Diff for /doc/build/Attic/install.html between versions 1.5 and 1.31

version 1.5, 2000/11/01 16:08:55 version 1.31, 2002/07/18 19:51:31
Line 1 Line 1
 <HTML>  <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
 <HEAD>   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 <TITLE>LON-CAPA Installation</TITLE>  <!-- The LearningOnline Network with CAPA -->
 </HEAD>  <!-- $Id$ -->
 <BODY>  <html>
 <H1>LON-CAPA Installation</H1>  <head>
 <H3>Current Installation Procedure</H3>  <meta http-equiv="Content-Type" content="text/html; charset=utf-8"></meta>
 <P>  <title>LON-CAPA Installation</title>
 Scott Harrison  <!-- pdfahref install.pdf -->
 </P>  <!-- button INSTALL -->
 <P>  </head>
 Last updated: 11/01/2000  <body bgcolor='#ffffff'>
 </P>  <!-- preamble start -->
 <P>  <br />&nbsp;
 This is the current list of steps to support LON-CAPA installation.  These steps have  <p>
 been tested.  You will need to check all the following things to ensure proper
 <OL>  installation of your LON-CAPA system.
 <LI>Get Redhat 6.2 on a CD by  </p>
 <UL>  <ul>
 <LI>Using a RedHat 6.2 CD  <li><a href="#wwwuser">
 <LI>Downloading a RedHat 6.2 <A HREF="http://install.lon-capa.org/3.1/currentcdimage">CD image</A> and burning a CD  Creating a user 'www'</a></li>
 <LI>Or, alternatively do a network install from a <A HREF="http://install.lon-capa.org/3.1/currentcdsource">  <li><a href="#shadow">
 RedHat 6.2 CD source tree</A>.  You need to burn a boot floppy disk with a network boot image;  Make a LON-CAPA system work with shadow passwords</a></li>
 <A HREF="http://install.lon-capa.org/3.1/currentcdsource/images/bootnet-20000407.img">  <li><a href="#install">
 bootnet-20000407.img</A>.  (Download the image file; insert a blank floppy disk; and type a  Installing LON-CAPA files</a></li>
 command similar to: <TT>dd if=bootnet-20000407.img of=/dev/fd0</TT>).  For installation, you  <li><a href="#checkrpms">
 need to specify <TT>http://www.lon-capa.org</TT> as your download URL, and <TT>/install/3.1/currentcdsource</TT>  Checking your Linux RPMs</a></li>
 as the source location.  <li><a href="#mysql">
 </UL>  Configuring the MySQL database</a></li>
 <LI>Install RedHat 6.2  <li><a href="#testing">
 <UL>  Testing to see if the LON-CAPA server is operational</a></li>
 <LI><B>Important: Do a "GNOME Workstation Install" and go with their default list of packages</B>  </ul>
 <LI><B>Important: Make sure you add a user "www"</B>  <p>
 </UL>  <strong>NOTE:</strong>
 <LI>After installation, install extra RPMs/upgrades by downloading all files from  If you want to simultaneously install both RedHat 7.3 and LON-CAPA
 <A HREF="http://install.lon-capa.org/3.1/SupplementalRPMS/">  (to ensure 100% reliability), follow <a href="rh73.html">these
 http://install.lon-capa.org/3.1/SupplementalRPMS</A>.  alternative directions</a>.
 <UL>  </p>
 <LI>Use this command to install the RPMs you download: <TT>rpm -Uvh --force *.rpm</TT>.  <ul>
 </UL>  <li><a href="#wwwuser">
 <LI>Remove extra RPMs by downloading and running the script   Creating a user 'www'</a></li>
 <A HREF="http://install.lon-capa.org/3.1/scripts/remove_extra.sh">  <br />&nbsp;
 http://install.lon-capa.org/3.1/scripts/remove_extra.sh</A> as root.  <!-- preamble end -->
 <LI>After installing the supplemental RPMS, install a final RPM set by downloading all files from  <!-- maintext start -->
 <A HREF="http://install.lon-capa.org/3.1/FinalRPMS/">  <a name="wwwuser" />
 http://install.lon-capa.org/3.1/FinalRPMS</A>.  <h3>Creating a user 'www'</h3>
 <UL>  <p>
 <LI>Use this command to install the RPMs you download: <TT>rpm -Uvh --force *.rpm</TT>.  Execute the following command to create a user named 'www' on your
 </UL>  LON-CAPA server:
 <LI>Configure needed files.  </p>
 <UL>  <table bgcolor="#aaaaaa" border="1"><tr><td>
 <LI>Currently, reconfiguration must be handled manually and involves an administrator  <tt>/usr/sbin/useradd www</tt>
 altering configuration files present throughout the system.  For a list of these  </td></tr></table>
 files and their descriptions, visit <A HREF="http://install.lon-capa.org/3.1/loncapafiles/loncapafiles.html">  <a name="shadow" />
 http://install.lon-capa.org/3.1/loncapafiles/loncapafiles.html</A>.  <h3>Make a LON-CAPA system work with shadow passwords</h3>
 </UL>  <table border="1">
 <LI>Important files are /etc/httpd/conf/access.conf, /etc/ntp.conf, /etc/krb.conf,    <tr><th>Step #</th><th>Description</th></tr>
 /home/httpd/lonTabs/spare.tab, /home/httpd/lonTabs/hosts.tab (if setting up a cluster different  <tr><td>
 than MSU's).  <font size="+1">1</font>
 <LI>Unshadow passwords  </td><td>
 <UL>  <p>Is your system using shadow passwords? (Note: LON-CAPA will
 <PRE>You can do this by these 5 steps:  work with either MD5/non-MD5 configured systems).  If your
 1. enter the system command, as "root", pwunconv  system is not using shadow passwords, then do not perform
 2. enter the system command, as "root", grpunconv  any of the additional steps.  If your system is using shadow
 3. Set the following to be the /etc/pam.d/login file on your system  passwords, then you will need to perform the additional steps below.
 #%PAM-1.0  </p>
 auth       required     /lib/security/pam_securetty.so  <p>
 auth       required     /lib/security/pam_pwdb.so shadow nullok  <strong>How to detect:</strong>
 auth       required     /lib/security/pam_nologin.so  <br />command: <tt>cat /etc/passwd | grep ':x:'</tt>
 account    required     /lib/security/pam_pwdb.so  </p>
 password   required     /lib/security/pam_cracklib.so  <p>If there is output such as "<tt>root:x:0:0:root:/root:/bin/bash</tt>",
 password   required     /lib/security/pam_pwdb.so nullok use_authtok  then your system is using shadow passwords and you will need to continue with
 session    required     /lib/security/pam_pwdb.so  the steps below.
 session    optional     /lib/security/pam_console.so  </p>
 4. Set the following to be the /etc/pam.d/passwd file on your system  </td></tr>
 #%PAM-1.0  <tr><td>
 auth       required     /lib/security/pam_pwdb.so shadow nullok  <font size='+1'>2</font>
 account    required     /lib/security/pam_pwdb.so  </td><td>
 password   required     /lib/security/pam_cracklib.so retry=3  <p><strong>Retrieve the mod_auth_external source</strong> by
 password   required     /lib/security/pam_pwdb.so use_authtok nullok  running the following command
 5. Set/reset passwords.  As "root" use 'passwd', and 'passwd www'  </p>
 to change the important passwords.  This creates crypt-processible  <p><tt>
 passwords in /etc/passwd.  wget http://www.wwnet.net/~janc/software/mod_auth_external-2.1.13.tar.gz
 </PRE>  </tt>
 </UL>  </p>
 <LI>Run, as root, <TT>ln -s /etc/mime.types /etc/httpd/conf/mime.types</TT>  </td></tr>
 <LI>Run, as root, <TT>/etc/rc.d/init.d/httpd start</TT>.  <tr><td>
 <LI>Run, as root, <TT>/etc/rc.d/init.d/loncontrol start</TT>.  <font size='+1'>3</font>
 <LI>After 10 minutes, you should be able to check the file <TT>/home/httpd/html/lon-status/index.html</TT>  </td><td>
 to see if your machine has been successfully set up.  <p><strong>Unpack the mod_auth_external source</strong> by
 </UL>  running the following command
 </OL>  </p>
 </P>  <p>
 <H3>Future Installation Procedure (not yet implemented)</H3>  <tt>tar xzvf mod_auth_external-2.1.13.tar.gz</tt>
 <P>  </p>
 In the future, LON-CAPA Installation will be distributed on a CD complete with a  </td></tr>
 customized interface.  Many elements for doing this have been coded, and are in place, but  <tr><td>
 it awaits completion.  <font size='+1'>4</font>
 </P>  </td><td>
 </BODY>  <p><strong>Go to the <tt>pwauth</tt> directory</strong> by
 </HTML>  running the following command
   </p>
   <p>
   <tt>cd mod_auth_external-2.1.13/pwauth/</tt>
   </p>
   </td></tr>
   <tr><td>
   <font size='+1'>5</font>
   </td><td>
   <p><strong>Edit <tt>config.h</tt> and change SERVER_UIDS definition</strong>
   </p>
   <p>
   Determine the user id of 'www':
   <br /><tt>grep ^www /etc/passwd | cut -d':' -f3</tt>
   <br />
   Change the line
   <br /><tt>#define SERVER_UIDS 99       /* user "nobody" */</tt>
   <br />to be
   <br /><tt>#define SERVER_UIDS 513      /* user "www" */</tt>
   <br />where in this example 513 corresponds to the user id of 'www'.
   </p>
   </td></tr>
   <tr><td>
   <font size='+1'>6</font>
   </td><td>
   <p><strong>Compile the <tt>pwauth</tt> executable</strong> by
   running the following command
   </p>
   <p>
   <tt>make</tt>
   </p>
   </td></tr>
   <tr><td>
   <font size='+1'>7</font>
   </td><td>
   <p><strong>Install <tt>pwauth</tt></strong> by doing the following
   </p>
   <p>
   <tt>cp pwauth /usr/local/sbin/</tt>
   <br /><tt>chmod 6755 /usr/local/sbin/pwauth</tt>
   </p>
   <p>
   Edit (creating the file) /etc/pam.d/pwauth to have the contents:
   </p>
   <pre>
           auth       required     /lib/security/pam_pwdb.so shadow nullok
           auth       required     /lib/security/pam_nologin.so
           account    required     /lib/security/pam_pwdb.so
   </pre>
   </td></tr>
   </table>
   <a name="install" />
   <h3>Installing LON-CAPA files</h3>
   <p>
   Download the most current
   <a href="http://install.lon-capa.org/versions/current/loncapa.tar.gz">
   loncapa.tar.gz</a>.
   </p>
   <table bgcolor="#aaaaaa" border="1">
   <tr><td><tt>wget http://install.lon-capa.org/versions/current/loncapa.tar.gz
   </tt>
   <br />
   <tt>tar xzvf loncapa.tar.gz</tt>
   <br />
   <tt>cd loncapa</tt></td></tr>
   </table>
   <p>
   The <strong>UPDATE</strong> command will refresh your filesystem with all
   the latest LON-CAPA software.
   </p>
   <table bgcolor="#aaaaaa" border="1">
   <tr><td><tt>./UPDATE</tt></td></tr>
   </table>
   <a name="checkrpms" />
   <h3>Checking your Linux RPMs</h3>
   <p>
   The <strong>CHECKRPMS</strong> command will check the RPMs on your machine
   against an FTP repository.
   </p>
   <table bgcolor="#aaaaaa" border="1">
   <tr><td><tt>./CHECKRPMS</tt></td></tr>
   </table>
   <a name="mysql" />
   <h3>Configuring the MySQL database</h3>
   <p>
   The following commands describe how to configure the MySQL database
   on your LON-CAPA server.
   <br />Note:
   </p>
   <ul>
   <li>you should substitute 'ROOTPASSWORD' with something very hard to guess
   (it does not have to be the Linux OS root password)
   </li>
   <li>The MySQL www@localhost user must always have a password of 'localhostkey'
   in order for there to be correct operation of a standard LON-CAPA system.
   </li>
   </ul>
   <p>
   The following instructions assume you are logged in as 'root'.
   </p>
   <p>Entering the mysql shell</p>
   <table bgcolor="#aaaaaa" border="1"><tr><td>
   <pre>
   mysql -u root -p mysql
   OR
   mysql -u root mysql (depending on whether you have set a root password)
   </pre>
   </td></tr></table>
   <p>Creating the mysql 'www' user (after entering mysql shell)</p>
   <table bgcolor="#aaaaaa" border="1"><tr><td>
   <pre>
   mysql> CREATE DATABASE loncapa;
   
   mysql> INSERT INTO user (Host, User, Password)
   mysql> VALUES ('localhost','www',password('localhostkey'));
   
   mysql> GRANT ALL PRIVILEGES ON *.* TO www@localhost;
   
   mysql> FLUSH PRIVILEGES;
   </pre>
   </td></tr></table>
   <p>SECURITY: set a password for the mysql 'root' user</p>
   <table bgcolor="#aaaaaa" border="1"><tr><td>
   <pre>
   shell> mysql -u root mysql
   mysql> SET PASSWORD FOR root@localhost=PASSWORD('ROOTPASSWORD');
   </pre>
   </td></tr></table>
   <p>SECURITY: only allow access from localhost</p>
   <table bgcolor="#aaaaaa" border="1"><tr><td>
   <pre>
   shell> mysql -u root -p mysql
   mysql> DELETE FROM user WHERE host&lt;&gt;'localhost';
   </pre>
   </td></tr></table>
   <a name="testing" />
   <h3>Testing to see if the LON-CAPA server is operational</h3>
   <p>
   The <strong>TEST</strong> command will check the installation software,
   the perl libraries on your system, the MySQL database, and
   will also automatically test the real-time operation of the 
   LON-CAPA Apache web server.
   </p>
   <table bgcolor="#aaaaaa" border="1">
   <tr><td><tt>./TEST</tt></td></tr>
   </table>
   <p>
   Using the <strong>TEST</strong> command will likely
   be an iterative process.
   It is normal to expect that the <strong>TEST</strong> command
   will recommend you perform various steps to ensure optimal
   performance of your LON-CAPA server.
   </p>
   <!-- maintext end -->
   <!-- validated -->
   </body>
   </html>

Removed from v.1.5  
changed lines
  Added in v.1.31


FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>