--- doc/install/linux/install.pl 2019/02/19 19:03:42 1.50 +++ doc/install/linux/install.pl 2019/07/02 19:40:35 1.55 @@ -77,7 +77,7 @@ if (!open(LOG,">>loncapa_install.log")) &mt('Stopping execution.')."\n"; exit; } else { - print LOG '$Id: install.pl,v 1.50 2019/02/19 19:03:42 raeburn Exp $'."\n"; + print LOG '$Id: install.pl,v 1.55 2019/07/02 19:40:35 raeburn Exp $'."\n"; } # @@ -166,7 +166,18 @@ sub get_user_selection { sub get_distro { my ($distro,$gotprereqs,$updatecmd,$packagecmd,$installnow,$unknown); $packagecmd = '/bin/rpm -q LONCAPA-prerequisites '; - if (-e '/etc/redhat-release') { + if (-e '/etc/oracle-release') { + open(IN,'; + chomp($versionstring); + close(IN); + if ($versionstring =~ /^Oracle Linux Server release (\d+)/) { + my $version = $1; + $distro = 'oracle'.$1; + $updatecmd = 'yum install LONCAPA-prerequisites'; + $installnow = 'yum -y install LONCAPA-prerequisites'; + } + } elsif (-e '/etc/redhat-release') { open(IN,'; chomp($versionstring); @@ -196,6 +207,10 @@ sub get_distro { $distro = 'rhes'.$1; $updatecmd = 'yum install LONCAPA-prerequisites'; $installnow = 'yum -y install LONCAPA-prerequisites'; + } elsif ($versionstring =~ /Red Hat Enterprise Linux release (\d+)/) { + $distro = 'rhes'.$1; + $updatecmd = 'dnf install LONCAPA-prerequisites'; + $installnow = 'dnf -y install LONCAPA-prerequisites'; } elsif ($versionstring =~ /CentOS(?:| Linux) release (\d+)/) { $distro = 'centos'.$1; $updatecmd = 'yum install LONCAPA-prerequisites'; @@ -308,7 +323,7 @@ sub get_distro { $unknown = 1; } } else { - print &mt('Unknown installation: expecting a debian, ubuntu, suse, sles, redhat, fedora or scientific linux system.')."\n"; + print &mt('Unknown installation: expecting a debian, ubuntu, suse, sles, redhat, fedora, scientific linux, or oracle linux system.')."\n"; } } return ($distro,$packagecmd,$updatecmd,$installnow); @@ -466,8 +481,12 @@ sub check_locale { 'sudo update-locale LANG=en_US.UTF-8'; } elsif ($distro =~ /^(suse|sles)/) { $command = 'yast language'; - } else { + } elsif (-e '/usr/bin/system-config-language') { $command = 'system-config-language'; + } elsif (-e '/usr/bin/localectl') { + $command = 'localectl set-locale en_US.UTF-8'; + } else { + $command = 'No standard command found'; } } last; @@ -739,6 +758,9 @@ sub chkconfig { $uses_systemctl{'cups'} = 1; $daemon{'mysql'} = 'mariadb'; } + if ($version >= 8) { + $daemon{'ntp'} = 'chronyd'; + } } my $nocheck; if (! -x $checker_bin) { @@ -833,7 +855,7 @@ sub chkconfig { sub uses_firewalld { my ($distro) = @_; - my ($inuse, $checkfirewalld); + my ($inuse,$checkfirewalld,$zone); if ($distro =~ /^(suse|sles)([\d\.]+)$/) { if (($1 eq 'sles') && ($2 >= 15)) { $checkfirewalld = 1; @@ -863,9 +885,18 @@ sub uses_firewalld { } if (($loaded eq 'loaded') || ($active eq 'active')) { $inuse = 1; + my $cmd = 'firewall-cmd --get-default-zone'; + if (open(PIPE,"$cmd |")) { + my $result = ; + chomp($result); + close(PIPE); + if ($result =~ /^\w+$/) { + $zone = $result; + } + } } } - return $inuse; + return ($inuse,$zone); } sub chkfirewall { @@ -876,19 +907,20 @@ sub chkfirewall { https => 443, ); my %activefw; - if (&firewall_is_active()) { - if (&uses_firewalld($distro)) { - my %current; - if (open(PIPE,'firewall-cmd --permanent --zone=public --list-services |')) { - my $svc = ; - close(PIPE); - chomp($svc); - map { $current{$_} = 1; } (split(/\s+/,$svc)); - } - if ($current{'http'} && $current{'https'}) { - $configfirewall = 0; - } - } else { + my ($firewalld,$zone) = &uses_firewalld($distro); + if ($firewalld) { + my %current; + if (open(PIPE,'firewall-cmd --permanent --zone='.$zone.' --list-services |')) { + my $svc = ; + close(PIPE); + chomp($svc); + map { $current{$_} = 1; } (split(/\s+/,$svc)); + } + if ($current{'http'} && $current{'https'}) { + $configfirewall = 0; + } + } else { + if (&firewall_is_active()) { my $iptables = &get_pathto_iptables(); if ($iptables eq '') { print &mt('Firewall not checked as path to iptables not determined.')."\n"; @@ -910,9 +942,9 @@ sub chkfirewall { print &mt('Firewall not checked as iptables Chains not identified.')."\n"; } } + } else { + print &mt('Firewall not enabled.')."\n"; } - } else { - print &mt('Firewall not enabled.')."\n"; } return ($configfirewall,\%activefw); } @@ -2023,9 +2055,10 @@ if ($callsub{'runlevels'}) { } if ($callsub{'firewall'}) { - if (&uses_firewalld($distro)) { + my ($firewalld,$zone) = &uses_firewalld($distro); + if ($firewalld) { my (%current,%added); - if (open(PIPE,'firewall-cmd --permanent --zone=public --list-services |')) { + if (open(PIPE,"firewall-cmd --permanent --zone=$zone --list-services |")) { my $svc = ; close(PIPE); chomp($svc); @@ -2033,7 +2066,7 @@ if ($callsub{'firewall'}) { } foreach my $service ('http','https') { unless ($current{$service}) { - if (open(PIPE,"firewall-cmd --permanent --zone=public --add-service=$service |")) { + if (open(PIPE,"firewall-cmd --permanent --zone=$zone --add-service=$service |")) { my $result = ; if ($result =~ /^success/) { $added{$service} = 1; @@ -2051,7 +2084,7 @@ if ($callsub{'firewall'}) { } unless ($current{'ssh'}) { print &mt('If you would the like to allow access to ssh from outside, use the command[_1].', - 'firewall-cmd --permanent --zone=public --add-service=ssh')."\n"; + "firewall-cmd --permanent --zone=$zone --add-service=ssh")."\n"; } } elsif ($distro =~ /^(suse|sles)/) { print &mt('Use [_1] to configure the firewall to allow access for [_2].', @@ -2078,9 +2111,19 @@ if ($callsub{'firewall'}) { 'system-config-firewall-tui -- Customize', 'ssh, http')."\n"; } else { - print &mt('Use [_1] to configure the firewall to allow access for [_2].', - 'setup -- Firewall configuration -> Customize', - 'ssh, http, https')."\n"; + my $version; + if ($distro =~ /^(redhat|centos)(\d+)$/) { + $version = $1; + } + if ($version > 5) { + print &mt('Use [_1] to configure the firewall to allow access for [_2].', + 'system-config-firewall-tui -- Customize', + 'ssh, http')."\n"; + } else { + print &mt('Use [_1] to configure the firewall to allow access for [_2].', + 'setup -- Firewall configuration -> Customize', + 'ssh, http, https')."\n"; + } } } else { &print_and_log(&mt('Skipping Firewall configuration.')."\n"); @@ -2386,9 +2429,9 @@ sub setup_mysql_permissions { if ($usesauth) { @mysql_commands = ("INSERT user (Host, User, ssl_cipher, x509_issuer, x509_subject, authentication_string) VALUES('localhost','www','','','','')"); if ($is_mariadb) { - push(@mysql_commands,"ALTER USER 'www'\@'localhost' IDENTIFIED BY 'localhostkey'"); + push(@mysql_commands,"ALTER USER 'www'\@'localhost' IDENTIFIED BY 'localhostkey'"); } else { - push(@mysql_commands,"ALTER USER 'www'\@'localhost' IDENTIFIED WITH mysql_native_password BY 'localhostkey'"); + push(@mysql_commands,"ALTER USER 'www'\@'localhost' IDENTIFIED WITH mysql_native_password BY 'localhostkey'"); } } elsif ($hasauthcol) { @mysql_commands = ("INSERT user (Host, User, Password, ssl_cipher, x509_issuer, x509_subject, authentication_string) VALUES('localhost','www',password('localhostkey'),'','','','');"); @@ -2477,10 +2520,10 @@ sub new_mysql_rootpasswd { my ($currmysqlpass,$usesauth,$is_mariadb) = @_; if ($usesauth) { if ($is_mariadb) { - return ("ALTER USER 'root'\@'localhost' IDENTIFIED WITH mysql_native_password BY '$currmysqlpass'", + return ("ALTER USER 'root'\@'localhost' IDENTIFIED BY '$currmysqlpass'", "FLUSH PRIVILEGES;"); } else { - return ("ALTER USER 'root'\@'localhost' IDENTIFIED BY '$currmysqlpass'", + return ("ALTER USER 'root'\@'localhost' IDENTIFIED WITH mysql_native_password BY '$currmysqlpass'", "FLUSH PRIVILEGES;"); } } else {