--- doc/install/linux/install.pl 2014/10/29 20:56:18 1.32 +++ doc/install/linux/install.pl 2019/02/16 16:19:11 1.45.2.1 @@ -27,6 +27,9 @@ use strict; use File::Copy; use Term::ReadKey; use DBI; +use Cwd(); +use File::Basename(); +use lib File::Basename::dirname(Cwd::abs_path($0)); use LCLocalization::localize; # ========================================================= The language handle @@ -72,7 +75,7 @@ if (!open(LOG,">>loncapa_install.log")) &mt('Stopping execution.')."\n"; exit; } else { - print LOG '$Id: install.pl,v 1.32 2014/10/29 20:56:18 raeburn Exp $'."\n"; + print LOG '$Id: install.pl,v 1.45.2.1 2019/02/16 16:19:11 raeburn Exp $'."\n"; } # @@ -159,7 +162,7 @@ sub get_user_selection { } sub get_distro { - my ($distro,$gotprereqs,$updatecmd,$packagecmd,$installnow); + my ($distro,$gotprereqs,$updatecmd,$packagecmd,$installnow,$unknown); $packagecmd = '/bin/rpm -q LONCAPA-prerequisites '; if (-e '/etc/redhat-release') { open(IN,'; chomp($versionstring); close(IN); - $packagecmd = '/usr/bin/dpkg -l loncapa-prerequisites '; - $updatecmd = 'apt-get install loncapa-prerequisites'; if ($versionstring =~ /^Ubuntu (\d+)\.\d+/i) { $distro = 'ubuntu'.$1; $updatecmd = 'sudo apt-get install loncapa-prerequisites'; } elsif ($versionstring =~ /^Debian\s+GNU\/Linux\s+(\d+)\.\d+/i) { $distro = 'debian'.$1; + $updatecmd = 'apt-get install loncapa-prerequisites'; } elsif (-e '/etc/debian_version') { open(IN,'; @@ -250,13 +254,15 @@ sub get_distro { close(IN); if ($version =~ /^(\d+)\.\d+\.?\d*/) { $distro='debian'.$1; + $updatecmd = 'apt-get install loncapa-prerequisites'; } else { print &mt('Unable to interpret [_1] to determine system type.', '/etc/debian_version')."\n"; + $unknown = 1; } - } else { - print &mt('Unable to interpret [_1] to determine system type.', - '/etc/issue')."\n"; + } + if ($distro ne '') { + $packagecmd = '/usr/bin/dpkg -l loncapa-prerequisites '; } } elsif (-e '/etc/debian_version') { open(IN,') { + chomp(); + if (/^ID="(\w+)"/) { + $id=$1; + } elsif (/^VERSION_ID="([\d\.]+)"/) { + $version=$1; + } + } + close(IN); + if ($id eq 'sles') { + my ($major,$minor) = split(/\./,$version); + if ($major =~ /^\d+$/) { + $distro = $id.$major; + $updatecmd = 'zypper install LONCAPA-prerequisites'; + } + } + } + if ($distro eq '') { + print &mt('Unable to interpret [_1] to determine system type.', + '/etc/os-release')."\n"; + $unknown = 1; + } + } else { + print &mt('Unknown installation: expecting a debian, ubuntu, suse, sles, redhat, fedora or scientific linux system.')."\n"; } - } else { - print &mt('Unknown installation: expecting a debian, ubuntu, suse, sles, redhat, fedora or scientific linux system.')."\n"; } return ($distro,$packagecmd,$updatecmd,$installnow); } @@ -314,12 +349,19 @@ sub check_locale { print &mt('Failed to open: [_1], default locale not checked.', '/etc/default/locale'); } - } elsif ($distro =~ /^(suse|sles)/) { - if (!open($fh,"= 15)) { + if (!open($fh,"= 18) { if (!open($fh,"= 16) { $process = 'mysqld'; $proc_owner = 'mysql'; $use_systemctl = 1; } - } - if ($distro =~ /^(?:centos|rhes|scientific)(\d+)/) { + if ($1 >= 19) { + $mysqldaemon ='mariadb'; + } + } elsif ($distro =~ /^(?:centos|rhes|scientific)(\d+)/) { if ($1 >= 7) { $mysqldaemon ='mariadb'; $process = 'mysqld'; $proc_owner = 'mysql'; $use_systemctl = 1; } + } elsif ($distro =~ /^sles(\d+)/) { + if ($1 >= 12) { + $use_systemctl = 1; + $proc_owner = 'mysql'; + $process = 'mysqld'; + } + if ($1 >= 15) { + $mysqldaemon ='mariadb'; + } + } elsif ($distro =~ /^suse(\d+)/) { + if ($1 >= 13) { + $use_systemctl = 1; + } } - if (open(PIPE,"ps -ef |grep $process |grep -v grep 2>&1 |")) { + if (open(PIPE,"ps -ef |grep $process |grep ^$proc_owner |grep -v grep 2>&1 |")) { my $status = ; close(PIPE); chomp($status); @@ -523,16 +588,38 @@ sub chkconfig { if ($distro =~ /^(suse|sles)9/) { $daemon{'apache'} = 'apache'; } - if ($distro =~ /^suse(\d+)/) { - if ($1 > 11) { + if ($distro =~ /^(suse|sles)([\d\.]+)/) { + my $name = $1; + my $num = $2; + if ($num > 11) { $uses_systemctl{'apache'} = 1; + if (($name eq 'sles') || ($name eq 'suse' && $num >= 13.2)) { + $uses_systemctl{'mysql'} = 1; + $uses_systemctl{'ntp'} = 1; + $uses_systemctl{'cups'} = 1; + $uses_systemctl{'memcached'} = 1; + if (($name eq 'sles') && ($num >= 15)) { + $daemon{'ntp'} = 'chronyd'; + $daemon{'mysql'} = 'mariadb'; + } else { + $daemon{'ntp'} = 'ntpd'; + } + } } } } elsif ($distro =~ /^(?:debian|ubuntu)(\d+)/) { my $version = $1; @runlevels = qw/2 3 4 5/; @norunlevels = qw/0 1 6/; - $checker_bin = '/usr/sbin/sysv-rc-conf'; + if (($distro =~ /^ubuntu/) && ($version <= 16)) { + $checker_bin = '/usr/sbin/sysv-rc-conf'; + } else { + $uses_systemctl{'ntp'} = 1; + $uses_systemctl{'mysql'} = 1; + $uses_systemctl{'apache'} = 1; + $uses_systemctl{'memcached'} = 1; + $uses_systemctl{'cups'} = 1; + } $daemon{'mysql'} = 'mysql'; $daemon{'apache'} = 'apache2'; $daemon{'ntp'} = 'ntp'; @@ -547,6 +634,11 @@ sub chkconfig { if ($version >= 16) { $uses_systemctl{'mysql'} = 1; $uses_systemctl{'apache'} = 1; + $uses_systemctl{'memcached'} = 1; + $uses_systemctl{'cups'} = 1; + } + if ($version >= 19) { + $daemon{'mysql'} = 'mariadb'; } } elsif ($distro =~ /^(?:centos|rhes|scientific)(\d+)/) { my $version = $1; @@ -554,6 +646,8 @@ sub chkconfig { $uses_systemctl{'ntp'} = 1; $uses_systemctl{'mysql'} = 1; $uses_systemctl{'apache'} = 1; + $uses_systemctl{'memcached'} = 1; + $uses_systemctl{'cups'} = 1; $daemon{'mysql'} = 'mariadb'; } } @@ -577,13 +671,18 @@ sub chkconfig { foreach my $type ('apache','mysql','ntp','cups','memcached') { my $service = $daemon{$type}; if ($uses_systemctl{$type}) { - if (!-l "/etc/systemd/system/multi-user.target.wants/$service.service") { - $needfix{$type} = "systemctl enable $service.service"; + if (($type eq 'memcached') || ($type eq 'cups')) { + if (-l "/etc/systemd/system/multi-user.target.wants/$service.service") { + $tostop{$type} = 1; + } + } else { + if (!-l "/etc/systemd/system/multi-user.target.wants/$service.service") { + $needfix{$type} = "systemctl enable $service.service"; + } } - next; } else { my $command = $checker_bin.' --list '.$service.' 2>/dev/null'; - if ($type eq 'cups') { + if ($type eq 'cups') { if ($distro =~ /^(?:debian|ubuntu)(\d+)/) { my $version = $1; if (($distro =~ /^ubuntu/) && ($version <= 8)) { @@ -634,13 +733,50 @@ sub chkconfig { } else { $major = $version; } - if ($major > 10) { + if (($major > 10) && ($major <= 13)) { if (&check_SuSEfirewall2_setup($instdir)) { $needfix{'insserv'} = 1; } } } - return (\%needfix,\%tostop); + return (\%needfix,\%tostop,\%uses_systemctl); +} + +sub uses_firewalld { + my ($distro) = @_; + my ($inuse, $checkfirewalld); + if ($distro =~ /^(suse|sles)([\d\.]+)$/) { + if (($1 eq 'sles') && ($2 >= 15)) { + $checkfirewalld = 1; + } + } elsif ($distro =~ /^fedora(\d+)$/) { + if ($1 >= 18) { + $checkfirewalld = 1; + } + } elsif ($distro =~ /^(?:centos|rhes|scientific)(\d+)/) { + if ($1 >= 7) { + $checkfirewalld = 1; + } + } + if ($checkfirewalld) { + my ($loaded,$active); + if (open(PIPE,"systemctl status firewalld |")) { + while () { + chomp(); + if (/^\s*Loaded:\s+(\w+)/) { + $loaded = $1; + } + if (/^\s*Active\s+(\w+)/) { + $active = $1; + } + } + close(PIPE); + } + if (($loaded eq 'loaded') || ($active eq 'active')) { + $inuse = 1; + } + } + return $inuse; } sub chkfirewall { @@ -652,25 +788,38 @@ sub chkfirewall { ); my %activefw; if (&firewall_is_active()) { - my $iptables = &get_pathto_iptables(); - if ($iptables eq '') { - print &mt('Firewall not checked as path to iptables not determined.')."\n"; + if (&uses_firewalld($distro)) { + my %current; + if (open(PIPE,'firewall-cmd --permanent --zone=public --list-services |')) { + my $svc = ; + close(PIPE); + chomp($svc); + map { $current{$_} = 1; } (split(/\s+/,$svc)); + } + if ($current{'http'} && $current{'https'}) { + $configfirewall = 0; + } } else { - my @fwchains = &get_fw_chains($iptables,$distro); - if (@fwchains) { - foreach my $service ('http','https') { - foreach my $fwchain (@fwchains) { - if (&firewall_is_port_open($iptables,$fwchain,$ports{$service})) { - $activefw{$service} = 1; - last; + my $iptables = &get_pathto_iptables(); + if ($iptables eq '') { + print &mt('Firewall not checked as path to iptables not determined.')."\n"; + } else { + my @fwchains = &get_fw_chains($iptables,$distro); + if (@fwchains) { + foreach my $service ('http','https') { + foreach my $fwchain (@fwchains) { + if (&firewall_is_port_open($iptables,$fwchain,$ports{$service})) { + $activefw{$service} = 1; + last; + } } } + if ($activefw{'http'}) { + $configfirewall = 0; + } + } else { + print &mt('Firewall not checked as iptables Chains not identified.')."\n"; } - if ($activefw{'http'}) { - $configfirewall = 0; - } - } else { - print &mt('Firewall not checked as iptables Chains not identified.')."\n"; } } } else { @@ -685,16 +834,26 @@ sub chkapache { if ($distro =~ /^(debian|ubuntu)(\d+)$/) { my $distname = $1; my $version = $2; - if (!-e "$instdir/debian-ubuntu/loncapa") { + my ($stdconf,$stdsite); + if (($distname eq 'ubuntu') && ($version > 12)) { + $stdconf = "$instdir/debian-ubuntu/ubuntu14/loncapa_conf"; + $stdsite = "$instdir/debian-ubuntu/ubuntu14/loncapa_sites"; + } else { + $stdconf = "$instdir/debian-ubuntu/loncapa"; + } + if (!-e $stdconf) { $fixapache = 0; print &mt('Warning: No LON-CAPA Apache configuration file found for installation check.')."\n"; } else { - my $configfile = "/etc/apache2/sites-available/loncapa"; + my ($configfile,$sitefile); if (($distname eq 'ubuntu') && ($version > 12)) { + $sitefile = '/etc/apache2/sites-available/loncapa'; $configfile = "/etc/apache2/conf-available/loncapa"; + } else { + $configfile = "/etc/apache2/sites-available/loncapa"; } - if (-e $configfile) { - if (open(PIPE, "diff --brief $instdir/debian-ubuntu/loncapa $configfile |")) { + if (($configfile ne '') && (-e $configfile) && (-e $stdconf)) { + if (open(PIPE, "diff --brief $stdconf $configfile |")) { my $diffres = ; close(PIPE); chomp($diffres); @@ -703,6 +862,18 @@ sub chkapache { } } } + if ((!$fixapache) && ($distname eq 'ubuntu') && ($version > 12)) { + if (($sitefile ne '') && (-e $sitefile) && (-e $stdsite)) { + if (open(PIPE, "diff --brief $stdsite $sitefile |")) { + my $diffres = ; + close(PIPE); + chomp($diffres); + unless ($diffres) { + $fixapache = 0; + } + } + } + } } if (!$fixapache) { foreach my $module ('headers.load','expires.load') { @@ -711,16 +882,21 @@ sub chkapache { } } } - } elsif ($distro =~ /^(?:suse|sles)([\d\.]+)$/) { + } elsif ($distro =~ /^(suse|sles)([\d\.]+)$/) { + my ($name,$version) = ($1,$2); my $apache = 'apache'; - if ($1 >= 10) { + my $conf_file = "$instdir/sles-suse/default-server.conf"; + if ($version >= 10) { $apache = 'apache2'; } - if (!-e "$instdir/sles-suse/default-server.conf") { + if (($name eq 'sles') && ($version >= 12)) { + $conf_file = "$instdir/sles-suse/apache2.4/default-server.conf"; + } + if (!-e $conf_file) { $fixapache = 0; print &mt('Warning: No LON-CAPA Apache configuration file found for installation check.')."\n"; - } elsif ((-e "/etc/$apache/default-server.conf") && (-e "$instdir/sles-suse/default-server.conf")) { - if (open(PIPE, "diff --brief $instdir/sles-suse/default-server.conf /etc/$apache/default-server.conf |")) { + } elsif (-e "/etc/$apache/default-server.conf") { + if (open(PIPE, "diff --brief $conf_file /etc/$apache/default-server.conf |")) { my $diffres = ; close(PIPE); chomp($diffres); @@ -900,13 +1076,36 @@ sub need_download { } sub check_mysql_setup { - my ($instdir,$dsn) = @_; + my ($instdir,$dsn,$distro,$mysql_has_wwwuser) = @_; my ($mysqlsetup,$has_pass); my $dbh = DBI->connect($dsn,'root','',{'PrintError'=>0}); if ($dbh) { $mysqlsetup = 'noroot'; } elsif ($DBI::err =~ /1045/) { $has_pass = 1; + } elsif ($distro =~ /^ubuntu(\d+)$/) { + my $version = $1; + if ($1 > 12) { + print_and_log(&mt('Restarting mysql, please be patient')."\n"); + if (open (PIPE, "service mysql restart 2>&1 |")) { + while () { + print $_; + } + close(PIPE); + } + unless ($mysql_has_wwwuser) { + $mysql_has_wwwuser = &check_mysql_wwwuser(); + } + $dbh = DBI->connect($dsn,'root','',{'PrintError'=>0}); + if ($dbh) { + $mysqlsetup = 'noroot'; + } elsif ($DBI::err =~ /1045/) { + $has_pass = 1; + } else { + $mysqlsetup = 'needsrestart'; + return ($mysqlsetup,$has_pass,$dbh,$mysql_has_wwwuser); + } + } } if ($has_pass) { print &mt('You have already set a root password for the MySQL database.')."\n"; @@ -933,11 +1132,11 @@ sub check_mysql_setup { } } } - } elsif ($mysqlsetup ne 'noroot') { + } elsif ($mysqlsetup ne 'noroot') { print_and_log(&mt('Problem accessing MySQL.')."\n"); $mysqlsetup = 'rootfail'; } - return ($mysqlsetup,$has_pass,$dbh); + return ($mysqlsetup,$has_pass,$dbh,$mysql_has_wwwuser); } sub check_mysql_wwwuser { @@ -982,10 +1181,16 @@ sub get_pathto_iptables { sub firewall_is_active { if (-e '/proc/net/ip_tables_names') { - return 1; - } else { - return 0; + if (open(PIPE,'cat /proc/net/ip_tables_names |grep filter |')) { + my $status = ; + close(PIPE); + chomp($status); + if ($status eq 'filter') { + return 1; + } + } } + return 0; } sub get_fw_chains { @@ -1001,6 +1206,8 @@ sub get_fw_chains { @posschains = ('ufw-user-input','INPUT'); } elsif ($distro =~ /^debian5/) { @posschains = ('INPUT'); + } elsif ($distro =~ /^(suse|sles)(\d+)/) { + @posschains = ('IN_public'); } else { @posschains = ('RH-Firewall-1-INPUT','INPUT'); if (!-e '/etc/sysconfig/iptables') { @@ -1193,9 +1400,9 @@ my %prompts = &texthash( print "\n".&mt('Checking system status ...')."\n"; my $dsn = "DBI:mysql:database=mysql"; -my ($distro,$gotprereqs,$localecmd,$packagecmd,$updatecmd,$installnow,$recommended, - $dbh,$has_pass,$has_lcdb,$downloadstatus,$filetouse,$production, - $testing,$apachefw) = &check_required($instdir,$dsn); +my ($distro,$gotprereqs,$localecmd,$packagecmd,$updatecmd,$installnow,$mysqlrestart, + $recommended,$dbh,$has_pass,$has_lcdb,$downloadstatus,$filetouse,$production, + $testing,$apachefw,$uses_systemctl) = &check_required($instdir,$dsn); if ($distro eq '') { print "\n".&mt('Linux distribution could not be verified as a supported distribution.')."\n". &mt('The following are supported: [_1].', @@ -1204,6 +1411,13 @@ if ($distro eq '') { &mt('Stopping execution.')."\n"; exit; } +if ($mysqlrestart) { + print "\n".&mt('The mysql daemon needs to be restarted using the following command:')."\n". + $mysqlrestart."\n\n". + &mt('Stopping execution of install.pl script.')."\n". + &mt('Please run the install.pl script again, once you have restarted mysql.')."\n"; + exit; +} if ($localecmd ne '') { print "\n".&mt('Although the LON-CAPA application itself is localized for a number of different languages, the default locale language for the Linux OS on which it runs should be US English.')."\n"; print "\n".&mt('Run the following command from the command line to set the default language for your OS, and then run this LON-CAPA installation set-up script again.')."\n\n". @@ -1231,8 +1445,8 @@ if (!$gotprereqs) { exit; } else { ($distro,$gotprereqs,$localecmd,$packagecmd,$updatecmd,$installnow, - $recommended,$dbh,$has_pass,$has_lcdb,$downloadstatus, - $filetouse,$production,$testing,$apachefw) = + $mysqlrestart,$recommended,$dbh,$has_pass,$has_lcdb,$downloadstatus, + $filetouse,$production,$testing,$apachefw,$uses_systemctl) = &check_required($instdir,$dsn); } } else { @@ -1356,7 +1570,7 @@ if ($dbh) { if ($callsub{'apache'}) { if ($distro =~ /^(suse|sles)/) { - ©_apache2_suseconf($instdir); + ©_apache2_suseconf($instdir,$distro); } elsif ($distro =~ /^(debian|ubuntu)/) { ©_apache2_debconf($instdir,$distro); } else { @@ -1384,18 +1598,50 @@ if ($callsub{'runlevels'}) { } } } - if ($distro =~ /^(suse|sles)/) { - &update_SuSEfirewall2_setup($instdir); + if ($distro =~ /^(suse|sles)(\d+)/) { + unless(($1 eq 'sles') && ($2 >= 15)) { + &update_SuSEfirewall2_setup($instdir); + } } } else { &print_and_log(&mt('Skipping setting override for start-up order of services.')."\n"); } if ($callsub{'firewall'}) { - if ($distro =~ /^(suse|sles)/) { + if (&uses_firewalld($distro)) { + my (%current,%added); + if (open(PIPE,'firewall-cmd --permanent --zone=public --list-services |')) { + my $svc = ; + close(PIPE); + chomp($svc); + map { $current{$_} = 1; } (split(/\s+/,$svc)); + } + foreach my $service ('http','https') { + unless ($current{$service}) { + if (open(PIPE,"firewall-cmd --permanent --zone=public --add-service=$service |")) { + my $result = ; + if ($result =~ /^success/) { + $added{$service} = 1; + } + } + } + } + if (keys(%added) > 0) { + print &mt('Firewall configured to allow access for: [_1].', + join(', ',sort(keys(%added))))."\n"; + } + if ($current{'http'} || $current{'https'}) { + print &mt('Firewall already configured to allow access for:[_1].', + (($current{'http'})? ' http':'').(($current{'https'})? ' https':''))."\n"; + } + unless ($current{'ssh'}) { + print &mt('If you would the like to allow access to ssh from outside, use the command[_1].', + 'firewall-cmd --permanent --zone=public --add-service=ssh')."\n"; + } + } elsif ($distro =~ /^(suse|sles)/) { print &mt('Use [_1] to configure the firewall to allow access for [_2].', 'yast -- Security and Users -> Firewall -> Interfaces', - 'ssh, http, https')."\n"; + 'ssh, http, https')."\n"; } elsif ($distro =~ /^(debian|ubuntu)(\d+)/) { if (($1 eq 'ubuntu') || ($2 > 5)) { print &mt('Use [_1] to configure the firewall to allow access for [_2].', @@ -1426,7 +1672,7 @@ if ($callsub{'firewall'}) { } if ($callsub{'stopsrvcs'}) { - &kill_extra_services($distro,$recommended->{'stopsrvcs'}); + &kill_extra_services($distro,$recommended->{'stopsrvcs'},$uses_systemctl); } else { &print_and_log(&mt('Skipping stopping unnecessary service ([_1] daemons).',"'cups','memcached'")."\n"); } @@ -1613,7 +1859,7 @@ END } sub kill_extra_services { - my ($distro,$stopsrvcs) = @_; + my ($distro,$stopsrvcs,$uses_systemctl) = @_; if (ref($stopsrvcs) eq 'HASH') { my @stopping = sort(keys(%{$stopsrvcs})); if (@stopping) { @@ -1644,10 +1890,31 @@ sub kill_extra_services { } } &print_and_log(&mt('Removing [_1] from startup.',$service)."\n"); - if ($distro =~ /^(debian|ubuntu)/) { - &print_and_log(`update-rc.d -f $daemon remove`); + if ($distro =~ /^(?:debian|ubuntu)(\d+)/) { + my $version = $1; + if (($distro =~ /^ubuntu/) && ($version > 16)) { + if (ref($uses_systemctl) eq 'HASH') { + if ($uses_systemctl->{$service}) { + if (`systemctl is-enabled $service`) { + &print_and_log(`systemctl disable $service`); + } + } + } + } else { + &print_and_log(`update-rc.d -f $daemon remove`); + } } else { - &print_and_log(`/sbin/chkconfig --del $service`); + if (ref($uses_systemctl) eq 'HASH') { + if ($uses_systemctl->{$service}) { + if (`systemctl is-enabled $service`) { + &print_and_log(`systemctl disable $service`); + } + } else { + &print_and_log(`/sbin/chkconfig --del $service`); + } + } else { + &print_and_log(`/sbin/chkconfig --del $service`); + } } } } @@ -1685,8 +1952,29 @@ CREATE TABLE IF NOT EXISTS metadata (tit sub setup_mysql_permissions { my ($dbh,$has_pass,@mysql_lc_commands) = @_; - my $mysqlversion = &get_mysql_version(); - my @mysql_commands = ("INSERT user (Host, User, Password) VALUES('localhost','www',password('localhostkey'));"); + my ($mysqlversion,$mysqlsubver,$mysqlname) = &get_mysql_version(); + my ($usesauth,$hasauthcol,@mysql_commands); + if ($mysqlname =~ /^MariaDB/i) { + if ($mysqlversion >= 10.2) { + $usesauth = 1; + } elsif ($mysqlversion >= 5.5) { + $hasauthcol = 1; + } + } else { + if (($mysqlversion > 5.7) || (($mysqlversion == 5.7) && ($mysqlsubver > 5))) { + $usesauth = 1; + } elsif (($mysqlversion >= 5.6) || (($mysqlversion == 5.5) && ($mysqlsubver >= 7))) { + $hasauthcol = 1; + } + } + if ($usesauth) { + @mysql_commands = ("INSERT user (Host, User, ssl_cipher, x509_issuer, x509_subject, authentication_string) VALUES('localhost','www','','','','')", + "ALTER USER 'www'\@'localhost' IDENTIFIED BY 'localhostkey'"); + } elsif ($hasauthcol) { + @mysql_commands = ("INSERT user (Host, User, Password, ssl_cipher, x509_issuer, x509_subject, authentication_string) VALUES('localhost','www',password('localhostkey'),'','','','');"); + } else { + @mysql_commands = ("INSERT user (Host, User, Password, ssl_cipher, x509_issuer, x509_subject) VALUES('localhost','www',password('localhostkey'),'','','');"); + } if ($mysqlversion < 4) { push (@mysql_commands," INSERT db (Host,Db,User,Select_priv,Insert_priv,Update_priv,Delete_priv,Create_priv,Drop_priv,Grant_priv,References_priv,Index_priv,Alter_priv) VALUES('localhost','loncapa','www','Y','Y','Y','Y','Y','Y','N','Y','Y','Y')"); @@ -1736,7 +2024,7 @@ INSERT db (Host,Db,User,Select_priv,Inse } } if ($got_passwd) { - my (@newpass_cmds) = &new_mysql_rootpasswd($newmysqlpass); + my (@newpass_cmds) = &new_mysql_rootpasswd($newmysqlpass,$usesauth); push(@mysql_commands,@newpass_cmds); } else { print_and_log(&mt('Failed to get MySQL root password from user input.')."\n"); @@ -1745,7 +2033,6 @@ INSERT db (Host,Db,User,Select_priv,Inse if (@mysql_commands) { foreach my $cmd (@mysql_commands) { $dbh->do($cmd) || print $dbh->errstr."\n"; - } } if (@mysql_lc_commands) { @@ -1767,23 +2054,28 @@ INSERT db (Host,Db,User,Select_priv,Inse } sub new_mysql_rootpasswd { - my ($currmysqlpass) = @_; - return ("SET PASSWORD FOR 'root'\@'localhost'=PASSWORD('$currmysqlpass')", - "FLUSH PRIVILEGES;"); + my ($currmysqlpass,$usesauth) = @_; + if ($usesauth) { + return ("ALTER USER 'root'\@'localhost' IDENTIFIED BY '$currmysqlpass'", + "FLUSH PRIVILEGES;"); + } else { + return ("SET PASSWORD FOR 'root'\@'localhost'=PASSWORD('$currmysqlpass')", + "FLUSH PRIVILEGES;"); + } } sub get_mysql_version { - my $version; + my ($version,$subversion,$name); if (open(PIPE," mysql -V |")) { my $info = ; chomp($info); close(PIPE); - ($version) = ($info =~ /(\d+\.\d+)\.\d+,/); + ($version,$subversion,$name) = ($info =~ /(\d+\.\d+)\.(\d+)\-?(\w*),/); } else { print &mt('Could not determine which version of MySQL is installed.'). "\n"; } - return $version; + return ($version,$subversion,$name); } ########################################################### @@ -1855,7 +2147,7 @@ sub copy_apache2_debconf { if (-e "$apache2_conf_available_dir/loncapa") { copy("$apache2_conf_available_dir/loncapa","$apache2_conf_available_dir/loncapa.original"); } - my $defaultconf = $apache2_conf_available_dir.'/loncapa.conf'; + my $defaultconf = $apache2_conf_enabled_dir.'/loncapa.conf'; copy("$instdir/debian-ubuntu/ubuntu14/loncapa_conf","$apache2_conf_available_dir/loncapa"); chmod(0444,"$apache2_conf_available_dir/loncapa"); if (-l $defaultconf) { @@ -1887,14 +2179,19 @@ sub copy_apache2_debconf { ########################################################### sub copy_apache2_suseconf { - my ($instdir) = @_; + my ($instdir,$distro) = @_; + my ($name,$version) = ($distro =~ /^(suse|sles)([\d\.]+)$/); + my $conf_file = "$instdir/sles-suse/default-server.conf"; + if (($name eq 'sles') && ($version >= 12)) { + $conf_file = "$instdir/sles-suse/apache2.4/default-server.conf"; + } print_and_log(&mt('Copying the LON-CAPA [_1] to [_2].', "'default-server.conf'", "'/etc/apache2/default-server.conf'")."\n"); if (!-e "/etc/apache2/default-server.conf.original") { copy "/etc/apache2/default-server.conf","/etc/apache2/default-server.conf.original"; } - copy "$instdir/sles-suse/default-server.conf","/etc/apache2/default-server.conf"; + copy $conf_file,"/etc/apache2/default-server.conf"; chmod(0444,"/etc/apache2/default-server.conf"); # Make symlink for conf directory (included in loncapa_apache.conf) my $can_symlink = (eval { symlink('/etc/apache2','/srv/www/conf'); }, $@ eq ''); @@ -1905,7 +2202,7 @@ sub copy_apache2_suseconf { &print_and_log(&mt('Symlink creation failed for [_1] to [_2]. You will need to perform this action from the command line.',"'/srv/www/conf'","'/etc/apache2'")."\n"); } ©_apache2_conf_files($instdir); - ©_sysconfig_apache2_file($instdir); + ©_sysconfig_apache2_file($instdir,$name,$version); print_and_log("\n"); } @@ -1931,12 +2228,16 @@ sub copy_apache2_conf_files { ## ############################################### sub copy_sysconfig_apache2_file { - my ($instdir) = @_; + my ($instdir,$name,$version) = @_; print_and_log(&mt('Copying the LON-CAPA [_1] to [_2].',"'sysconfig/apache2'","'/etc/sysconfig/apache2'")."\n"); if (!-e "/etc/sysconfig/apache2.original") { copy "/etc/sysconfig/apache2","/etc/sysconfig/apache2.original"; } - copy "$instdir/sles-suse/sysconfig_apache2","/etc/sysconfig/apache2"; + my $sysconf_file = "$instdir/sles-suse/sysconfig_apache2"; + if (($name eq 'sles') && ($version >= 12)) { + $sysconf_file = "$instdir/sles-suse/apache2.4/sysconfig_apache2"; + } + copy $sysconf_file,"/etc/sysconfig/apache2"; chmod(0444,"/etc/sysconfig/apache2"); }