--- doc/install/linux/install.pl 2013/01/06 23:04:07 1.24 +++ doc/install/linux/install.pl 2018/07/11 01:58:41 1.46 @@ -26,7 +26,11 @@ use strict; use File::Copy; use Term::ReadKey; +use Sys::Hostname::FQDN(); use DBI; +use Cwd(); +use File::Basename(); +use lib File::Basename::dirname(Cwd::abs_path($0)); use LCLocalization::localize; # ========================================================= The language handle @@ -72,7 +76,7 @@ if (!open(LOG,">>loncapa_install.log")) &mt('Stopping execution.')."\n"; exit; } else { - print LOG '$Id: install.pl,v 1.24 2013/01/06 23:04:07 raeburn Exp $'."\n"; + print LOG '$Id: install.pl,v 1.46 2018/07/11 01:58:41 raeburn Exp $'."\n"; } # @@ -277,6 +281,26 @@ sub get_distro { return ($distro,$packagecmd,$updatecmd,$installnow); } +sub get_hostname { + my $hostname; + print &mt('Enter the hostname of this server, e.g., loncapa.somewhere.edu'."\n"); + my $choice = ; + chomp($choice); + $choice =~ s/(^\s+|\s+$)//g; + if ($choice eq '') { + print &mt("Hostname you entered was either blank or contanied only white space.\n"); + } elsif ($choice =~ /^[\w\.\-]+$/) { + $hostname = $choice; + } else { + print &mt("Hostname you entered was invalid -- a hostname may only contain letters, numbers, - and .\n"); + } + while ($hostname eq '') { + $hostname = &get_hostname(); + } + print "\n"; + return $hostname; +} + sub check_prerequisites { my ($packagecmd,$distro) = @_; my $gotprereqs; @@ -330,6 +354,16 @@ sub check_locale { print &mt('Failed to open: [_1], default locale not checked.', '/etc/sysconfig/i18n'); } + } elsif ($distro =~ /^(?:rhes|centos|scientific)(\d+)/) { + if ($1 >= 7) { + if (!open($fh,"; chomp(@data); foreach my $item (@data) { - if ($item =~ /^\Q$langvar\E=\"([^\"]*)\"/) { + if ($item =~ /^\Q$langvar\E=\"?([^\"]*)\"?/) { my $default = $1; if ($default ne 'en_US.UTF-8') { if ($distro =~ /^debian/) { - $command = 'dpkg-reconfigure locales'; + $command = 'locale-gen en_US.UTF-8'."\n". + 'update-locale LANG=en_US.UTF-8'; } elsif ($distro =~ /^ubuntu/) { - $command = 'sudo set-language-env -E'; + $command = 'sudo locale-gen en_US.UTF-8'."\n". + 'sudo update-locale LANG=en_US.UTF-8'; } elsif ($distro =~ /^(suse|sles)/) { $command = 'yast language'; } else { @@ -373,8 +409,9 @@ sub check_required { unless ($localecmd eq '') { return ($distro,$gotprereqs,$localecmd); } - my ($mysqlon,$mysqlsetup,$dbh,$has_pass,$has_lcdb,%recommended,$downloadstatus, - $filetouse,$production,$testing,$apachefw,$tostop); + my ($mysqlon,$mysqlsetup,$mysqlrestart,$dbh,$has_pass,$has_lcdb,%recommended, + $downloadstatus,$filetouse,$production,$testing,$apachefw,$tostop, + $uses_systemctl,$hostname); my $wwwuid = &uid_of_www(); my $wwwgid = getgrnam('www'); if (($wwwuid eq '') || ($wwwgid eq '')) { @@ -383,34 +420,54 @@ sub check_required { unless( -e "/usr/local/sbin/pwauth") { $recommended{'pwauth'} = 1; } + my $hostname = Sys::Hostname::FQDN::fqdn(); + if ($hostname eq '') { + $hostname =&get_hostname(); + } else { + print &mt("Hostname detected: $hostname. Is that correct? ~[Y/n~]"); + if (!&get_user_selection(1)) { + $hostname =&get_hostname(); + } + } + print_and_log(&mt('Hostname is [_1]',$hostname)."\n"); $mysqlon = &check_mysql_running($distro); if ($mysqlon) { my $mysql_has_wwwuser = &check_mysql_wwwuser(); - ($mysqlsetup,$has_pass,$dbh) = - &check_mysql_setup($instdir,$dsn); - if ($mysqlsetup eq 'noroot') { - $recommended{'mysqlperms'} = 1; + ($mysqlsetup,$has_pass,$dbh,$mysql_has_wwwuser) = + &check_mysql_setup($instdir,$dsn,$distro,$mysql_has_wwwuser); + if ($mysqlsetup eq 'needsrestart') { + $mysqlrestart = ''; + if ($distro eq 'ubuntu') { + $mysqlrestart = 'sudo '; + } + $mysqlrestart .= 'service mysql restart'; + return ($distro,$gotprereqs,$localecmd,$packagecmd,$updatecmd,$installnow,$mysqlrestart); } else { - unless ($mysql_has_wwwuser) { + if ($mysqlsetup eq 'noroot') { $recommended{'mysqlperms'} = 1; + } else { + unless ($mysql_has_wwwuser) { + $recommended{'mysqlperms'} = 1; + } + } + if ($dbh) { + $has_lcdb = &check_loncapa_mysqldb($dbh); + } + unless ($has_lcdb) { + $recommended{'mysql'} = 1; } - } - if ($dbh) { - $has_lcdb = &check_loncapa_mysqldb($dbh); - } - unless ($has_lcdb) { - $recommended{'mysql'} = 1; } } ($recommended{'firewall'},$apachefw) = &chkfirewall($distro); - ($recommended{'runlevels'},$tostop) = &chkconfig($distro,$instdir); + ($recommended{'runlevels'},$tostop,$uses_systemctl) = &chkconfig($distro,$instdir); $recommended{'apache'} = &chkapache($distro,$instdir); + $recommended{'apachessl'} = &chkapachessl($distro,$instdir,$hostname); $recommended{'stopsrvcs'} = &chksrvcs($distro,$tostop); ($recommended{'download'},$downloadstatus,$filetouse,$production,$testing) = &need_download(); return ($distro,$gotprereqs,$localecmd,$packagecmd,$updatecmd,$installnow, - \%recommended,$dbh,$has_pass,$has_lcdb,$downloadstatus, - $filetouse,$production,$testing,$apachefw); + $mysqlrestart,\%recommended,$dbh,$has_pass,$has_lcdb,$downloadstatus, + $filetouse,$production,$testing,$apachefw,$uses_systemctl,$hostname); } sub check_mysql_running { @@ -427,15 +484,34 @@ sub check_mysql_running { $process = 'mysqld'; $proc_owner = 'mysql'; } - } - if ($distro =~ /^fedora(\d+)/) { + } elsif ($distro =~ /^fedora(\d+)/) { if ($1 >= 16) { $process = 'mysqld'; $proc_owner = 'mysql'; $use_systemctl = 1; } + if ($1 >= 19) { + $mysqldaemon ='mariadb'; + } + } elsif ($distro =~ /^(?:centos|rhes|scientific)(\d+)/) { + if ($1 >= 7) { + $mysqldaemon ='mariadb'; + $process = 'mysqld'; + $proc_owner = 'mysql'; + $use_systemctl = 1; + } + } elsif ($distro =~ /^sles(\d+)/) { + if ($1 >= 12) { + $use_systemctl = 1; + $proc_owner = 'mysql'; + $process = 'mysqld'; + } + } elsif ($distro =~ /^suse(\d+)/) { + if ($1 >= 13) { + $use_systemctl = 1; + } } - if (open(PIPE,"ps -ef |grep $process |grep -v grep 2>&1 |")) { + if (open(PIPE,"ps -ef |grep $process |grep ^$proc_owner |grep -v grep 2>&1 |")) { my $status = ; close(PIPE); chomp($status); @@ -503,18 +579,40 @@ sub chkconfig { if ($distro =~ /^(suse|sles)9/) { $daemon{'apache'} = 'apache'; } + if ($distro =~ /^(suse|sles)([\d\.]+)/) { + my $name = $1; + my $num = $2; + if ($num > 11) { + $uses_systemctl{'apache'} = 1; + if (($name eq 'sles') || ($name eq 'suse' && $num >= 13.2)) { + $uses_systemctl{'mysql'} = 1; + $uses_systemctl{'ntp'} = 1; + $uses_systemctl{'cups'} = 1; + $uses_systemctl{'memcached'} = 1; + $daemon{'ntp'} = 'ntpd'; + } + } + } } elsif ($distro =~ /^(?:debian|ubuntu)(\d+)/) { my $version = $1; @runlevels = qw/2 3 4 5/; @norunlevels = qw/0 1 6/; - $checker_bin = '/usr/sbin/sysv-rc-conf'; + if (($distro =~ /^ubuntu/) && ($version <= 16)) { + $checker_bin = '/usr/sbin/sysv-rc-conf'; + } else { + $uses_systemctl{'ntp'} = 1; + $uses_systemctl{'mysql'} = 1; + $uses_systemctl{'apache'} = 1; + $uses_systemctl{'memcached'} = 1; + $uses_systemctl{'cups'} = 1; + } $daemon{'mysql'} = 'mysql'; $daemon{'apache'} = 'apache2'; $daemon{'ntp'} = 'ntp'; if (($distro =~ /^ubuntu/) && ($version <= 8)) { $daemon{'cups'} = 'cupsys'; } - } elsif ($distro =~ /^(?:fedora)(\d+)/) { + } elsif ($distro =~ /^fedora(\d+)/) { my $version = $1; if ($version >= 15) { $uses_systemctl{'ntp'} = 1; @@ -522,6 +620,21 @@ sub chkconfig { if ($version >= 16) { $uses_systemctl{'mysql'} = 1; $uses_systemctl{'apache'} = 1; + $uses_systemctl{'memcached'} = 1; + $uses_systemctl{'cups'} = 1; + } + if ($version >= 19) { + $daemon{'mysql'} = 'mariadb'; + } + } elsif ($distro =~ /^(?:centos|rhes|scientific)(\d+)/) { + my $version = $1; + if ($version >= 7) { + $uses_systemctl{'ntp'} = 1; + $uses_systemctl{'mysql'} = 1; + $uses_systemctl{'apache'} = 1; + $uses_systemctl{'memcached'} = 1; + $uses_systemctl{'cups'} = 1; + $daemon{'mysql'} = 'mariadb'; } } my $nocheck; @@ -544,13 +657,18 @@ sub chkconfig { foreach my $type ('apache','mysql','ntp','cups','memcached') { my $service = $daemon{$type}; if ($uses_systemctl{$type}) { - if (!-l "/etc/systemd/system/multi-user.target.wants/$service.service") { - $needfix{$type} = "systemctl enable $service.service"; + if (($type eq 'memcached') || ($type eq 'cups')) { + if (-l "/etc/systemd/system/multi-user.target.wants/$service.service") { + $tostop{$type} = 1; + } + } else { + if (!-l "/etc/systemd/system/multi-user.target.wants/$service.service") { + $needfix{$type} = "systemctl enable $service.service"; + } } - next; } else { my $command = $checker_bin.' --list '.$service.' 2>/dev/null'; - if ($type eq 'cups') { + if ($type eq 'cups') { if ($distro =~ /^(?:debian|ubuntu)(\d+)/) { my $version = $1; if (($distro =~ /^ubuntu/) && ($version <= 8)) { @@ -607,7 +725,7 @@ sub chkconfig { } } } - return (\%needfix,\%tostop); + return (\%needfix,\%tostop,\%uses_systemctl); } sub chkfirewall { @@ -649,17 +767,47 @@ sub chkfirewall { sub chkapache { my ($distro,$instdir) = @_; my $fixapache = 1; - if ($distro =~ /^(debian|ubuntu)/) { - if (!-e "$instdir/debian-ubuntu/loncapa") { + if ($distro =~ /^(debian|ubuntu)(\d+)$/) { + my $distname = $1; + my $version = $2; + my ($stdconf,$stdsite); + if (($distname eq 'ubuntu') && ($version > 12)) { + $stdconf = "$instdir/debian-ubuntu/ubuntu14/loncapa_conf"; + $stdsite = "$instdir/debian-ubuntu/ubuntu14/loncapa_sites"; + } else { + $stdconf = "$instdir/debian-ubuntu/loncapa"; + } + if (!-e $stdconf) { $fixapache = 0; print &mt('Warning: No LON-CAPA Apache configuration file found for installation check.')."\n"; - } elsif ((-e "/etc/apache2/sites-available/loncapa") && (-e "$instdir/debian-ubuntu/loncapa")) { - if (open(PIPE, "diff --brief $instdir/debian-ubuntu/loncapa /etc/apache2/sites-available/loncapa |")) { - my $diffres = ; - close(PIPE); - chomp($diffres); - unless ($diffres) { - $fixapache = 0; + } else { + my ($configfile,$sitefile); + if (($distname eq 'ubuntu') && ($version > 12)) { + $sitefile = '/etc/apache2/sites-available/loncapa'; + $configfile = "/etc/apache2/conf-available/loncapa"; + } else { + $configfile = "/etc/apache2/sites-available/loncapa"; + } + if (($configfile ne '') && (-e $configfile) && (-e $stdconf)) { + if (open(PIPE, "diff --brief $stdconf $configfile |")) { + my $diffres = ; + close(PIPE); + chomp($diffres); + unless ($diffres) { + $fixapache = 0; + } + } + } + if ((!$fixapache) && ($distname eq 'ubuntu') && ($version > 12)) { + if (($sitefile ne '') && (-e $sitefile) && (-e $stdsite)) { + if (open(PIPE, "diff --brief $stdsite $sitefile |")) { + my $diffres = ; + close(PIPE); + chomp($diffres); + unless ($diffres) { + $fixapache = 0; + } + } } } } @@ -705,11 +853,15 @@ sub chkapache { } else { my $configfile = 'httpd.conf'; if ($distro =~ /^(?:centos|rhes|scientific)(\d+)$/) { - if ($1 > 5) { + if ($1 >= 7) { + $configfile = 'apache2.4/httpd.conf'; + } elsif ($1 > 5) { $configfile = 'new/httpd.conf'; } } elsif ($distro =~ /^fedora(\d+)$/) { - if ($1 > 10) { + if ($1 > 17) { + $configfile = 'apache2.4/httpd.conf'; + } elsif ($1 > 10) { $configfile = 'new/httpd.conf'; } } @@ -730,6 +882,44 @@ sub chkapache { return $fixapache; } +sub chkapachessl { + my ($distro,$instdir,$hostname) = @_; + my $fixapachessl = 1; + my $stdconf = "$instdir/loncapassl.conf"; + if (!-e $stdconf) { + $fixapachessl = 0; + print &mt('Warning: No LON-CAPA SSL Apache configuration file found for installation check.')."\n"; + } else { + my $sslfile; + if ($distro =~ /^(debian|ubuntu)(\d+)$/) { + $sslfile = '/etc/apache2/sites-available/loncapassl.conf'; + } elsif ($distro =~ /(suse|sles)/) { + $sslfile = '/etc/apache2/vhosts.d/loncapassl.conf'; + } else { + $sslfile = '/etc/httpd/conf.d/loncapassl.conf'; + } + if ((-e $sslfile) && (-e $stdconf)) { + if (open(PIPE, "diff -y -bi --suppress-common-lines $stdconf $sslfile |")) { + my $diffres = ; + close(PIPE); + chomp($diffres); + if ($diffres =~ /^\QServerName internal-{[[[[Hostname]]]]}\E\s+\|\s+\QServerName internal-\E$hostname$/) { + $fixapachessl = 0; + } + } + } + unless ($fixapachessl) { + if ($distro =~ /^(debian|ubuntu)(\d+)$/) { + unless ((-l '/etc/apache2/sites-enabled/loncapassl.conf') && + (readlink('/etc/apache2/sites-enabled/loncapassl.conf') eq '/etc/apache2/sites-available/loncapassl.conf')) { + print_and_log(&mt("Warning, use: 'sudo a2ensite loncapassl.conf' to activate LON-CAPA SSL Apache config\n")); + } + } + } + } + return $fixapachessl; +} + sub chksrvcs { my ($distro,$tostop) = @_; my %stopsrvcs; @@ -855,13 +1045,36 @@ sub need_download { } sub check_mysql_setup { - my ($instdir,$dsn) = @_; + my ($instdir,$dsn,$distro,$mysql_has_wwwuser) = @_; my ($mysqlsetup,$has_pass); my $dbh = DBI->connect($dsn,'root','',{'PrintError'=>0}); if ($dbh) { $mysqlsetup = 'noroot'; } elsif ($DBI::err =~ /1045/) { $has_pass = 1; + } elsif ($distro =~ /^ubuntu(\d+)$/) { + my $version = $1; + if ($1 > 12) { + print_and_log(&mt('Restarting mysql, please be patient')."\n"); + if (open (PIPE, "service mysql restart 2>&1 |")) { + while () { + print $_; + } + close(PIPE); + } + unless ($mysql_has_wwwuser) { + $mysql_has_wwwuser = &check_mysql_wwwuser(); + } + $dbh = DBI->connect($dsn,'root','',{'PrintError'=>0}); + if ($dbh) { + $mysqlsetup = 'noroot'; + } elsif ($DBI::err =~ /1045/) { + $has_pass = 1; + } else { + $mysqlsetup = 'needsrestart'; + return ($mysqlsetup,$has_pass,$dbh,$mysql_has_wwwuser); + } + } } if ($has_pass) { print &mt('You have already set a root password for the MySQL database.')."\n"; @@ -888,11 +1101,11 @@ sub check_mysql_setup { } } } - } elsif ($mysqlsetup ne 'noroot') { + } elsif ($mysqlsetup ne 'noroot') { print_and_log(&mt('Problem accessing MySQL.')."\n"); $mysqlsetup = 'rootfail'; } - return ($mysqlsetup,$has_pass,$dbh); + return ($mysqlsetup,$has_pass,$dbh,$mysql_has_wwwuser); } sub check_mysql_wwwuser { @@ -1098,11 +1311,12 @@ print " ".&mt('3.')." ".&mt('Set-up the MySQL database.')." ".&mt('4.')." ".&mt('Set-up MySQL permissions.')." ".&mt('5.')." ".&mt('Configure Apache web server.')." -".&mt('6.')." ".&mt('Configure start-up of services.')." -".&mt('7.')." ".&mt('Check firewall settings.')." -".&mt('8.')." ".&mt('Stop services not used by LON-CAPA,')." +".&mt('6.')." ".&mt('Configure SSL for Apache web server.')." +".&mt('7.')." ".&mt('Configure start-up of services.')." +".&mt('8.')." ".&mt('Check firewall settings.')." +".&mt('9.')." ".&mt('Stop services not used by LON-CAPA,')." ".&mt('i.e., services for a print server: [_1] daemon.',"'cups'")." -".&mt('9.')." ".&mt('Download LON-CAPA source code in readiness for installation.')." +".&mt('10.')." ".&mt('Download LON-CAPA source code in readiness for installation.')." ".&mt('Typically, you will run this script only once, when you first install LON-CAPA.')." @@ -1132,25 +1346,26 @@ chomp($instdir); my %callsub; my @actions = ('wwwuser','pwauth','mysql','mysqlperms','apache', - 'runlevels','firewall','stopsrvcs','download'); + 'apachessl','runlevels','firewall','stopsrvcs','download'); my %prompts = &texthash( wwwuser => "Create the 'www' user?", pwauth => 'Install the package LON-CAPA uses to authenticate users?', mysql => 'Set-up the MySQL database?', mysqlperms => 'Set-up MySQL permissions?', apache => 'Configure Apache web server?', + apachessl => 'Configure SSL for Apache web server?', runlevels => 'Set overrides for start-up order of services?', firewall => 'Configure firewall settings for Apache', stopsrvcs => 'Stop extra services not required on a LON-CAPA server?', download => 'Download LON-CAPA source code in readiness for installation?', ); -print "\n".&mt('Checking system status ...')."\n"; +print "\n".&mt('Checking system status ...')."\n\n"; my $dsn = "DBI:mysql:database=mysql"; -my ($distro,$gotprereqs,$localecmd,$packagecmd,$updatecmd,$installnow,$recommended, - $dbh,$has_pass,$has_lcdb,$downloadstatus,$filetouse,$production, - $testing,$apachefw) = &check_required($instdir,$dsn); +my ($distro,$gotprereqs,$localecmd,$packagecmd,$updatecmd,$installnow,$mysqlrestart, + $recommended,$dbh,$has_pass,$has_lcdb,$downloadstatus,$filetouse,$production, + $testing,$apachefw,$uses_systemctl,$hostname) = &check_required($instdir,$dsn); if ($distro eq '') { print "\n".&mt('Linux distribution could not be verified as a supported distribution.')."\n". &mt('The following are supported: [_1].', @@ -1159,6 +1374,13 @@ if ($distro eq '') { &mt('Stopping execution.')."\n"; exit; } +if ($mysqlrestart) { + print "\n".&mt('The mysql daemon needs to be restarted using the following command:')."\n". + $mysqlrestart."\n\n". + &mt('Stopping execution of install.pl script.')."\n". + &mt('Please run the install.pl script again, once you have restarted mysql.')."\n"; + exit; +} if ($localecmd ne '') { print "\n".&mt('Although the LON-CAPA application itself is localized for a number of different languages, the default locale language for the Linux OS on which it runs should be US English.')."\n"; print "\n".&mt('Run the following command from the command line to set the default language for your OS, and then run this LON-CAPA installation set-up script again.')."\n\n". @@ -1171,7 +1393,6 @@ if (!$gotprereqs) { &mt('The following command can be used to install the package (and dependencies):')."\n\n". $updatecmd."\n\n"; if ($installnow eq '') { - print &mt('Stopping execution.')."\n"; exit; } else { print &mt('Run command? ~[Y/n~]'); @@ -1186,8 +1407,8 @@ if (!$gotprereqs) { exit; } else { ($distro,$gotprereqs,$localecmd,$packagecmd,$updatecmd,$installnow, - $recommended,$dbh,$has_pass,$has_lcdb,$downloadstatus, - $filetouse,$production,$testing,$apachefw) = + $mysqlrestart,$recommended,$dbh,$has_pass,$has_lcdb,$downloadstatus, + $filetouse,$production,$testing,$apachefw,$uses_systemctl) = &check_required($instdir,$dsn); } } else { @@ -1311,16 +1532,36 @@ if ($dbh) { if ($callsub{'apache'}) { if ($distro =~ /^(suse|sles)/) { - ©_apache2_suseconf($instdir); + ©_apache2_suseconf($instdir,$hostname); } elsif ($distro =~ /^(debian|ubuntu)/) { - ©_apache2_debconf($instdir); + ©_apache2_debconf($instdir,$distro,$hostname); } else { - ©_httpd_conf($instdir,$distro); + ©_httpd_conf($instdir,$distro,$hostname); } } else { print_and_log(&mt('Skipping configuration of Apache web server.')."\n"); } +if ($callsub{'apachessl'}) { + if ($distro =~ /^(suse|sles)/) { + ©_apache_sslconf_file($instdir,'/etc/apache2/vhosts.d',$hostname); + } elsif ($distro =~ /^(debian|ubuntu)/) { + my $apache2_sites_available_dir = '/etc/apache2/sites-available'; + if (©_apache_sslconf_file($instdir,$apache2_sites_available_dir,$hostname)) { + my $apache2_sites_enabled_dir = '/etc/apache2/sites-enabled'; + my $made_symlink = eval { symlink("$apache2_sites_available_dir/loncapassl.conf","$apache2_sites_enabled_dir/loncapassl.conf"); 1 }; + if ($made_symlink) { + print_and_log(&mt('Enabling "[_1]" Apache SSL configuration.','loncapassl.conf')."\n"); + } + } + } else { + ©_apache_sslconf_file($instdir,'/etc/httpd/conf.d',$hostname); + } + print_and_log("\n"); +} else { + print_and_log(&mt('Skipping configuration of SSL for Apache web server.')."\n"); +} + if ($callsub{'runlevels'}) { my $count = 0; if (ref($recommended) eq 'HASH') { @@ -1381,7 +1622,7 @@ if ($callsub{'firewall'}) { } if ($callsub{'stopsrvcs'}) { - &kill_extra_services($distro,$recommended->{'stopsrvcs'}); + &kill_extra_services($distro,$recommended->{'stopsrvcs'},$uses_systemctl); } else { &print_and_log(&mt('Skipping stopping unnecessary service ([_1] daemons).',"'cups','memcached'")."\n"); } @@ -1568,7 +1809,7 @@ END } sub kill_extra_services { - my ($distro,$stopsrvcs) = @_; + my ($distro,$stopsrvcs,$uses_systemctl) = @_; if (ref($stopsrvcs) eq 'HASH') { my @stopping = sort(keys(%{$stopsrvcs})); if (@stopping) { @@ -1599,10 +1840,31 @@ sub kill_extra_services { } } &print_and_log(&mt('Removing [_1] from startup.',$service)."\n"); - if ($distro =~ /^(debian|ubuntu)/) { - &print_and_log(`update-rc.d -f $daemon remove`); + if ($distro =~ /^(?:debian|ubuntu)(\d+)/) { + my $version = $1; + if (($distro =~ /^ubuntu/) && ($version > 16)) { + if (ref($uses_systemctl) eq 'HASH') { + if ($uses_systemctl->{$service}) { + if (`systemctl is-enabled $service`) { + &print_and_log(`systemctl disable $service`); + } + } + } + } else { + &print_and_log(`update-rc.d -f $daemon remove`); + } } else { - &print_and_log(`/sbin/chkconfig --del $service`); + if (ref($uses_systemctl) eq 'HASH') { + if ($uses_systemctl->{$service}) { + if (`systemctl is-enabled $service`) { + &print_and_log(`systemctl disable $service`); + } + } else { + &print_and_log(`/sbin/chkconfig --del $service`); + } + } else { + &print_and_log(`/sbin/chkconfig --del $service`); + } } } } @@ -1640,8 +1902,29 @@ CREATE TABLE IF NOT EXISTS metadata (tit sub setup_mysql_permissions { my ($dbh,$has_pass,@mysql_lc_commands) = @_; - my $mysqlversion = &get_mysql_version(); - my @mysql_commands = ("INSERT user (Host, User, Password) VALUES('localhost','www',password('localhostkey'));"); + my ($mysqlversion,$mysqlsubver,$mysqlname) = &get_mysql_version(); + my ($usesauth,$hasauthcol,@mysql_commands); + if ($mysqlname =~ /^MariaDB/i) { + if ($mysqlversion >= 10.2) { + $usesauth = 1; + } elsif ($mysqlversion >= 5.5) { + $hasauthcol = 1; + } + } else { + if (($mysqlversion > 5.7) || (($mysqlversion == 5.7) && ($mysqlsubver > 5))) { + $usesauth = 1; + } elsif (($mysqlversion >= 5.6) || (($mysqlversion == 5.5) && ($mysqlsubver >= 7))) { + $hasauthcol = 1; + } + } + if ($usesauth) { + @mysql_commands = ("INSERT user (Host, User, ssl_cipher, x509_issuer, x509_subject, authentication_string) VALUES('localhost','www','','','','')", + "ALTER USER 'www'\@'localhost' IDENTIFIED WITH mysql_native_password BY 'localhostkey'"); + } elsif ($hasauthcol) { + @mysql_commands = ("INSERT user (Host, User, Password, ssl_cipher, x509_issuer, x509_subject, authentication_string) VALUES('localhost','www',password('localhostkey'),'','','','');"); + } else { + @mysql_commands = ("INSERT user (Host, User, Password, ssl_cipher, x509_issuer, x509_subject) VALUES('localhost','www',password('localhostkey'),'','','');"); + } if ($mysqlversion < 4) { push (@mysql_commands," INSERT db (Host,Db,User,Select_priv,Insert_priv,Update_priv,Delete_priv,Create_priv,Drop_priv,Grant_priv,References_priv,Index_priv,Alter_priv) VALUES('localhost','loncapa','www','Y','Y','Y','Y','Y','Y','N','Y','Y','Y')"); @@ -1691,7 +1974,7 @@ INSERT db (Host,Db,User,Select_priv,Inse } } if ($got_passwd) { - my (@newpass_cmds) = &new_mysql_rootpasswd($newmysqlpass); + my (@newpass_cmds) = &new_mysql_rootpasswd($newmysqlpass,$usesauth); push(@mysql_commands,@newpass_cmds); } else { print_and_log(&mt('Failed to get MySQL root password from user input.')."\n"); @@ -1700,7 +1983,6 @@ INSERT db (Host,Db,User,Select_priv,Inse if (@mysql_commands) { foreach my $cmd (@mysql_commands) { $dbh->do($cmd) || print $dbh->errstr."\n"; - } } if (@mysql_lc_commands) { @@ -1722,23 +2004,28 @@ INSERT db (Host,Db,User,Select_priv,Inse } sub new_mysql_rootpasswd { - my ($currmysqlpass) = @_; - return ("SET PASSWORD FOR 'root'\@'localhost'=PASSWORD('$currmysqlpass')", - "FLUSH PRIVILEGES;"); + my ($currmysqlpass,$usesauth) = @_; + if ($usesauth) { + return ("ALTER USER 'root'\@'localhost' IDENTIFIED WITH mysql_native_password BY '$currmysqlpass'", + "FLUSH PRIVILEGES;"); + } else { + return ("SET PASSWORD FOR 'root'\@'localhost'=PASSWORD('$currmysqlpass')", + "FLUSH PRIVILEGES;"); + } } sub get_mysql_version { - my $version; + my ($version,$subversion,$name); if (open(PIPE," mysql -V |")) { my $info = ; chomp($info); close(PIPE); - ($version) = ($info =~ /(\d+\.\d+)\.\d+,/); + ($version,$subversion,$name) = ($info =~ /(\d+\.\d+)\.(\d+)\-?(\w*),/); } else { print &mt('Could not determine which version of MySQL is installed.'). "\n"; } - return $version; + return ($version,$subversion,$name); } ########################################################### @@ -1749,14 +2036,18 @@ sub get_mysql_version { ########################################################### sub copy_httpd_conf { - my ($instdir,$distro) = @_; + my ($instdir,$distro,$hostname) = @_; my $configfile = 'httpd.conf'; if ($distro =~ /^(?:centos|rhes|scientific)(\d+)$/) { - if ($1 > 5) { + if ($1 >= 7) { + $configfile = 'apache2.4/httpd.conf'; + } elsif ($1 > 5) { $configfile = 'new/httpd.conf'; } } elsif ($distro =~ /^fedora(\d+)$/) { - if ($1 > 10) { + if ($1 > 17) { + $configfile = 'apache2.4/httpd.conf'; + } elsif ($1 > 10) { $configfile = 'new/httpd.conf'; } } @@ -1768,6 +2059,47 @@ sub copy_httpd_conf { print_and_log("\n"); } +############################################### +## +## Copy/Modify loncapassl.conf +## +############################################### + +sub copy_apache_sslconf_file { + my ($instdir,$targetdir,$hostname) = @_; + my ($success,$error); + if (-e "$instdir/loncapassl.conf") { + if (open(my $fh,'<',"$instdir/loncapassl.conf")) { + if (open(my $out,'>',"$targetdir/loncapassl.conf")) { + while (<$fh>) { + if (/^\QServerName internal-\E/) { + chomp(); + s/^(\QServerName internal-\E)(.*)$/$1$hostname\n/; + } + print $out $_; + } + $success = 1; + } else { + $error = "Could not write to $targetdir/loncapassl.conf"; + } + } else { + $error = "Could not read from $instdir/loncapassl.conf"; + } + } else { + $error = "File to copy from: $instdir/loncapassl.conf does not exist"; + } + if ($success) { + print_and_log(&mt('Successfully copied [_1] to [_2].',"'loncapassl.conf'","'$targetdir/loncapassl.conf'")."\n"); + chmod(0444,"$targetdir/loncapassl.conf"); + } else { + print_and_log(&mt('Failed to copy [_1] to [_2].',"'loncapassl.conf'","'$targetdir/loncapassl.conf'")."\n"); + if ($error) { + print_and_log("$error\n"); + } + } + return $success; +} + ######################################################### ## ## Ubuntu/Debian -- copy our loncapa configuration file to @@ -1776,19 +2108,7 @@ sub copy_httpd_conf { ######################################################### sub copy_apache2_debconf { - my ($instdir) = @_; - print_and_log(&mt('Copying loncapa [_1] config file to [_2] and pointing [_3] to it from sites-enabled.',"'apache2'","'/etc/apache2/sites-available'","'000-default symlink'")."\n"); - my $apache2_sites_enabled_dir = '/etc/apache2/sites-enabled'; - my $apache2_sites_available_dir = '/etc/apache2/sites-available'; - if (-l "$apache2_sites_enabled_dir/000-default") { - unlink("$apache2_sites_enabled_dir/000-default"); - } - if (-e "$apache2_sites_available_dir/loncapa") { - copy("$apache2_sites_available_dir/loncapa","$apache2_sites_available_dir/loncapa.original"); - } - copy("$instdir/debian-ubuntu/loncapa","$apache2_sites_available_dir/loncapa"); - chmod(0444,"$apache2_sites_available_dir/loncapa"); - symlink("$apache2_sites_available_dir/loncapa","$apache2_sites_enabled_dir/000-default"); + my ($instdir,$distro,$hostname) = @_; my $apache2_mods_enabled_dir = '/etc/apache2/mods-enabled'; my $apache2_mods_available_dir = '/etc/apache2/mods-available'; foreach my $module ('headers.load','expires.load') { @@ -1797,6 +2117,47 @@ sub copy_apache2_debconf { print_and_log(&mt('Enabling "[_1]" Apache module.',$module)."\n"); } } + my $apache2_sites_enabled_dir = '/etc/apache2/sites-enabled'; + my $apache2_sites_available_dir = '/etc/apache2/sites-available'; + my $defaultconfig = "$apache2_sites_enabled_dir/000-default"; + my ($distname,$version); + if ($distro =~ /^(debian|ubuntu)(\d+)$/) { + $distname = $1; + $version = $2; + } + if (($distname eq 'ubuntu') && ($version > 12)) { + $defaultconfig = "$apache2_sites_enabled_dir/000-default.conf"; + } + if (-l $defaultconfig) { + unlink($defaultconfig); + } + if (($distname eq 'ubuntu') && ($version > 12)) { + print_and_log(&mt('Copying loncapa [_1] config file to [_2] and pointing [_3] to it from conf-enabled.',"'apache2'","'/etc/apache2/conf-available'","'loncapa.conf symlink'")."\n"); + my $apache2_conf_enabled_dir = '/etc/apache2/conf-enabled'; + my $apache2_conf_available_dir = '/etc/apache2/conf-available'; + if (-e "$apache2_conf_available_dir/loncapa") { + copy("$apache2_conf_available_dir/loncapa","$apache2_conf_available_dir/loncapa.original"); + } + my $defaultconf = $apache2_conf_enabled_dir.'/loncapa.conf'; + copy("$instdir/debian-ubuntu/ubuntu14/loncapa_conf","$apache2_conf_available_dir/loncapa"); + chmod(0444,"$apache2_conf_available_dir/loncapa"); + if (-l $defaultconf) { + unlink($defaultconf); + } + symlink("$apache2_conf_available_dir/loncapa","$defaultconf"); + print_and_log(&mt('Copying loncapa [_1] site file to [_2] and pointing [_3] to it from sites-enabled.',"'apache2'","'/etc/apache2/sites-available'","'000-default.conf symlink'")."\n"); + copy("$instdir/debian-ubuntu/ubuntu14/loncapa_site","$apache2_sites_available_dir/loncapa"); + chmod(0444,"$apache2_sites_available_dir/loncapa"); + symlink("$apache2_sites_available_dir/loncapa","$defaultconfig"); + } else { + print_and_log(&mt('Copying loncapa [_1] config file to [_2] and pointing [_3] to it from sites-enabled.',"'apache2'","'/etc/apache2/sites-available'","'000-default symlink'")."\n"); + if (-e "$apache2_sites_available_dir/loncapa") { + copy("$apache2_sites_available_dir/loncapa","$apache2_sites_available_dir/loncapa.original"); + } + copy("$instdir/debian-ubuntu/loncapa","$apache2_sites_available_dir/loncapa"); + chmod(0444,"$apache2_sites_available_dir/loncapa"); + symlink("$apache2_sites_available_dir/loncapa","$apache2_sites_enabled_dir/000-default"); + } print_and_log("\n"); } @@ -1809,7 +2170,7 @@ sub copy_apache2_debconf { ########################################################### sub copy_apache2_suseconf { - my ($instdir) = @_; + my ($instdir,$hostname) = @_; print_and_log(&mt('Copying the LON-CAPA [_1] to [_2].', "'default-server.conf'", "'/etc/apache2/default-server.conf'")."\n");