Author: buildbot
Date: Thu Oct 11 19:52:10 2012
New Revision: 834830
Log:
Staging update by buildbot for vcl
Modified:
websites/staging/vcl/trunk/content/ (props changed)
websites/staging/vcl/trunk/content/docs/UpgradePreviousVersions/UpgradeFrom2.2.1to2.3.html
Propchange: websites/staging/vcl/trunk/content/
------------------------------------------------------------------------------
--- cms:source-revision (original)
+++ cms:source-revision Thu Oct 11 19:52:10 2012
@@ -1 +1 @@
-1397259
+1397268
Modified:
websites/staging/vcl/trunk/content/docs/UpgradePreviousVersions/UpgradeFrom2.2.1to2.3.html
==============================================================================
---
websites/staging/vcl/trunk/content/docs/UpgradePreviousVersions/UpgradeFrom2.2.1to2.3.html
(original)
+++
websites/staging/vcl/trunk/content/docs/UpgradePreviousVersions/UpgradeFrom2.2.1to2.3.html
Thu Oct 11 19:52:10 2012
@@ -102,101 +102,98 @@
</ol>
<h1 id="shutdown-services">Shutdown services</h1>
<p>Shutdown the httpd and vcld services</p>
-<div class="codehilite"><pre> <span class="n">service</span> <span
class="n">httpd</span> <span class="n">stop</span> <span class="ow">or</span>
<span class="sr">/etc/i</span><span class="n">nit</span><span
class="o">.</span><span class="n">d</span><span class="o">/</span><span
class="n">httpd</span> <span class="n">stop</span>
- <span class="n">service</span> <span class="n">vcld</span> <span
class="n">stop</span> <span class="ow">or</span> <span
class="sr">/etc/i</span><span class="n">nit</span><span class="o">.</span><span
class="n">d</span><span class="o">/</span><span class="n">vcld</span> <span
class="n">stop</span>
+<div class="codehilite"><pre><span class="n">service</span> <span
class="n">httpd</span> <span class="n">stop</span> <span class="ow">or</span>
<span class="sr">/etc/i</span><span class="n">nit</span><span
class="o">.</span><span class="n">d</span><span class="o">/</span><span
class="n">httpd</span> <span class="n">stop</span>
+<span class="n">service</span> <span class="n">vcld</span> <span
class="n">stop</span> <span class="ow">or</span> <span
class="sr">/etc/i</span><span class="n">nit</span><span class="o">.</span><span
class="n">d</span><span class="o">/</span><span class="n">vcld</span> <span
class="n">stop</span>
</pre></div>
<h1 id="create-a-backup-of-vcl-database">Create a backup of vcl database</h1>
<p>We will create a backup of the vcl database. This will provide a restore
point if necessary.</p>
-<div class="codehilite"><pre> <span class="n">mysqldump</span> <span
class="n">vcl</span> <span class="o">></span> <span class="o">~/</span><span
class="n">vcl</span><span class="o">-</span><span class="n">pre2</span><span
class="mf">.3</span><span class="o">-</span><span class="n">upgrade</span><span
class="o">.</span><span class="n">sql</span>
+<div class="codehilite"><pre><span class="n">mysqldump</span> <span
class="n">vcl</span> <span class="o">></span> <span class="o">~/</span><span
class="n">vcl</span><span class="o">-</span><span class="n">pre2</span><span
class="mf">.3</span><span class="o">-</span><span class="n">upgrade</span><span
class="o">.</span><span class="n">sql</span>
</pre></div>
<h1 id="update-mysql-schema">Update mysql schema</h1>
<p>This step updates the mysql schema.</p>
-<div class="codehilite"><pre> <span class="n">cd</span> <span
class="sr">/root/</span><span class="n">apache</span><span
class="o">-</span><span class="n">VCL</span><span class="o">-</span><span
class="mf">2.3</span>
- <span class="n">mysql</span> <span class="n">vcl</span> <span
class="o"><</span> <span class="n">mysql</span><span class="o">/</span><span
class="n">update</span><span class="o">-</span><span class="n">vcl</span><span
class="o">.</span><span class="n">sql</span>
-
- <span class="o">**</span><span class="n">Note</span><span
class="o">**</span><span class="p">:</span> <span class="n">A</span> <span
class="k">new</span> <span class="n">resource</span> <span
class="n">group</span> <span class="n">is</span> <span class="n">added</span>
<span class="n">in</span> <span class="n">update</span><span
class="o">-</span><span class="n">vcl</span><span class="o">.</span><span
class="n">sql</span> <span class="o">-</span> <span class="o">**</span><span
class="n">all</span> <span class="n">profiles</span><span class="o">**.</span>
<span class="n">Access</span> <span class="n">to</span> <span
class="n">manage</span> <span class="n">the</span> <span class="n">group</span>
<span class="n">is</span> <span class="n">added</span> <span
class="n">to</span> <span class="n">the</span> <span class="n">VCL</span><span
class="o">-></span><span class="n">admin</span> <span class="n">node</span>
<span class="n">in</span> <span class="n">the</span> <span clas
s="n">privilege</span> <span class="n">tree</span> <span class="k">if</span>
<span class="n">that</span> <span class="n">node</span> <span
class="nb">exists</span><span class="o">.</span> <span class="n">If</span>
<span class="ow">not</span><span class="p">,</span> <span class="n">you</span>
<span class="n">will</span> <span class="n">need</span> <span
class="n">to</span> <span class="n">add</span> <span class="n">it</span> <span
class="n">manually</span> <span class="n">after</span> <span
class="n">starting</span> <span class="n">httpd</span> <span
class="n">again</span><span class="o">.</span> <span class="n">To</span> <span
class="n">add</span> <span class="n">it</span> <span
class="n">manually</span><span class="p">,</span> <span class="n">pick</span>
<span class="n">a</span> <span class="n">node</span> <span class="n">in</span>
<span class="n">the</span> <span class="n">privilege</span> <span
class="n">tree</span><span class="p">,</span> <span class="n">scroll</span> <s
pan class="n">to</span> <span class="n">Resources</span><span
class="p">,</span> <span class="n">click</span> <span class="n">Add</span>
<span class="n">Resource</span> <span class="n">Group</span><span
class="p">,</span> <span class="nb">select</span> <span
class="n">serverprofile</span><span class="o">/</span><span
class="n">all</span> <span class="n">profiles</span> <span
class="n">from</span> <span class="n">the</span> <span
class="n">drop</span><span class="o">-</span><span class="n">down</span> <span
class="n">box</span><span class="p">,</span> <span class="n">check</span> <span
class="n">available</span><span class="p">,</span> <span
class="n">administer</span><span class="p">,</span> <span
class="n">manageGroup</span><span class="p">,</span> <span
class="ow">and</span> <span class="n">manageMapping</span><span
class="p">,</span> <span class="ow">and</span> <span class="n">click</span>
<span class="n">Submit</span> <span class="n">New</span> <span
class="n">Resource</
span> <span class="n">Group</span><span class="o">.</span>
+<div class="codehilite"><pre><span class="n">cd</span> <span
class="sr">/root/</span><span class="n">apache</span><span
class="o">-</span><span class="n">VCL</span><span class="o">-</span><span
class="mf">2.3</span>
+<span class="n">mysql</span> <span class="n">vcl</span> <span
class="o"><</span> <span class="n">mysql</span><span class="o">/</span><span
class="n">update</span><span class="o">-</span><span class="n">vcl</span><span
class="o">.</span><span class="n">sql</span>
</pre></div>
+<p><strong>Note</strong>: A new resource group is added in update-vcl.sql -
<strong>all profiles</strong>. Access to manage the group is added to the
VCL->admin node in the privilege tree if that node exists. If not, you will
need to add it manually after starting httpd again. To add it manually, pick a
node in the privilege tree, scroll to Resources, click Add Resource Group,
select serverprofile/all profiles from the drop-down box, check available,
administer, manageGroup, and manageMapping, and click Submit New Resource
Group.</p>
<h1 id="update-web-code">Update web code</h1>
<p>This step we will move the 2.2.1 web directory out of the way, so we can
copy in the new web code base. After copying in the new code, we will migrate
your configuration changes. These instructions assume that you installed the
vcl web code at /var/www/html/vcl. If you installed it elsewhere, replace
/var/www/html/vcl with your vcl web root.</p>
<ol>
<li>
<p>move your old code out of the way</p>
-<div class="codehilite"><pre><span class="n">cd</span> <span
class="sr">/var/</span><span class="n">www</span><span class="o">/</span><span
class="n">html</span>
-<span class="n">mv</span> <span class="n">vcl</span> <span
class="o">~/</span><span class="n">vcl_2</span><span
class="mf">.2.1_</span><span class="n">web</span>
-</pre></div>
-
-
+<p>:::BashLexer
+cd /var/www/html
+mv vcl ~/vcl_2.2.1_web</p>
</li>
<li>
<p>copy the new code in place</p>
-<div class="codehilite"><pre><span class="n">cd</span> <span
class="sr">/root/</span><span class="n">apache</span><span
class="o">-</span><span class="n">VCL</span><span class="o">-</span><span
class="mf">2.3</span>
-<span class="n">cp</span> <span class="o">-</span><span class="n">r</span>
<span class="n">web</span> <span class="sr">/var/</span><span
class="n">www</span><span class="sr">/html/</span><span class="n">vcl</span>
-</pre></div>
-
-
+<p>:::BashLexer
+cd /root/apache-VCL-2.3
+cp -r web /var/www/html/vcl</p>
</li>
<li>
<p>copy your 2.2.1 config files</p>
-<div class="codehilite"><pre><span class="n">cd</span> <span
class="o">~</span><span class="sr">/vcl_2.2.1_web/</span><span
class="o">.</span><span class="n">ht</span><span class="o">-</span><span
class="n">inc</span>
-<span class="n">cp</span> <span class="n">conf</span><span
class="o">.</span><span class="n">php</span> <span
class="n">secrets</span><span class="o">.</span><span class="n">php</span>
<span class="n">pubkey</span><span class="o">.</span><span class="n">pem</span>
<span class="nb">keys</span><span class="o">.</span><span class="n">pem</span>
<span class="sr">/var/</span><span class="n">www</span><span
class="sr">/html/</span><span class="n">vcl</span><span
class="o">/.</span><span class="n">ht</span><span class="o">-</span><span
class="n">inc</span>
-</pre></div>
-
-
+<p>:::BashLexer
+cd ~/vcl_2.2.1_web/.ht-inc
+cp conf.php secrets.php pubkey.pem keys.pem /var/www/html/vcl/.ht-inc</p>
</li>
<li>
<p>Make the maintenance directory writable by the web server user. You will
need to know what user httpd runs as on your server. This can be found with</p>
-<div class="codehilite"><pre><span class="n">ps</span> <span
class="n">aux</span> <span class="o">|</span> <span class="nb">grep</span>
<span class="n">httpd</span>
-</pre></div>
-
-
+<p>:::BashLexer
+ps aux | grep httpd</p>
<p>Look at the first column. One process will be owned by root. The remaining
processes will be owned by the web server user. Now, own
/var/www/html/vcl/.ht-inc/maintenance to that user (replacing 'apache' with
your web server user if different):</p>
-<div class="codehilite"><pre><span class="nb">chown</span> <span
class="n">apache</span> <span class="sr">/var/</span><span
class="n">www</span><span class="sr">/html/</span><span
class="n">vcl</span><span class="sr">/.ht-inc/m</span><span
class="n">aintenance</span>
-</pre></div>
-
-
+<p>:::BashLexer
+chown apache /var/www/html/vcl/.ht-inc/maintenance</p>
</li>
<li>
<p>make some changes to conf.php:</p>
-</li>
-</ol>
<p>a. A new user group permission that controls who can manage block
allocations globally or for a specific affiliation has been added. It can be
granted to any user group under Privileges->Additional User
Permissions->Manage Block Allocations. Users with this permission are
notified of new block allocation requests. Remove</p>
-<div class="codehilite"><pre> <span class="nv">$blockNotifyUsers</span>
+<div class="codehilite"><pre><span class="nv">$blockNotifyUsers</span>
</pre></div>
+</li>
+</ol>
<p>from conf.php.</p>
-<p>b. A new user group permission that controls who can look up users globally
or for a specific affiliation has been added. It can be granted to any user
group under Privileges->Additional User Permissions->User Lookup. Users
with this permission can look up information about other users. Remove</p>
-<div class="codehilite"><pre> <span class="nv">$userlookupUsers</span>
-</pre></div>
+<div class="codehilite"><pre> <span class="n">b</span><span class="o">.</span>
<span class="n">A</span> <span class="k">new</span> <span class="n">user</span>
<span class="n">group</span> <span class="n">permission</span> <span
class="n">that</span> <span class="n">controls</span> <span
class="n">who</span> <span class="n">can</span> <span class="n">look</span>
<span class="n">up</span> <span class="n">users</span> <span
class="n">globally</span> <span class="ow">or</span> <span class="k">for</span>
<span class="n">a</span> <span class="n">specific</span> <span
class="n">affiliation</span> <span class="n">has</span> <span
class="n">been</span> <span class="n">added</span><span class="o">.</span>
<span class="n">It</span> <span class="n">can</span> <span class="n">be</span>
<span class="n">granted</span> <span class="n">to</span> <span
class="n">any</span> <span class="n">user</span> <span class="n">group</span>
<span class="n">under</span> <span class="n">Privileges</span><s
pan class="o">-></span><span class="n">Additional</span> <span
class="n">User</span> <span class="n">Permissions</span><span
class="o">-></span><span class="n">User</span> <span
class="n">Lookup</span><span class="o">.</span> <span class="n">Users</span>
<span class="n">with</span> <span class="n">this</span> <span
class="n">permission</span> <span class="n">can</span> <span
class="n">look</span> <span class="n">up</span> <span
class="n">information</span> <span class="n">about</span> <span
class="n">other</span> <span class="n">users</span><span class="o">.</span>
<span class="n">Remove</span>
+
+ <span class="o">::</span><span class="p">:</span><span
class="n">BashLexer</span>
+ <span class="nv">$userlookupUsers</span>
+ <span class="n">c</span><span class="o">.</span> <span
class="n">Multilingualization</span> <span class="n">has</span> <span
class="n">been</span> <span class="n">added</span> <span
class="n">VCL</span><span class="o">.</span> <span class="n">So</span><span
class="p">,</span> <span class="n">DEFAULTLOCALE</span> <span
class="n">has</span> <span class="n">been</span> <span class="n">added</span>
<span class="n">to</span> <span class="n">conf</span><span
class="o">.</span><span class="n">php</span> <span class="n">to</span> <span
class="n">set</span> <span class="n">the</span> <span class="n">default</span>
<span class="n">locale</span><span class="o">.</span> <span class="n">Add</span>
-<p>c. Multilingualization has been added VCL. So, DEFAULTLOCALE has been added
to conf.php to set the default locale. Add</p>
-<div class="codehilite"><pre> <span class="n">define</span><span
class="p">(</span><span class="s">"DEFAULTLOCALE"</span><span
class="p">,</span> <span class="s">"en_US"</span><span
class="p">);</span>
+<span class="o">::</span><span class="p">:</span><span
class="n">BashLexer</span>
+<span class="n">define</span><span class="p">(</span><span
class="s">"DEFAULTLOCALE"</span><span class="p">,</span> <span
class="s">"en_US"</span><span class="p">);</span>
</pre></div>
<p>to conf.php, changing en_US if needed to match your locale. You can look in
/var/www/html/vcl/locale to see which ones are available.</p>
-<p>d. Users authenticated using Shibboleth without also having an LDAP server
can now be added before they log in. Add</p>
-<div class="codehilite"><pre> <span class="n">define</span><span
class="p">(</span><span class="s">"ALLOWADDSHIBUSERS"</span><span
class="p">,</span> <span class="mi">0</span><span class="p">);</span>
+<div class="codehilite"><pre><span class="n">d</span><span class="o">.</span>
<span class="n">Users</span> <span class="n">authenticated</span> <span
class="n">using</span> <span class="n">Shibboleth</span> <span
class="n">without</span> <span class="n">also</span> <span
class="n">having</span> <span class="n">an</span> <span class="n">LDAP</span>
<span class="n">server</span> <span class="n">can</span> <span
class="n">now</span> <span class="n">be</span> <span class="n">added</span>
<span class="n">before</span> <span class="n">they</span> <span
class="nb">log</span> <span class="n">in</span><span class="o">.</span> <span
class="n">Add</span>
+
+<span class="o">::</span><span class="p">:</span><span
class="n">BashLexer</span>
+<span class="n">define</span><span class="p">(</span><span
class="s">"ALLOWADDSHIBUSERS"</span><span class="p">,</span> <span
class="mi">0</span><span class="p">);</span>
</pre></div>
<p>to conf.php. If you are using Shibboleth and would like to be able to add
users to groups before the user has ever logged in to VCL, you can set this to
1. However, please note that if you typo the userid, there is no way to verify
it, and the user will be added with the typoed userid.</p>
-<p>e. Some LDAP related items have been simplified in the code using some
additional options in $authMechs. For any LDAP entries, you need to add two
options. "lookupuserbeforeauth" is used if you need VCL to look up the full DN
of a user and use that when doing the bind that authenticates the user (if you
don't know what this means, leave it set to 0). If you need to set it to 1,
then you will need to set "lookupuserfield" to what LDAP attribute to use when
looking up the user's DN (typically either 'cn', 'uid', or 'samaccountname').
Add</p>
-<div class="codehilite"><pre> <span
class="s">"lookupuserbeforeauth"</span> <span class="o">=></span>
<span class="mi">0</span><span class="p">,</span>
+<div class="codehilite"><pre><span class="n">e</span><span class="o">.</span>
<span class="n">Some</span> <span class="n">LDAP</span> <span
class="n">related</span> <span class="n">items</span> <span
class="n">have</span> <span class="n">been</span> <span
class="n">simplified</span> <span class="n">in</span> <span
class="n">the</span> <span class="n">code</span> <span class="n">using</span>
<span class="n">some</span> <span class="n">additional</span> <span
class="n">options</span> <span class="n">in</span> <span
class="nv">$authMechs</span><span class="o">.</span> <span class="n">For</span>
<span class="n">any</span> <span class="n">LDAP</span> <span
class="n">entries</span><span class="p">,</span> <span class="n">you</span>
<span class="n">need</span> <span class="n">to</span> <span
class="n">add</span> <span class="n">two</span> <span
class="n">options</span><span class="o">.</span> <span
class="s">"lookupuserbeforeauth"</span> <span class="n">is</span>
<span cl
ass="n">used</span> <span class="k">if</span> <span class="n">you</span> <span
class="n">need</span> <span class="n">VCL</span> <span class="n">to</span>
<span class="n">look</span> <span class="n">up</span> <span
class="n">the</span> <span class="n">full</span> <span class="n">DN</span>
<span class="n">of</span> <span class="n">a</span> <span class="n">user</span>
<span class="ow">and</span> <span class="k">use</span> <span
class="n">that</span> <span class="n">when</span> <span class="n">doing</span>
<span class="n">the</span> <span class="nb">bind</span> <span
class="n">that</span> <span class="n">authenticates</span> <span
class="n">the</span> <span class="n">user</span> <span class="p">(</span><span
class="k">if</span> <span class="n">you</span> <span class="n">don</span><span
class="s">'t know what this means, leave it set to 0). If you need to set
it to 1, then you will need to set "lookupuserfield" to what LDAP
attribute to use when looking up the user&
#39;</span><span class="n">s</span> <span class="n">DN</span> <span
class="p">(</span><span class="n">typically</span> <span
class="n">either</span> <span class="s">'cn'</span><span
class="p">,</span> <span class="s">'uid'</span><span class="p">,</span>
<span class="ow">or</span> <span class="s">'samaccountname'</span><span
class="p">)</span><span class="o">.</span> <span class="n">Add</span>
+
+ <span class="o">::</span><span class="p">:</span><span
class="n">BashLexer</span>
+ <span class="s">"lookupuserbeforeauth"</span> <span
class="o">=></span> <span class="mi">0</span><span class="p">,</span>
<span class="s">"lookupuserfield"</span> <span
class="o">=></span> <span class="s">''</span><span class="p">,</span>
</pre></div>
<p>to each LDAP array you have in the $authMech array in conf.php.</p>
-<p>f. If you are using any Local accounts for authentication, you need to
modify the entries for $addUserFunc and $updateUserFunc. Change</p>
-<div class="codehilite"><pre> <span class="nv">$addUserFunc</span><span
class="p">[</span><span class="nv">$item</span><span class="p">[</span><span
class="s">'affiliationid'</span><span class="p">]]</span> <span
class="o">=</span> <span class="n">create_function</span><span
class="p">(</span><span class="s">''</span><span class="p">,</span>
<span class="s">'return 0;'</span><span class="p">);</span>
+<div class="codehilite"><pre> <span class="n">f</span><span class="o">.</span>
<span class="n">If</span> <span class="n">you</span> <span class="n">are</span>
<span class="n">using</span> <span class="n">any</span> <span
class="n">Local</span> <span class="n">accounts</span> <span
class="k">for</span> <span class="n">authentication</span><span
class="p">,</span> <span class="n">you</span> <span class="n">need</span> <span
class="n">to</span> <span class="n">modify</span> <span class="n">the</span>
<span class="n">entries</span> <span class="k">for</span> <span
class="nv">$addUserFunc</span> <span class="ow">and</span> <span
class="nv">$updateUserFunc</span><span class="o">.</span> <span
class="n">Change</span>
+
+ <span class="o">::</span><span class="p">:</span><span
class="n">BashLexer</span>
+ <span class="nv">$addUserFunc</span><span class="p">[</span><span
class="nv">$item</span><span class="p">[</span><span
class="s">'affiliationid'</span><span class="p">]]</span> <span
class="o">=</span> <span class="n">create_function</span><span
class="p">(</span><span class="s">''</span><span class="p">,</span>
<span class="s">'return 0;'</span><span class="p">);</span>
<span class="nv">$updateUserFunc</span><span class="p">[</span><span
class="nv">$item</span><span class="p">[</span><span
class="s">'affiliationid'</span><span class="p">]]</span> <span
class="o">=</span> <span class="n">create_function</span><span
class="p">(</span><span class="s">''</span><span class="p">,</span>
<span class="s">'return 0;'</span><span class="p">);</span>
</pre></div>
@@ -208,7 +205,7 @@
<h1 id="restart-httpd-service">Restart httpd service</h1>
-<div class="codehilite"><pre> <span class="n">service</span> <span
class="n">httpd</span> <span class="n">start</span> <span class="ow">or</span>
<span class="sr">/etc/i</span><span class="n">nit</span><span
class="o">.</span><span class="n">d</span><span class="o">/</span><span
class="n">httpd</span> <span class="n">start</span>
+<div class="codehilite"><pre><span class="n">service</span> <span
class="n">httpd</span> <span class="n">start</span> <span class="ow">or</span>
<span class="sr">/etc/i</span><span class="n">nit</span><span
class="o">.</span><span class="n">d</span><span class="o">/</span><span
class="n">httpd</span> <span class="n">start</span>
</pre></div>
