$dsn); } } else { @@ -1211,7 +1482,7 @@ if ($callsub{'download'}) { print &mt('The most recent LON-CAPA release is version: [_1].',$production)."\n". &mt('Download the production release? ~[Y/n~]'); if (&get_user_selection(1)) { - $sourcetarball = $production.'tar.gz'; + $sourcetarball = 'loncapa-'.$production.'.tar.gz'; } } } elsif ($filetouse ne '') { @@ -1261,16 +1532,36 @@ if ($dbh) { if ($callsub{'apache'}) { if ($distro =~ /^(suse|sles)/) { - ©_apache2_suseconf($instdir); + ©_apache2_suseconf($instdir,$hostname); } elsif ($distro =~ /^(debian|ubuntu)/) { - ©_apache2_debconf($instdir); + ©_apache2_debconf($instdir,$distro,$hostname); } else { - ©_httpd_conf($instdir,$distro); + ©_httpd_conf($instdir,$distro,$hostname); } } else { print_and_log(&mt('Skipping configuration of Apache web server.')."\n"); } +if ($callsub{'apachessl'}) { + if ($distro =~ /^(suse|sles)/) { + ©_apache_sslconf_file($instdir,'/etc/apache2/vhosts.d',$hostname); + } elsif ($distro =~ /^(debian|ubuntu)/) { + my $apache2_sites_available_dir = '/etc/apache2/sites-available'; + if (©_apache_sslconf_file($instdir,$apache2_sites_available_dir,$hostname)) { + my $apache2_sites_enabled_dir = '/etc/apache2/sites-enabled'; + my $made_symlink = eval { symlink("$apache2_sites_available_dir/loncapassl.conf","$apache2_sites_enabled_dir/loncapassl.conf"); 1 }; + if ($made_symlink) { + print_and_log(&mt('Enabling "[_1]" Apache SSL configuration.','loncapassl.conf')."\n"); + } + } + } else { + ©_apache_sslconf_file($instdir,'/etc/httpd/conf.d',$hostname); + } + print_and_log("\n"); +} else { + print_and_log(&mt('Skipping configuration of SSL for Apache web server.')."\n"); +} + if ($callsub{'runlevels'}) { my $count = 0; if (ref($recommended) eq 'HASH') { @@ -1331,7 +1622,7 @@ if ($callsub{'firewall'}) { } if ($callsub{'stopsrvcs'}) { - &kill_extra_services($distro,$recommended->{'stopsrvcs'}); + &kill_extra_services($distro,$recommended->{'stopsrvcs'},$uses_systemctl); } else { &print_and_log(&mt('Skipping stopping unnecessary service ([_1] daemons).',"'cups','memcached'")."\n"); } @@ -1518,7 +1809,7 @@ END } sub kill_extra_services { - my ($distro,$stopsrvcs) = @_; + my ($distro,$stopsrvcs,$uses_systemctl) = @_; if (ref($stopsrvcs) eq 'HASH') { my @stopping = sort(keys(%{$stopsrvcs})); if (@stopping) { @@ -1549,10 +1840,31 @@ sub kill_extra_services { } } &print_and_log(&mt('Removing [_1] from startup.',$service)."\n"); - if ($distro =~ /^(debian|ubuntu)/) { - &print_and_log(`update-rc.d -f $daemon remove`); + if ($distro =~ /^(?:debian|ubuntu)(\d+)/) { + my $version = $1; + if (($distro =~ /^ubuntu/) && ($version > 16)) { + if (ref($uses_systemctl) eq 'HASH') { + if ($uses_systemctl->{$service}) { + if (`systemctl is-enabled $service`) { + &print_and_log(`systemctl disable $service`); + } + } + } + } else { + &print_and_log(`update-rc.d -f $daemon remove`); + } } else { - &print_and_log(`/sbin/chkconfig --del $service`); + if (ref($uses_systemctl) eq 'HASH') { + if ($uses_systemctl->{$service}) { + if (`systemctl is-enabled $service`) { + &print_and_log(`systemctl disable $service`); + } + } else { + &print_and_log(`/sbin/chkconfig --del $service`); + } + } else { + &print_and_log(`/sbin/chkconfig --del $service`); + } } } } @@ -1569,7 +1881,7 @@ sub setup_mysql { } push(@mysql_lc_commands,"USE loncapa"); push(@mysql_lc_commands,qq{ -CREATE TABLE IF NOT EXISTS metadata (title TEXT, author TEXT, subject TEXT, url TEXT, keywords TEXT, version TEXT, notes TEXT, abstract TEXT, mime TEXT, language TEXT, creationdate DATETIME, lastrevisiondate DATETIME, owner TEXT, copyright TEXT, domain TEXT, dependencies TEXT, modifyinguser TEXT, authorspace TEXT, lowestgradelevel TEXT, highestgradelevel TEXT, standards TEXT, count INT, course INT, course_list TEXT, goto INT, goto_list TEXT, comefrom INT, comefrom_list TEXT, sequsage INT, sequsage_list TEXT, stdno INT, stdno_list TEXT, avetries FLOAT, avetries_list TEXT, difficulty FLOAT, difficulty_list TEXT, disc FLOAT, disc_list TEXT, clear FLOAT, technical FLOAT, correct FLOAT, helpful FLOAT, depth FLOAT, hostname TEXT, FULLTEXT idx_title (title), FULLTEXT idx_author (author), FULLTEXT idx_subject (subject), FULLTEXT idx_url (url), FULLTEXT idx_keywords (keywords), FULLTEXT idx_version (version), FULLTEXT idx_notes (notes), FULLTEXT idx_abstract (abstract), FULLTEXT idx_mime (mime), FULLTEXT idx_language (language), FULLTEXT idx_owner (owner), FULLTEXT idx_copyright (copyright)) TYPE=MYISAM +CREATE TABLE IF NOT EXISTS metadata (title TEXT, author TEXT, subject TEXT, url TEXT, keywords TEXT, version TEXT, notes TEXT, abstract TEXT, mime TEXT, language TEXT, creationdate DATETIME, lastrevisiondate DATETIME, owner TEXT, copyright TEXT, domain TEXT, dependencies TEXT, modifyinguser TEXT, authorspace TEXT, lowestgradelevel TEXT, highestgradelevel TEXT, standards TEXT, count INT, course INT, course_list TEXT, goto INT, goto_list TEXT, comefrom INT, comefrom_list TEXT, sequsage INT, sequsage_list TEXT, stdno INT, stdno_list TEXT, avetries FLOAT, avetries_list TEXT, difficulty FLOAT, difficulty_list TEXT, disc FLOAT, disc_list TEXT, clear FLOAT, technical FLOAT, correct FLOAT, helpful FLOAT, depth FLOAT, hostname TEXT, FULLTEXT idx_title (title), FULLTEXT idx_author (author), FULLTEXT idx_subject (subject), FULLTEXT idx_url (url), FULLTEXT idx_keywords (keywords), FULLTEXT idx_version (version), FULLTEXT idx_notes (notes), FULLTEXT idx_abstract (abstract), FULLTEXT idx_mime (mime), FULLTEXT idx_language (language), FULLTEXT idx_owner (owner), FULLTEXT idx_copyright (copyright)) ENGINE=MYISAM }); if ($setup_mysql_permissions) { &setup_mysql_permissions($dbh,$has_pass,@mysql_lc_commands); @@ -1590,8 +1902,29 @@ CREATE TABLE IF NOT EXISTS metadata (tit sub setup_mysql_permissions { my ($dbh,$has_pass,@mysql_lc_commands) = @_; - my $mysqlversion = &get_mysql_version(); - my @mysql_commands = ("INSERT user (Host, User, Password) VALUES('localhost','www',password('localhostkey'));"); + my ($mysqlversion,$mysqlsubver,$mysqlname) = &get_mysql_version(); + my ($usesauth,$hasauthcol,@mysql_commands); + if ($mysqlname =~ /^MariaDB/i) { + if ($mysqlversion >= 10.2) { + $usesauth = 1; + } elsif ($mysqlversion >= 5.5) { + $hasauthcol = 1; + } + } else { + if (($mysqlversion > 5.7) || (($mysqlversion == 5.7) && ($mysqlsubver > 5))) { + $usesauth = 1; + } elsif (($mysqlversion >= 5.6) || (($mysqlversion == 5.5) && ($mysqlsubver >= 7))) { + $hasauthcol = 1; + } + } + if ($usesauth) { + @mysql_commands = ("INSERT user (Host, User, ssl_cipher, x509_issuer, x509_subject, authentication_string) VALUES('localhost','www','','','','')", + "ALTER USER 'www'\@'localhost' IDENTIFIED WITH mysql_native_password BY 'localhostkey'"); + } elsif ($hasauthcol) { + @mysql_commands = ("INSERT user (Host, User, Password, ssl_cipher, x509_issuer, x509_subject, authentication_string) VALUES('localhost','www',password('localhostkey'),'','','','');"); + } else { + @mysql_commands = ("INSERT user (Host, User, Password, ssl_cipher, x509_issuer, x509_subject) VALUES('localhost','www',password('localhostkey'),'','','');"); + } if ($mysqlversion < 4) { push (@mysql_commands," INSERT db (Host,Db,User,Select_priv,Insert_priv,Update_priv,Delete_priv,Create_priv,Drop_priv,Grant_priv,References_priv,Index_priv,Alter_priv) VALUES('localhost','loncapa','www','Y','Y','Y','Y','Y','Y','N','Y','Y','Y')"); @@ -1641,7 +1974,7 @@ INSERT db (Host,Db,User,Select_priv,Inse } } if ($got_passwd) { - my (@newpass_cmds) = &new_mysql_rootpasswd($newmysqlpass); + my (@newpass_cmds) = &new_mysql_rootpasswd($newmysqlpass,$usesauth); push(@mysql_commands,@newpass_cmds); } else { print_and_log(&mt('Failed to get MySQL root password from user input.')."\n"); @@ -1650,7 +1983,6 @@ INSERT db (Host,Db,User,Select_priv,Inse if (@mysql_commands) { foreach my $cmd (@mysql_commands) { $dbh->do($cmd) || print $dbh->errstr."\n"; - } } if (@mysql_lc_commands) { @@ -1672,23 +2004,28 @@ INSERT db (Host,Db,User,Select_priv,Inse } sub new_mysql_rootpasswd { - my ($currmysqlpass) = @_; - return ("SET PASSWORD FOR 'root'\@'localhost'=PASSWORD('$currmysqlpass')", - "FLUSH PRIVILEGES;"); + my ($currmysqlpass,$usesauth) = @_; + if ($usesauth) { + return ("ALTER USER 'root'\@'localhost' IDENTIFIED WITH mysql_native_password BY '$currmysqlpass'", + "FLUSH PRIVILEGES;"); + } else { + return ("SET PASSWORD FOR 'root'\@'localhost'=PASSWORD('$currmysqlpass')", + "FLUSH PRIVILEGES;"); + } } sub get_mysql_version { - my $version; + my ($version,$subversion,$name); if (open(PIPE," mysql -V |")) { my $info = ; chomp($info); close(PIPE); - ($version) = ($info =~ /(\d+\.\d+)\.\d+,/); + ($version,$subversion,$name) = ($info =~ /(\d+\.\d+)\.(\d+)\-?(\w*),/); } else { print &mt('Could not determine which version of MySQL is installed.'). "\n"; } - return $version; + return ($version,$subversion,$name); } ########################################################### @@ -1699,14 +2036,18 @@ sub get_mysql_version { ########################################################### sub copy_httpd_conf { - my ($instdir,$distro) = @_; + my ($instdir,$distro,$hostname) = @_; my $configfile = 'httpd.conf'; if ($distro =~ /^(?:centos|rhes|scientific)(\d+)$/) { - if ($1 > 5) { + if ($1 >= 7) { + $configfile = 'apache2.4/httpd.conf'; + } elsif ($1 > 5) { $configfile = 'new/httpd.conf'; } } elsif ($distro =~ /^fedora(\d+)$/) { - if ($1 > 10) { + if ($1 > 17) { + $configfile = 'apache2.4/httpd.conf'; + } elsif ($1 > 10) { $configfile = 'new/httpd.conf'; } } @@ -1718,27 +2059,56 @@ sub copy_httpd_conf { print_and_log("\n"); } +############################################### +## +## Copy/Modify loncapassl.conf +## +############################################### + +sub copy_apache_sslconf_file { + my ($instdir,$targetdir,$hostname) = @_; + my ($success,$error); + if (-e "$instdir/loncapassl.conf") { + if (open(my $fh,'<',"$instdir/loncapassl.conf")) { + if (open(my $out,'>',"$targetdir/loncapassl.conf")) { + while (<$fh>) { + if (/^\QServerName internal-\E/) { + chomp(); + s/^(\QServerName internal-\E)(.*)$/$1$hostname\n/; + } + print $out $_; + } + $success = 1; + } else { + $error = "Could not write to $targetdir/loncapassl.conf"; + } + } else { + $error = "Could not read from $instdir/loncapassl.conf"; + } + } else { + $error = "File to copy from: $instdir/loncapassl.conf does not exist"; + } + if ($success) { + print_and_log(&mt('Successfully copied [_1] to [_2].',"'loncapassl.conf'","'$targetdir/loncapassl.conf'")."\n"); + chmod(0444,"$targetdir/loncapassl.conf"); + } else { + print_and_log(&mt('Failed to copy [_1] to [_2].',"'loncapassl.conf'","'$targetdir/loncapassl.conf'")."\n"); + if ($error) { + print_and_log("$error\n"); + } + } + return $success; +} + ######################################################### ## -## Ubuntu/Debian -- copy our apache2 configuration file to +## Ubuntu/Debian -- copy our loncapa configuration file to ## sites-available and set the symlink from sites-enabled. ## ######################################################### sub copy_apache2_debconf { - my ($instdir) = @_; - print_and_log(&mt('Copying loncapa [_1] config file to [_2] and pointing [_3] to it from sites-enabled.',"'apache2'","'/etc/apache2/sites-available'","'000-default symlink'")."\n"); - my $apache2_sites_enabled_dir = '/etc/apache2/sites-enabled'; - my $apache2_sites_available_dir = '/etc/apache2/sites-available'; - if (-l "$apache2_sites_enabled_dir/000-default") { - unlink("$apache2_sites_enabled_dir/000-default"); - } - if (-e "$apache2_sites_available_dir/loncapa") { - copy("$apache2_sites_available_dir/loncapa","$apache2_sites_available_dir/loncapa.original"); - } - copy("$instdir/debian-ubuntu/apache2.conf","$apache2_sites_available_dir/loncapa"); - chmod(0444,"$apache2_sites_available_dir/loncapa"); - symlink("$apache2_sites_available_dir/loncapa","$apache2_sites_enabled_dir/000-default"); + my ($instdir,$distro,$hostname) = @_; my $apache2_mods_enabled_dir = '/etc/apache2/mods-enabled'; my $apache2_mods_available_dir = '/etc/apache2/mods-available'; foreach my $module ('headers.load','expires.load') { @@ -1747,6 +2117,47 @@ sub copy_apache2_debconf { print_and_log(&mt('Enabling "[_1]" Apache module.',$module)."\n"); } } + my $apache2_sites_enabled_dir = '/etc/apache2/sites-enabled'; + my $apache2_sites_available_dir = '/etc/apache2/sites-available'; + my $defaultconfig = "$apache2_sites_enabled_dir/000-default"; + my ($distname,$version); + if ($distro =~ /^(debian|ubuntu)(\d+)$/) { + $distname = $1; + $version = $2; + } + if (($distname eq 'ubuntu') && ($version > 12)) { + $defaultconfig = "$apache2_sites_enabled_dir/000-default.conf"; + } + if (-l $defaultconfig) { + unlink($defaultconfig); + } + if (($distname eq 'ubuntu') && ($version > 12)) { + print_and_log(&mt('Copying loncapa [_1] config file to [_2] and pointing [_3] to it from conf-enabled.',"'apache2'","'/etc/apache2/conf-available'","'loncapa.conf symlink'")."\n"); + my $apache2_conf_enabled_dir = '/etc/apache2/conf-enabled'; + my $apache2_conf_available_dir = '/etc/apache2/conf-available'; + if (-e "$apache2_conf_available_dir/loncapa") { + copy("$apache2_conf_available_dir/loncapa","$apache2_conf_available_dir/loncapa.original"); + } + my $defaultconf = $apache2_conf_enabled_dir.'/loncapa.conf'; + copy("$instdir/debian-ubuntu/ubuntu14/loncapa_conf","$apache2_conf_available_dir/loncapa"); + chmod(0444,"$apache2_conf_available_dir/loncapa"); + if (-l $defaultconf) { + unlink($defaultconf); + } + symlink("$apache2_conf_available_dir/loncapa","$defaultconf"); + print_and_log(&mt('Copying loncapa [_1] site file to [_2] and pointing [_3] to it from sites-enabled.',"'apache2'","'/etc/apache2/sites-available'","'000-default.conf symlink'")."\n"); + copy("$instdir/debian-ubuntu/ubuntu14/loncapa_site","$apache2_sites_available_dir/loncapa"); + chmod(0444,"$apache2_sites_available_dir/loncapa"); + symlink("$apache2_sites_available_dir/loncapa","$defaultconfig"); + } else { + print_and_log(&mt('Copying loncapa [_1] config file to [_2] and pointing [_3] to it from sites-enabled.',"'apache2'","'/etc/apache2/sites-available'","'000-default symlink'")."\n"); + if (-e "$apache2_sites_available_dir/loncapa") { + copy("$apache2_sites_available_dir/loncapa","$apache2_sites_available_dir/loncapa.original"); + } + copy("$instdir/debian-ubuntu/loncapa","$apache2_sites_available_dir/loncapa"); + chmod(0444,"$apache2_sites_available_dir/loncapa"); + symlink("$apache2_sites_available_dir/loncapa","$apache2_sites_enabled_dir/000-default"); + } print_and_log("\n"); } @@ -1759,7 +2170,7 @@ sub copy_apache2_debconf { ########################################################### sub copy_apache2_suseconf { - my ($instdir) = @_; + my ($instdir,$hostname) = @_; print_and_log(&mt('Copying the LON-CAPA [_1] to [_2].', "'default-server.conf'", "'/etc/apache2/default-server.conf'")."\n");