doc/install/linux/install.pl - diff

Return to install.pl CVS log

Up to [LON-CAPA] / doc / install / linux

Diff for /doc/install/linux/install.pl between versions 1.48 and 1.61

version 1.48, 2018/10/16 17:23:08	version 1.61, 2019/12/03 04:55:08
Line 164 sub get_user_selection {	Line 164 sub get_user_selection {
}	}

sub get_distro {	sub get_distro {
my ($distro,$gotprereqs,$updatecmd,$packagecmd,$installnow);	my ($distro,$gotprereqs,$updatecmd,$packagecmd,$installnow,$unknown);
$packagecmd = '/bin/rpm -q LONCAPA-prerequisites ';	$packagecmd = '/bin/rpm -q LONCAPA-prerequisites ';
if (-e '/etc/redhat-release') {	if (-e '/etc/oracle-release') {
	open(IN,'</etc/oracle-release');
	my $versionstring=<IN>;
	chomp($versionstring);
	close(IN);
	if ($versionstring =~ /^Oracle Linux Server release (\d+)/) {
	my $version = $1;
	$distro = 'oracle'.$1;
	$updatecmd = 'yum install LONCAPA-prerequisites';
	$installnow = 'yum -y install LONCAPA-prerequisites';
	}
	} elsif (-e '/etc/redhat-release') {
open(IN,'</etc/redhat-release');	open(IN,'</etc/redhat-release');
my $versionstring=<IN>;	my $versionstring=<IN>;
chomp($versionstring);	chomp($versionstring);
Line 196 sub get_distro {	Line 207 sub get_distro {
$distro = 'rhes'.$1;	$distro = 'rhes'.$1;
$updatecmd = 'yum install LONCAPA-prerequisites';	$updatecmd = 'yum install LONCAPA-prerequisites';
$installnow = 'yum -y install LONCAPA-prerequisites';	$installnow = 'yum -y install LONCAPA-prerequisites';
	} elsif ($versionstring =~ /Red Hat Enterprise Linux release (\d+)/) {
	$distro = 'rhes'.$1;
	$updatecmd = 'dnf install LONCAPA-prerequisites';
	$installnow = 'dnf -y install LONCAPA-prerequisites';
} elsif ($versionstring =~ /CentOS(?:\| Linux) release (\d+)/) {	} elsif ($versionstring =~ /CentOS(?:\| Linux) release (\d+)/) {
$distro = 'centos'.$1;	$distro = 'centos'.$1;
$updatecmd = 'yum install LONCAPA-prerequisites';	$updatecmd = 'yum install LONCAPA-prerequisites';
Line 209 sub get_distro {	Line 224 sub get_distro {
} else {	} else {
print &mt('Unable to interpret [_1] to determine system type.',	print &mt('Unable to interpret [_1] to determine system type.',
'/etc/redhat-release')."\n";	'/etc/redhat-release')."\n";
	$unknown = 1;
}	}
} elsif (-e '/etc/SuSE-release') {	} elsif (-e '/etc/SuSE-release') {
open(IN,'</etc/SuSE-release');	open(IN,'</etc/SuSE-release');
Line 235 sub get_distro {	Line 251 sub get_distro {
} else {	} else {
print &mt('Unable to interpret [_1] to determine system type.',	print &mt('Unable to interpret [_1] to determine system type.',
'/etc/SuSE-release')."\n";	'/etc/SuSE-release')."\n";
	$unknown = 1;
}	}
} elsif (-e '/etc/issue') {	} elsif (-e '/etc/issue') {
open(IN,'</etc/issue');	open(IN,'</etc/issue');
my $versionstring=<IN>;	my $versionstring=<IN>;
chomp($versionstring);	chomp($versionstring);
close(IN);	close(IN);
$packagecmd = '/usr/bin/dpkg -l loncapa-prerequisites ';
$updatecmd = 'apt-get install loncapa-prerequisites';
if ($versionstring =~ /^Ubuntu (\d+)\.\d+/i) {	if ($versionstring =~ /^Ubuntu (\d+)\.\d+/i) {
$distro = 'ubuntu'.$1;	$distro = 'ubuntu'.$1;
$updatecmd = 'sudo apt-get install loncapa-prerequisites';	$updatecmd = 'sudo apt-get install loncapa-prerequisites';
} elsif ($versionstring =~ /^Debian\s+GNU\/Linux\s+(\d+)\.\d+/i) {	} elsif ($versionstring =~ /^Debian\s+GNU\/Linux\s+(\d+)\.\d+/i) {
$distro = 'debian'.$1;	$distro = 'debian'.$1;
	$updatecmd = 'apt-get install loncapa-prerequisites';
} elsif (-e '/etc/debian_version') {	} elsif (-e '/etc/debian_version') {
open(IN,'</etc/debian_version');	open(IN,'</etc/debian_version');
my $version=<IN>;	my $version=<IN>;
Line 255 sub get_distro {	Line 271 sub get_distro {
close(IN);	close(IN);
if ($version =~ /^(\d+)\.\d+\.?\d*/) {	if ($version =~ /^(\d+)\.\d+\.?\d*/) {
$distro='debian'.$1;	$distro='debian'.$1;
	$updatecmd = 'apt-get install loncapa-prerequisites';
} else {	} else {
print &mt('Unable to interpret [_1] to determine system type.',	print &mt('Unable to interpret [_1] to determine system type.',
'/etc/debian_version')."\n";	'/etc/debian_version')."\n";
	$unknown = 1;
}	}
} else {	}
print &mt('Unable to interpret [_1] to determine system type.',	if ($distro ne '') {
'/etc/issue')."\n";	$packagecmd = '/usr/bin/dpkg -l loncapa-prerequisites ';
}	}
} elsif (-e '/etc/debian_version') {	} elsif (-e '/etc/debian_version') {
open(IN,'</etc/debian_version');	open(IN,'</etc/debian_version');
Line 275 sub get_distro {	Line 293 sub get_distro {
} else {	} else {
print &mt('Unable to interpret [_1] to determine system type.',	print &mt('Unable to interpret [_1] to determine system type.',
'/etc/debian_version')."\n";	'/etc/debian_version')."\n";
	$unknown = 1;
	}
	}
	if (($distro eq '') && (!$unknown)) {
	if (-e '/etc/os-release') {
	if (open(IN,'<','/etc/os-release')) {
	my ($id,$version);
	while(<IN>) {
	chomp();
	if (/^ID="(\w+)"/) {
	$id=$1;
	} elsif (/^VERSION_ID="([\d\.]+)"/) {
	$version=$1;
	}
	}
	close(IN);
	if ($id eq 'sles') {
	my ($major,$minor) = split(/\./,$version);
	if ($major =~ /^\d+$/) {
	$distro = $id.$major;
	$updatecmd = 'zypper install LONCAPA-prerequisites';
	}
	}
	}
	if ($distro eq '') {
	print &mt('Unable to interpret [_1] to determine system type.',
	'/etc/os-release')."\n";
	$unknown = 1;
	}
	} else {
	print &mt('Unknown installation: expecting a debian, ubuntu, suse, sles, redhat, fedora, scientific linux, or oracle linux system.')."\n";
}	}
} else {
print &mt('Unknown installation: expecting a debian, ubuntu, suse, sles, redhat, fedora or scientific linux system.')."\n";
}	}
return ($distro,$packagecmd,$updatecmd,$installnow);	return ($distro,$packagecmd,$updatecmd,$installnow);
}	}
Line 381 sub check_locale {	Line 428 sub check_locale {
print &mt('Failed to open: [_1], default locale not checked.',	print &mt('Failed to open: [_1], default locale not checked.',
'/etc/default/locale');	'/etc/default/locale');
}	}
} elsif ($distro =~ /^(suse\|sles)/) {	} elsif ($distro =~ /^(suse\|sles)(\d+)/) {
if (!open($fh,"</etc/sysconfig/language")) {	if (($1 eq 'sles') && ($2 >= 15)) {
print &mt('Failed to open: [_1], default locale not checked.',	if (!open($fh,"</etc/locale.conf")) {
'/etc/sysconfig/language');	print &mt('Failed to open: [_1], default locale not checked.',
	'/etc/locale.conf');
	}
	} else {
	if (!open($fh,"</etc/sysconfig/language")) {
	print &mt('Failed to open: [_1], default locale not checked.',
	'/etc/sysconfig/language');
	}
	$langvar = 'RC_LANG';
}	}
$langvar = 'RC_LANG';
} elsif ($distro =~ /^fedora(\d+)/) {	} elsif ($distro =~ /^fedora(\d+)/) {
if ($1 >= 18) {	if ($1 >= 18) {
if (!open($fh,"</etc/locale.conf")) {	if (!open($fh,"</etc/locale.conf")) {
Line 397 sub check_locale {	Line 451 sub check_locale {
print &mt('Failed to open: [_1], default locale not checked.',	print &mt('Failed to open: [_1], default locale not checked.',
'/etc/sysconfig/i18n');	'/etc/sysconfig/i18n');
}	}
} elsif ($distro =~ /^(?:rhes\|centos\|scientific)(\d+)/) {	} elsif ($distro =~ /^(?:rhes\|centos\|scientific\|oracle)(\d+)/) {
if ($1 >= 7) {	if ($1 >= 7) {
if (!open($fh,"</etc/locale.conf")) {	if (!open($fh,"</etc/locale.conf")) {
print &mt('Failed to open: [_1], default locale not checked.',	print &mt('Failed to open: [_1], default locale not checked.',
Line 426 sub check_locale {	Line 480 sub check_locale {
$command = 'sudo locale-gen en_US.UTF-8'."\n".	$command = 'sudo locale-gen en_US.UTF-8'."\n".
'sudo update-locale LANG=en_US.UTF-8';	'sudo update-locale LANG=en_US.UTF-8';
} elsif ($distro =~ /^(suse\|sles)/) {	} elsif ($distro =~ /^(suse\|sles)/) {
$command = 'yast language';	$command = 'yast language';
} else {	} elsif (-e '/usr/bin/system-config-language') {
$command = 'system-config-language';	$command = 'system-config-language';
	} elsif (-e '/usr/bin/localectl') {
	$command = '/usr/bin/localectl set-locale LANG=en_US.UTF-8';
	} else {
	$command = 'No standard command found';
}	}
}	}
last;	last;
Line 549 sub check_mysql_running {	Line 607 sub check_mysql_running {
if ($1 >= 19) {	if ($1 >= 19) {
$mysqldaemon ='mariadb';	$mysqldaemon ='mariadb';
}	}
} elsif ($distro =~ /^(?:centos\|rhes\|scientific)(\d+)/) {	} elsif ($distro =~ /^(?:centos\|rhes\|scientific\|oracle)(\d+)/) {
if ($1 >= 7) {	if ($1 >= 7) {
$mysqldaemon ='mariadb';	$mysqldaemon ='mariadb';
$process = 'mysqld';	$process = 'mysqld';
Line 562 sub check_mysql_running {	Line 620 sub check_mysql_running {
$proc_owner = 'mysql';	$proc_owner = 'mysql';
$process = 'mysqld';	$process = 'mysqld';
}	}
	if ($1 >= 15) {
	$mysqldaemon ='mariadb';
	}
} elsif ($distro =~ /^suse(\d+)/) {	} elsif ($distro =~ /^suse(\d+)/) {
if ($1 >= 13) {	if ($1 >= 13) {
$use_systemctl = 1;	$use_systemctl = 1;
Line 645 sub chkconfig {	Line 706 sub chkconfig {
$uses_systemctl{'ntp'} = 1;	$uses_systemctl{'ntp'} = 1;
$uses_systemctl{'cups'} = 1;	$uses_systemctl{'cups'} = 1;
$uses_systemctl{'memcached'} = 1;	$uses_systemctl{'memcached'} = 1;
$daemon{'ntp'} = 'ntpd';	if (($name eq 'sles') && ($num >= 15)) {
	$daemon{'ntp'} = 'chronyd';
	$daemon{'mysql'} = 'mariadb';
	} else {
	$daemon{'ntp'} = 'ntpd';
	}
}	}
}	}
}	}
Line 668 sub chkconfig {	Line 734 sub chkconfig {
if (($distro =~ /^ubuntu/) && ($version <= 8)) {	if (($distro =~ /^ubuntu/) && ($version <= 8)) {
$daemon{'cups'} = 'cupsys';	$daemon{'cups'} = 'cupsys';
}	}
	if (($distro =~ /^ubuntu/) && ($version >= 18)) {
	$daemon{'ntp'} = 'chrony';
	}
} elsif ($distro =~ /^fedora(\d+)/) {	} elsif ($distro =~ /^fedora(\d+)/) {
my $version = $1;	my $version = $1;
if ($version >= 15) {	if ($version >= 15) {
Line 682 sub chkconfig {	Line 751 sub chkconfig {
if ($version >= 19) {	if ($version >= 19) {
$daemon{'mysql'} = 'mariadb';	$daemon{'mysql'} = 'mariadb';
}	}
} elsif ($distro =~ /^(?:centos\|rhes\|scientific)(\d+)/) {	if ($version >= 26) {
	$daemon{'ntp'} = 'chronyd';
	}
	} elsif ($distro =~ /^(?:centos\|rhes\|scientific\|oracle)(\d+)/) {
my $version = $1;	my $version = $1;
if ($version >= 7) {	if ($version >= 7) {
$uses_systemctl{'ntp'} = 1;	$uses_systemctl{'ntp'} = 1;
Line 692 sub chkconfig {	Line 764 sub chkconfig {
$uses_systemctl{'cups'} = 1;	$uses_systemctl{'cups'} = 1;
$daemon{'mysql'} = 'mariadb';	$daemon{'mysql'} = 'mariadb';
}	}
	if (($version >= 8) \|\| ($distro eq 'oracle7')) {
	$daemon{'ntp'} = 'chronyd';
	}
}	}
my $nocheck;	my $nocheck;
if (! -x $checker_bin) {	if (! -x $checker_bin) {
Line 775 sub chkconfig {	Line 850 sub chkconfig {
} else {	} else {
$major = $version;	$major = $version;
}	}
if ($major > 10) {	if (($major > 10) && ($major <= 13)) {
if (&check_SuSEfirewall2_setup($instdir)) {	if (&check_SuSEfirewall2_setup($instdir)) {
$needfix{'insserv'} = 1;	$needfix{'insserv'} = 1;
}	}
Line 784 sub chkconfig {	Line 859 sub chkconfig {
return (\%needfix,\%tostop,\%uses_systemctl);	return (\%needfix,\%tostop,\%uses_systemctl);
}	}

	sub uses_firewalld {
	my ($distro) = @_;
	my ($inuse,$checkfirewalld,$zone);
	if ($distro =~ /^(suse\|sles)([\d\.]+)$/) {
	if (($1 eq 'sles') && ($2 >= 15)) {
	$checkfirewalld = 1;
	}
	} elsif ($distro =~ /^fedora(\d+)$/) {
	if ($1 >= 18) {
	$checkfirewalld = 1;
	}
	} elsif ($distro =~ /^(?:centos\|rhes\|scientific\|oracle)(\d+)/) {
	if ($1 >= 7) {
	$checkfirewalld = 1;
	}
	}
	if ($checkfirewalld) {
	my ($loaded,$active);
	if (open(PIPE,"systemctl status firewalld \|")) {
	while (<PIPE>) {
	chomp();
	if (/^\s*Loaded:\s+(\w+)/) {
	$loaded = $1;
	}
	if (/^\s*Active\s+(\w+)/) {
	$active = $1;
	}
	}
	close(PIPE);
	}
	if (($loaded eq 'loaded') \|\| ($active eq 'active')) {
	$inuse = 1;
	my $cmd = 'firewall-cmd --get-default-zone';
	if (open(PIPE,"$cmd \|")) {
	my $result = <PIPE>;
	chomp($result);
	close(PIPE);
	if ($result =~ /^\w+$/) {
	$zone = $result;
	}
	}
	}
	}
	return ($inuse,$zone);
	}

sub chkfirewall {	sub chkfirewall {
my ($distro) = @_;	my ($distro) = @_;
my $configfirewall = 1;	my $configfirewall = 1;
Line 792 sub chkfirewall {	Line 913 sub chkfirewall {
https => 443,	https => 443,
);	);
my %activefw;	my %activefw;
if (&firewall_is_active()) {	my ($firewalld,$zone) = &uses_firewalld($distro);
my $iptables = &get_pathto_iptables();	if ($firewalld) {
if ($iptables eq '') {	my %current;
print &mt('Firewall not checked as path to iptables not determined.')."\n";	if (open(PIPE,'firewall-cmd --permanent --zone='.$zone.' --list-services \|')) {
} else {	my $svc = <PIPE>;
my @fwchains = &get_fw_chains($iptables,$distro);	close(PIPE);
if (@fwchains) {	chomp($svc);
foreach my $service ('http','https') {	map { $current{$_} = 1; } (split(/\s+/,$svc));
foreach my $fwchain (@fwchains) {	}
if (&firewall_is_port_open($iptables,$fwchain,$ports{$service})) {	if ($current{'http'} && $current{'https'}) {
$activefw{$service} = 1;	$configfirewall = 0;
last;	}
	} else {
	if (&firewall_is_active()) {
	my $iptables = &get_pathto_iptables();
	if ($iptables eq '') {
	print &mt('Firewall not checked as path to iptables not determined.')."\n";
	} else {
	my @fwchains = &get_fw_chains($iptables,$distro);
	if (@fwchains) {
	foreach my $service ('http','https') {
	foreach my $fwchain (@fwchains) {
	if (&firewall_is_port_open($iptables,$fwchain,$ports{$service})) {
	$activefw{$service} = 1;
	last;
	}
}	}
}	}
	if ($activefw{'http'}) {
	$configfirewall = 0;
	}
	} else {
	print &mt('Firewall not checked as iptables Chains not identified.')."\n";
}	}
if ($activefw{'http'}) {
$configfirewall = 0;
}
} else {
print &mt('Firewall not checked as iptables Chains not identified.')."\n";
}	}
	} else {
	print &mt('Firewall not enabled.')."\n";
}	}
} else {
print &mt('Firewall not enabled.')."\n";
}	}
return ($configfirewall,\%activefw);	return ($configfirewall,\%activefw);
}	}
Line 874 sub chkapache {	Line 1009 sub chkapache {
}	}
}	}
}	}
} elsif ($distro =~ /^(?:suse\|sles)([\d\.]+)$/) {	} elsif ($distro =~ /^(suse\|sles)([\d\.]+)$/) {
	my ($name,$version) = ($1,$2);
my $apache = 'apache';	my $apache = 'apache';
if ($1 >= 10) {	my $conf_file = "$instdir/sles-suse/default-server.conf";
	if ($version >= 10) {
$apache = 'apache2';	$apache = 'apache2';
}	}
if (!-e "$instdir/sles-suse/default-server.conf") {	if (($name eq 'sles') && ($version >= 12)) {
	$conf_file = "$instdir/sles-suse/apache2.4/default-server.conf";
	}
	if (!-e $conf_file) {
$fixapache = 0;	$fixapache = 0;
print &mt('Warning: No LON-CAPA Apache configuration file found for installation check.')."\n";	print &mt('Warning: No LON-CAPA Apache configuration file found for installation check.')."\n";
} elsif ((-e "/etc/$apache/default-server.conf") && (-e "$instdir/sles-suse/default-server.conf")) {	} elsif (-e "/etc/$apache/default-server.conf") {
if (open(PIPE, "diff --brief $instdir/sles-suse/default-server.conf /etc/$apache/default-server.conf \|")) {	if (open(PIPE, "diff --brief $conf_file /etc/$apache/default-server.conf \|")) {
my $diffres = <PIPE>;	my $diffres = <PIPE>;
close(PIPE);	close(PIPE);
chomp($diffres);	chomp($diffres);
Line 908 sub chkapache {	Line 1048 sub chkapache {
}	}
} else {	} else {
my $configfile = 'httpd.conf';	my $configfile = 'httpd.conf';
if ($distro =~ /^(?:centos\|rhes\|scientific)(\d+)$/) {	my $mpmfile = 'mpm.conf';
	if ($distro =~ /^(?:centos\|rhes\|scientific\|oracle)(\d+)$/) {
if ($1 >= 7) {	if ($1 >= 7) {
$configfile = 'apache2.4/httpd.conf';	$configfile = 'apache2.4/httpd.conf';
} elsif ($1 > 5) {	} elsif ($1 > 5) {
Line 916 sub chkapache {	Line 1057 sub chkapache {
}	}
} elsif ($distro =~ /^fedora(\d+)$/) {	} elsif ($distro =~ /^fedora(\d+)$/) {
if ($1 > 17) {	if ($1 > 17) {
$configfile = 'apache2.4/httpd.conf';	$configfile = 'apache2.4/httpd.conf';
} elsif ($1 > 10) {	} elsif ($1 > 10) {
$configfile = 'new/httpd.conf';	$configfile = 'new/httpd.conf';
}	}
Line 934 sub chkapache {	Line 1075 sub chkapache {
}	}
}	}
}	}
	if (-e "/etc/httpd/conf.modules.d/00-mpm.conf") {
	if (!-e "$instdir/centos-rhes-fedora-sl/$mpmfile") {
	print &mt('Warning: No LON-CAPA Apache MPM configuration file found for installation check.')."\n";
	} elsif ((-e "/etc/httpd/conf.modules.d/00-mpm.conf") && (-e "$instdir/centos-rhes-fedora-sl/$mpmfile")) {
	if (open(PIPE, "diff --brief $instdir/centos-rhes-fedora-sl/$mpmfile /etc/httpd/conf.modules.d/00-mpm.conf \|")) {
	my $diffres = <PIPE>;
	close(PIPE);
	chomp($diffres);
	if ($diffres) {
	$fixapache = 1;
	}
	}
	}
	}
}	}
return $fixapache;	return $fixapache;
}	}
Line 1456 sub get_pathto_iptables {	Line 1611 sub get_pathto_iptables {

sub firewall_is_active {	sub firewall_is_active {
if (-e '/proc/net/ip_tables_names') {	if (-e '/proc/net/ip_tables_names') {
return 1;	if (open(PIPE,'cat /proc/net/ip_tables_names \|grep filter \|')) {
} else {	my $status = <PIPE>;
return 0;	close(PIPE);
	chomp($status);
	if ($status eq 'filter') {
	return 1;
	}
	}
}	}
	return 0;
}	}

sub get_fw_chains {	sub get_fw_chains {
Line 1475 sub get_fw_chains {	Line 1636 sub get_fw_chains {
@posschains = ('ufw-user-input','INPUT');	@posschains = ('ufw-user-input','INPUT');
} elsif ($distro =~ /^debian5/) {	} elsif ($distro =~ /^debian5/) {
@posschains = ('INPUT');	@posschains = ('INPUT');
	} elsif ($distro =~ /^(suse\|sles)(\d+)/) {
	@posschains = ('IN_public');
} else {	} else {
@posschains = ('RH-Firewall-1-INPUT','INPUT');	@posschains = ('RH-Firewall-1-INPUT','INPUT');
if (!-e '/etc/sysconfig/iptables') {	if (!-e '/etc/sysconfig/iptables') {
Line 1677 if ($distro eq '') {	Line 1840 if ($distro eq '') {
print "\n".&mt('Linux distribution could not be verified as a supported distribution.')."\n".	print "\n".&mt('Linux distribution could not be verified as a supported distribution.')."\n".
&mt('The following are supported: [_1].',	&mt('The following are supported: [_1].',
'CentOS, RedHat Enterprise, Fedora, Scientific Linux, '.	'CentOS, RedHat Enterprise, Fedora, Scientific Linux, '.
'openSuSE, SLES, Ubuntu LTS, Debian')."\n\n".	'Oracle Linux, openSuSE, SLES, Ubuntu LTS, Debian')."\n\n".
&mt('Stopping execution.')."\n";	&mt('Stopping execution.')."\n";
exit;	exit;
}	}
Line 1839 if ($dbh) {	Line 2002 if ($dbh) {

if ($callsub{'apache'}) {	if ($callsub{'apache'}) {
if ($distro =~ /^(suse\|sles)/) {	if ($distro =~ /^(suse\|sles)/) {
&copy_apache2_suseconf($instdir,$hostname);	&copy_apache2_suseconf($instdir,$hostname,$distro);
} elsif ($distro =~ /^(debian\|ubuntu)/) {	} elsif ($distro =~ /^(debian\|ubuntu)/) {
&copy_apache2_debconf($instdir,$distro,$hostname);	&copy_apache2_debconf($instdir,$distro,$hostname);
} else {	} else {
&copy_httpd_conf($instdir,$distro,$hostname);	&copy_httpd_conf($instdir,$distro,$hostname);
	&copy_mpm_conf($instdir,$distro);
}	}
} else {	} else {
print_and_log(&mt('Skipping configuration of Apache web server.')."\n");	print_and_log(&mt('Skipping configuration of Apache web server.')."\n");
Line 1903 if ($callsub{'runlevels'}) {	Line 2067 if ($callsub{'runlevels'}) {
}	}
}	}
}	}
if ($distro =~ /^(suse\|sles)/) {	if ($distro =~ /^(suse\|sles)(\d+)/) {
&update_SuSEfirewall2_setup($instdir);	unless(($1 eq 'sles') && ($2 >= 15)) {
	&update_SuSEfirewall2_setup($instdir);
	}
}	}
} else {	} else {
&print_and_log(&mt('Skipping setting override for start-up order of services.')."\n");	&print_and_log(&mt('Skipping setting override for start-up order of services.')."\n");
}	}

if ($callsub{'firewall'}) {	if ($callsub{'firewall'}) {
if ($distro =~ /^(suse\|sles)/) {	my ($firewalld,$zone) = &uses_firewalld($distro);
	if ($firewalld) {
	my (%current,%added);
	if (open(PIPE,"firewall-cmd --permanent --zone=$zone --list-services \|")) {
	my $svc = <PIPE>;
	close(PIPE);
	chomp($svc);
	map { $current{$_} = 1; } (split(/\s+/,$svc));
	}
	foreach my $service ('http','https') {
	unless ($current{$service}) {
	if (open(PIPE,"firewall-cmd --permanent --zone=$zone --add-service=$service \|")) {
	my $result = <PIPE>;
	if ($result =~ /^success/) {
	$added{$service} = 1;
	}
	}
	}
	}
	if (keys(%added) > 0) {
	print &mt('Firewall configured to allow access for: [_1].',
	join(', ',sort(keys(%added))))."\n";
	}
	if ($current{'http'} \|\| $current{'https'}) {
	print &mt('Firewall already configured to allow access for:[_1].',
	(($current{'http'})? ' http':'').(($current{'https'})? ' https':''))."\n";
	}
	unless ($current{'ssh'}) {
	print &mt('If you would the like to allow access to ssh from outside, use the command[_1].',
	"firewall-cmd --permanent --zone=$zone --add-service=ssh")."\n";
	}
	} elsif ($distro =~ /^(suse\|sles)/) {
print &mt('Use [_1] to configure the firewall to allow access for [_2].',	print &mt('Use [_1] to configure the firewall to allow access for [_2].',
'yast -- Security and Users -> Firewall -> Interfaces',	'yast -- Security and Users -> Firewall -> Interfaces',
'ssh, http, https')."\n";	'ssh, http, https')."\n";
} elsif ($distro =~ /^(debian\|ubuntu)(\d+)/) {	} elsif ($distro =~ /^(debian\|ubuntu)(\d+)/) {
if (($1 eq 'ubuntu') \|\| ($2 > 5)) {	if (($1 eq 'ubuntu') \|\| ($2 > 5)) {
print &mt('Use [_1] to configure the firewall to allow access for [_2].',	print &mt('Use [_1] to configure the firewall to allow access for [_2].',
Line 1931 if ($callsub{'firewall'}) {	Line 2128 if ($callsub{'firewall'}) {
}	}
}	}
}	}
} elsif ($distro =~ /^scientific/) {	} elsif ($distro =~ /^(scientific\|oracle)/) {
print &mt('Use [_1] to configure the firewall to allow access for [_2].',	print &mt('Use [_1] to configure the firewall to allow access for [_2].',
'system-config-firewall-tui -- Customize',	'system-config-firewall-tui -- Customize',
'ssh, http')."\n";	'ssh, http')."\n";
} else {	} else {
print &mt('Use [_1] to configure the firewall to allow access for [_2].',	my $version;
'setup -- Firewall configuration -> Customize',	if ($distro =~ /^(redhat\|centos)(\d+)$/) {
'ssh, http, https')."\n";	$version = $1;
	}
	if ($version > 5) {
	print &mt('Use [_1] to configure the firewall to allow access for [_2].',
	'system-config-firewall-tui -- Customize',
	'ssh, http')."\n";
	} else {
	print &mt('Use [_1] to configure the firewall to allow access for [_2].',
	'setup -- Firewall configuration -> Customize',
	'ssh, http, https')."\n";
	}
}	}
} else {	} else {
&print_and_log(&mt('Skipping Firewall configuration.')."\n");	&print_and_log(&mt('Skipping Firewall configuration.')."\n");
Line 2226 CREATE TABLE IF NOT EXISTS metadata (tit	Line 2433 CREATE TABLE IF NOT EXISTS metadata (tit
sub setup_mysql_permissions {	sub setup_mysql_permissions {
my ($dbh,$has_pass,@mysql_lc_commands) = @_;	my ($dbh,$has_pass,@mysql_lc_commands) = @_;
my ($mysqlversion,$mysqlsubver,$mysqlname) = &get_mysql_version();	my ($mysqlversion,$mysqlsubver,$mysqlname) = &get_mysql_version();
my ($usesauth,$hasauthcol,@mysql_commands);	my ($usesauth,$is_mariadb,$hasauthcol,@mysql_commands);
if ($mysqlname =~ /^MariaDB/i) {	if ($mysqlname =~ /^MariaDB/i) {
	$is_mariadb = 1;
if ($mysqlversion >= 10.2) {	if ($mysqlversion >= 10.2) {
$usesauth = 1;	$usesauth = 1;
} elsif ($mysqlversion >= 5.5) {	} elsif ($mysqlversion >= 5.5) {
Line 2241 sub setup_mysql_permissions {	Line 2449 sub setup_mysql_permissions {
}	}
}	}
if ($usesauth) {	if ($usesauth) {
@mysql_commands = ("INSERT user (Host, User, ssl_cipher, x509_issuer, x509_subject, authentication_string) VALUES('localhost','www','','','','')",	@mysql_commands = ("INSERT user (Host, User, ssl_cipher, x509_issuer, x509_subject, authentication_string) VALUES('localhost','www','','','','')");
"ALTER USER 'www'\@'localhost' IDENTIFIED WITH mysql_native_password BY 'localhostkey'");	if ($is_mariadb) {
	push(@mysql_commands,"ALTER USER 'www'\@'localhost' IDENTIFIED BY 'localhostkey'");
	} else {
	push(@mysql_commands,"ALTER USER 'www'\@'localhost' IDENTIFIED WITH mysql_native_password BY 'localhostkey'");
	}
} elsif ($hasauthcol) {	} elsif ($hasauthcol) {
@mysql_commands = ("INSERT user (Host, User, Password, ssl_cipher, x509_issuer, x509_subject, authentication_string) VALUES('localhost','www',password('localhostkey'),'','','','');");	@mysql_commands = ("INSERT user (Host, User, Password, ssl_cipher, x509_issuer, x509_subject, authentication_string) VALUES('localhost','www',password('localhostkey'),'','','','');");
} else {	} else {
Line 2297 INSERT db (Host,Db,User,Select_priv,Inse	Line 2509 INSERT db (Host,Db,User,Select_priv,Inse
}	}
}	}
if ($got_passwd) {	if ($got_passwd) {
my (@newpass_cmds) = &new_mysql_rootpasswd($newmysqlpass,$usesauth);	my (@newpass_cmds) = &new_mysql_rootpasswd($newmysqlpass,$usesauth,$is_mariadb);
push(@mysql_commands,@newpass_cmds);	push(@mysql_commands,@newpass_cmds);
} else {	} else {
print_and_log(&mt('Failed to get MySQL root password from user input.')."\n");	print_and_log(&mt('Failed to get MySQL root password from user input.')."\n");
Line 2327 INSERT db (Host,Db,User,Select_priv,Inse	Line 2539 INSERT db (Host,Db,User,Select_priv,Inse
}	}

sub new_mysql_rootpasswd {	sub new_mysql_rootpasswd {
my ($currmysqlpass,$usesauth) = @_;	my ($currmysqlpass,$usesauth,$is_mariadb) = @_;
if ($usesauth) {	if ($usesauth) {
return ("ALTER USER 'root'\@'localhost' IDENTIFIED WITH mysql_native_password BY '$currmysqlpass'",	if ($is_mariadb) {
"FLUSH PRIVILEGES;");	return ("ALTER USER 'root'\@'localhost' IDENTIFIED BY '$currmysqlpass'",
	"FLUSH PRIVILEGES;");
	} else {
	return ("ALTER USER 'root'\@'localhost' IDENTIFIED WITH mysql_native_password BY '$currmysqlpass'",
	"FLUSH PRIVILEGES;");
	}
} else {	} else {
return ("SET PASSWORD FOR 'root'\@'localhost'=PASSWORD('$currmysqlpass')",	return ("SET PASSWORD FOR 'root'\@'localhost'=PASSWORD('$currmysqlpass')",
"FLUSH PRIVILEGES;");	"FLUSH PRIVILEGES;");
Line 2361 sub get_mysql_version {	Line 2578 sub get_mysql_version {
sub copy_httpd_conf {	sub copy_httpd_conf {
my ($instdir,$distro,$hostname) = @_;	my ($instdir,$distro,$hostname) = @_;
my $configfile = 'httpd.conf';	my $configfile = 'httpd.conf';
if ($distro =~ /^(?:centos\|rhes\|scientific)(\d+)$/) {	if ($distro =~ /^(?:centos\|rhes\|scientific\|oracle)(\d+)$/) {
if ($1 >= 7) {	if ($1 >= 7) {
$configfile = 'apache2.4/httpd.conf';	$configfile = 'apache2.4/httpd.conf';
} elsif ($1 > 5) {	} elsif ($1 > 5) {
Line 2382 sub copy_httpd_conf {	Line 2599 sub copy_httpd_conf {
print_and_log("\n");	print_and_log("\n");
}	}

	###########################################################
	##
	## RHEL/CentOS/Fedora/Scientific Linux
	## Copy LON-CAPA mpm.conf to /etc/httpd/conf.modules.d/00-mpm.conf
	##
	## The LON-CAPA mpm.conf enables the prefork MPM module in
	## Apache. This is also the default for RHEL/CentOS/Oracle
	## Linux 7 and earlier, and Fedora 26 and earlier. For more
	## recent versions of those distros, the event MPM is enabled
	## by default. After &copy_mpm_conf() is run, the prefork MPM
	## module will be enabled instead of the event MPM module.
	##
	###########################################################

	sub copy_mpm_conf {
	my ($instdir,$distro) = @_;
	my $mpmfile = 'mpm.conf';
	if ((-e "/etc/httpd/conf.modules.d/00-mpm.conf") &&
	(-e "$instdir/centos-rhes-fedora-sl/$mpmfile")) {
	print_and_log(&mt('Copying the LON-CAPA [_1] to [_2].',"'mpm.conf'",
	"'/etc/httpd/conf.modules.d/00-mpm.conf'")."\n");
	copy "$instdir/centos-rhes-fedora-sl/$mpmfile","/etc/httpd/conf.modules.d/00-mpm.conf";
	chmod(0644,"/etc/httpd/conf.modules.d/00-mpm.conf");
	print_and_log("\n");
	} else {
	my $logfail;
	if ($distro =~ /^(?:centos\|rhes\|scientific\|oracle)(\d+)$/) {
	if ($1 > 7) {
	$logfail = 1;
	}
	} elsif ($distro =~ /^fedora(\d+)$/) {
	if ($1 > 26) {
	$logfail = 1;
	}
	}
	if ($logfail) {
	print_and_log(&mt('Warning: copying the LON-CAPA [_1] failed because [_2] and/or [_3] are missing.',
	$mpmfile,"'$instdir/centos-rhes-fedora-sl/$mpmfile'",
	"'/etc/httpd/conf.modules.d/00-mpm.conf'"));
	print_and_log("\n");
	}
	}
	}

###############################################	###############################################
##	##
## Copy loncapassl.conf and sslrewrite.conf	## Copy loncapassl.conf and sslrewrite.conf
Line 2929 sub copy_apache2_debconf {	Line 3190 sub copy_apache2_debconf {
###########################################################	###########################################################

sub copy_apache2_suseconf {	sub copy_apache2_suseconf {
my ($instdir,$hostname) = @_;	my ($instdir,$hostname,$distro) = @_;
	my ($name,$version) = ($distro =~ /^(suse\|sles)([\d\.]+)$/);
	my $conf_file = "$instdir/sles-suse/default-server.conf";
	if (($name eq 'sles') && ($version >= 12)) {
	$conf_file = "$instdir/sles-suse/apache2.4/default-server.conf";
	}
print_and_log(&mt('Copying the LON-CAPA [_1] to [_2].',	print_and_log(&mt('Copying the LON-CAPA [_1] to [_2].',
"'default-server.conf'",	"'default-server.conf'",
"'/etc/apache2/default-server.conf'")."\n");	"'/etc/apache2/default-server.conf'")."\n");
if (!-e "/etc/apache2/default-server.conf.original") {	if (!-e "/etc/apache2/default-server.conf.original") {
copy "/etc/apache2/default-server.conf","/etc/apache2/default-server.conf.original";	copy "/etc/apache2/default-server.conf","/etc/apache2/default-server.conf.original";
}	}
copy "$instdir/sles-suse/default-server.conf","/etc/apache2/default-server.conf";	copy $conf_file,"/etc/apache2/default-server.conf";
chmod(0444,"/etc/apache2/default-server.conf");	chmod(0444,"/etc/apache2/default-server.conf");
# Make symlink for conf directory (included in loncapa_apache.conf)	# Make symlink for conf directory (included in loncapa_apache.conf)
my $can_symlink = (eval { symlink('/etc/apache2','/srv/www/conf'); }, $@ eq '');	my $can_symlink = (eval { symlink('/etc/apache2','/srv/www/conf'); }, $@ eq '');
Line 2947 sub copy_apache2_suseconf {	Line 3213 sub copy_apache2_suseconf {
&print_and_log(&mt('Symlink creation failed for [_1] to [_2]. You will need to perform this action from the command line.',"'/srv/www/conf'","'/etc/apache2'")."\n");	&print_and_log(&mt('Symlink creation failed for [_1] to [_2]. You will need to perform this action from the command line.',"'/srv/www/conf'","'/etc/apache2'")."\n");
}	}
&copy_apache2_conf_files($instdir);	&copy_apache2_conf_files($instdir);
&copy_sysconfig_apache2_file($instdir);	&copy_sysconfig_apache2_file($instdir,$name,$version);
print_and_log("\n");	print_and_log("\n");
}	}

Line 2973 sub copy_apache2_conf_files {	Line 3239 sub copy_apache2_conf_files {
##	##
###############################################	###############################################
sub copy_sysconfig_apache2_file {	sub copy_sysconfig_apache2_file {
my ($instdir) = @_;	my ($instdir,$name,$version) = @_;
print_and_log(&mt('Copying the LON-CAPA [_1] to [_2].',"'sysconfig/apache2'","'/etc/sysconfig/apache2'")."\n");	print_and_log(&mt('Copying the LON-CAPA [_1] to [_2].',"'sysconfig/apache2'","'/etc/sysconfig/apache2'")."\n");
if (!-e "/etc/sysconfig/apache2.original") {	if (!-e "/etc/sysconfig/apache2.original") {
copy "/etc/sysconfig/apache2","/etc/sysconfig/apache2.original";	copy "/etc/sysconfig/apache2","/etc/sysconfig/apache2.original";
}	}
copy "$instdir/sles-suse/sysconfig_apache2","/etc/sysconfig/apache2";	my $sysconf_file = "$instdir/sles-suse/sysconfig_apache2";
	if (($name eq 'sles') && ($version >= 12)) {
	$sysconf_file = "$instdir/sles-suse/apache2.4/sysconfig_apache2";
	}
	copy $sysconf_file,"/etc/sysconfig/apache2";
chmod(0444,"/etc/sysconfig/apache2");	chmod(0444,"/etc/sysconfig/apache2");
}	}

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.48
changed lines
	Added in v.1.61