view: /CipUX/trunk/cipux-core//cipux/src/doc/install/debian/cipux_deb_pkg_installation.mkd (Rev: HEAD, via SVN::Web)

Revision 5122 (by auerswald-guest, 2011/01/09 13:06:25)	Updated date and version of CipUX install guide for Debian.
# CipUX installation on Debian

This guide describes the installation of the CipUX middleware and the XML-RPC
server.


## Versions

    2010-07-02 by Chrstian Kuelker - v0.1
    2010-07-18 by Chrstian Kuelker - v0.2
    2011-01-08 by Erik Auerswald - v0.3


## Install medium

Debian:     Debian-Squeeze, Debian-Lenny


## Prerequisites

This version of CipUX needs an LDAP server.

Set the environment variable BASEDN to your base DN and add the
organizational unit of CipUX. It can be for example:

    export BASEDN=ou=CipUX,dc=nodomain

Then find out your admin account DN and do likewise. It can be something
else, for example:

    export ADMINDN=cn=admin,dc=nodomain


# Installation of CipUX Middleware

Edit source list

    echo "deb http://debian.jones.dk/ lenny cipux" >> /etc/apt/sources.list

Update package database

    aptitude update

Start the installation

    aptitude install cipux-task-tools
    aptitude install ldap-utils

After package installation, there is the need to fix some issues.

    mkdir /etc/cipux/ldap

Add three schemata to the LDAP. Two of them (lis.schema and courier.schema)
are not part of the package. You have to download them from SVN any way. One
(cipux.schema) is included in the package. You can find it under

    /usr/share/doc/libcipux-storage-perl/examples/cipux.schema.gz

However you can get all three schemata with this command at once:

    cd /etc/cipux/ldap
    svn co svn://svn.debian.org/cipux/trunk/cipux-core/storage-ldap/src/etc/cipux/ldap/schema

The following files are needed to kick start the CipUX objects in the LDAP
server. As of now they are not included in the Debian package.

    mkdir /usr/share/doc/libcipux-storage-perl/examples/debian/
    cd /usr/share/doc/libcipux-storage-perl/examples
    svn co svn://svn.debian.org/cipux/trunk/cipux-core/storage/src/doc/debian

Now add this object to the database.

    export cipuxrootpw="$(perl -e 'print map{("a".."z","A".."Z",0..9)[int(rand(62))]}(1..16)')"

    perl -pe 's/\@PW\@/$ENV{"cipuxrootpw"}/;s/\@BASEDN\@/$ENV{"BASEDN"}/'  /usr/share/doc/libcipux-storage-perl/examples/debian/cipux.ldif|ldapadd -xWZD $ADMINDN

    sed "s/@PW@/$cipuxrootpw/" /usr/share/doc/libcipux-storage-perl/examples/debian/cipuxroot.ldif|sed "s/@BASEDN@/$BASEDN/"|ldapadd -xWZD $ADMINDN



Stop OpenLDAP:

    invoke-rc.d slapd stop

Include CipUX schema

    perl -i -p0e '$t="CipUX schema";$s="include\t\t/etc/cipux/ldap/schema/cipux.schema\ninclude\t\t/etc/cipux/ldap/schema/courier.schema\ninclude\t\t/etc/cipux/ldap/schema/lis.schema";s!^[ \t#]*(BEGIN $t).*[ \t#]*(END $t)[ \t]*$!# $1\n$s\n# $2!ms or s!^((.*\n)?[ \t]*include[ \t]*\S*\.schema[ \t]*\n)!$1\n# BEGIN $t\n$s\n# END $t\n!s or exit 1' $(readlink -f /etc/ldap/slapd.conf)

Copy ACL Rules:

    sed "s/@BASEDN@/$BASEDN/" /usr/share/doc/libcipux-storage-perl/examples/debian/slapd_acl_cipuxroot.conf > /etc/cipux/ldap/slapd_acl_cipuxroot.conf

Include ACL Rules:

    perl -i -p0e '$t="CipUX ACL";$s="include /etc/cipux/ldap/slapd_acl_cipuxroot.conf";s!^[ \t#]*(BEGIN $t).*[ \t#]*(END $t)[ \t]*$!# $1\n$s\n# $2!ms or s!((\n[ \t]*#.*)*\naccess[ \t])!\n# BEGIN $t\n$s\n# END $t\n$1! or exit 1' $(readlink -f /etc/ldap/slapd.conf)

Create a CipUX trust account on OpenLDAP:

    sed "s/ou=CipUX,dc=example,dc=org/$BASEDN/" /usr/share/cipux/etc/cipux-access.ini > /etc/cipux/cipux-access.ini
    chown root:root /etc/cipux/cipux-access.ini
    chmod u=rw,go= /etc/cipux/cipux-access.ini
    perl -i -pe "s/[ \t]*#([ \t]*password[ \t]*=).*/\$1\$ENV{'cipuxrootpw'}/" /etc/cipux/cipux-access.ini

    unset cipuxrootpw

Start OpenLDAP:

    invoke-rc.d slapd start

Create organisational units:

    if [ -e t.ldif ];then rm t.ldif;fi;touch t.ldif;for i in user group cat task room; do sed "s/@BASEDN@/$BASEDN/" /usr/share/doc/libcipux-storage-perl/examples/debian/$i.ldif >> t.ldif;echo "" >> t.ldif; done; ldapadd -xWZD $ADMINDN -f t.ldif; rm t.ldif

Create cipadmin object. In this example we use "pw" as password. Please use another one.

    export cipadminpw=pw

    sed "s/@BASEDN@/$BASEDN/" /usr/share/doc/libcipux-storage-perl/examples/debian/cipadmin-group.ldif|ldapadd -xWZD $ADMINDN

    perl -pe 's/\@PW\@/$ENV{"cipadminpw"}/;s/\@BASEDN\@/$ENV{"BASEDN"}/' /usr/share/doc/libcipux-storage-perl/examples/debian/cipadmin-user.ldif|ldapadd -xWZD $ADMINDN

    unset cipadminpw

## Installing CipUX task tools

Create role accounts

    for i in admin teacher student professor assistant pupil tutor lecturer; do  cipux_task_client -t cipux_task_create_role_account -o $i; done

Add cipadmin to group admins

    cipux_task_client -t cipux_task_add_member_to_role_account -o admin -x value=cipadmin


# Installing CipUX-RPC Server on top of the Middleware

    aptitude update
    aptitude install cipux-rpcd

Start CipUX rpcd server

    invoke-rc.d cipux-rpcd start


# Configuring PAM

## Debian Lenny

    vim /etc/nss-ldap.conf

change:

    base dc=cipux

to

    base ou=CipUX,dc=nodomain
Repository List / CipUX / trunk / cipux-core / / cipux / src / doc / install / debian / cipux_deb_pkg_installation.mkd @ HEAD
