view: /CipUX/trunk/cipux-core//cipux/src/doc/install/debian/cipux_release_installation.mkd (Rev: HEAD, via SVN::Web)

Revision 5096 (by christian-guest, 2010/12/29 01:09:02)	add CAT-Web section
# CipUX upstream release installation on Debian

This guide describes the installation of the CipUX middleware and the XML-RPC
server from the released made available at http://release.cipux.org.

## Versions

    2010-07-18 by Christian Kuelker - v0.1
    2010-08-06 by Christian Kuelker - v0.2
    2010-11-12 by Christian Kuelker - v0.3


## Install medium

    Debian: Debian-Squeeze, Debian-Lenny


## Prerequisites

### Installing basic software

    aptitude update
    aptitude install make gcc gettext libpam0g-dev libssl-dev \
    libexpat1-dev subversion libcpanplus-perl ldap-utils

On some systems (for example Debian) you might have problems building some Perl
modules from scratch. You can however install them via the package manager to
avoid this problem.

    aptitude install libtest-harness-perl libmodule-build-perl \
    libyaml-perl libdate-manip-perl

To use CipUX on Debian (not Debian-Edu) you need an LDAP server and

    aptitude install libnss-ldapd libnss-ldap slapd


# Installation of the CipUX Build environment

## Update of CPANPLUS

    perl -e 'use CPANPLUS;use CPANPLUS::Backend;$b=CPANPLUS::Backend->new;$c=$b->configure_object;$c->set_conf(verbose=>1);$c->set_conf(prereqs=>1);$c->set_conf(prefer_makefile=>0);$s=$b->selfupdate_object;$o0=$s->selfupdate(update=>"core",latest=>1);'

## Configuration of CPANPLUS

    perl -e 'use CPANPLUS;use CPANPLUS::Backend;$b=CPANPLUS::Backend->new;$c=$b->configure_object;$c->set_conf(verbose=>1);$c->set_conf(prereqs=>1);$c->set_conf(prefer_makefile=>0);$b->save_state;$i=$b->add_custom_source(uri=>"http://release.cipux.org",verbose=>1);$o1=$b->reload_indices;$b->install(modules=>[qw(Module::Build::CipUX)]);'

# Installation of CipUX Middleware from upstream release

    perl -e 'use CPANPLUS;use CPANPLUS::Backend;$b=CPANPLUS::Backend->new;$c=$b->configure_object;$c->set_conf(verbose=>1);$c->set_conf(prereqs=>1);$c->set_conf(prefer_makefile=>0);$b->save_state;$b->install(modules=>[qw(CipUX CipUX::Storage CipUX::Storage::LDAP CipUX::Object CipUX::Task)]);'

After installation, there is the need to fix some issues.

The following files are needed to kick start the CipUX objects in the LDAP
server.

    mkdir -p /usr/share/doc/libcipux-storage-perl/examples/debian/
    cd /usr/share/doc/libcipux-storage-perl/examples
    svn co svn://svn.debian.org/cipux/trunk/cipux-core/storage/src/doc/debian

Set the environment variable BASEDN to your base DN and add the
organizational unit of CipUX. It can be for example:

    export BASEDN=ou=CipUX,dc=nodomain

Then find out your admin account DN and do likewise. It can be something
else, for example:

    export ADMINDN=cn=admin,dc=nodomain

Now add this object to the database.

    export cipuxrootpw="$(perl -e 'print map{("a".."z","A".."Z",0..9)[int(rand(62))]}(1..16)')"

    perl -pe 's/\@PW\@/$ENV{"cipuxrootpw"}/;s/\@BASEDN\@/$ENV{"BASEDN"}/'  /usr/share/doc/libcipux-storage-perl/examples/debian/cipux.ldif|ldapadd -xWZD $ADMINDN

    cat /usr/share/doc/libcipux-storage-perl/examples/debian/cipuxroot.ldif|sed "s/@PW@/$cipuxrootpw/"|sed "s/@BASEDN@/$BASEDN/"|ldapadd -xWZD $ADMINDN


Stop OpenLDAP:

    invoke-rc.d slapd stop

Include CipUX schema

    perl -i -p0e '$t="CipUX schema";$s="include\t\t/etc/cipux/ldap/schema/cipux.schema\ninclude\t\t/etc/cipux/ldap/schema/courier.schema\ninclude\t\t/etc/cipux/ldap/schema/lis.schema";s!^[ \t#]*(BEGIN $t).*[ \t#]*(END $t)[ \t]*$!# $1\n$s\n# $2!ms or s!^((.*\n)?[ \t]*include[ \t]*\S*\.schema[ \t]*\n)!$1\n# BEGIN $t\n$s\n# END $t\n!s or exit 1' $(readlink -f /etc/ldap/slapd.conf)

Copy ACL Rules:

    cat /usr/share/doc/cipux-storage-ldap/example/slapd_acl_cipuxroot.conf|sed "s/@BASEDN@/$BASEDN/" > /etc/cipux/ldap/slapd_acl_cipuxroot.conf

Include ACL Rules:

    perl -i -p0e '$t="CipUX ACL";$s="include /etc/cipux/ldap/slapd_acl_cipuxroot.conf";s!^[ \t#]*(BEGIN $t).*[ \t#]*(END $t)[ \t]*$!# $1\n$s\n# $2!ms or s!((\n[ \t]*#.*)*\naccess[ \t])!\n# BEGIN $t\n$s\n# END $t\n$1! or exit 1' $(readlink -f /etc/ldap/slapd.conf)

Create a CipUX trust account on OpenLDAP:

    cat /usr/share/cipux/etc/cipux-access.ini|sed "s/ou=CipUX,dc=example,dc=org/$BASEDN/"|sed "s/dc=example,dc=org/$BASEDN/" > /etc/cipux/cipux-access.ini
    chown root:root /etc/cipux/cipux-access.ini
    chmod u=rw,go= /etc/cipux/cipux-access.ini
    perl -i -pe "s/[ \t]*#([ \t]*password[ \t]*=).*/\$1\$ENV{'cipuxrootpw'}/" /etc/cipux/cipux-access.ini

    unset cipuxrootpw

Start OpenLDAP:

    invoke-rc.d slapd start

Create organisational units:

    if [ -e t.ldif ];then rm t.ldif;fi;touch t.ldif;for i in user group cat task room; do cat /usr/share/doc/libcipux-storage-perl/examples/debian/$i.ldif|sed "s/@BASEDN@/$BASEDN/" >> t.ldif;echo "" >> t.ldif; done; cat t.ldif|ldapadd -xWZD $ADMINDN; rm t.ldif

Create cipadmin object. In this example we use "pw" as password. Please use another one.

    export cipadminpw=pw

    cat /usr/share/doc/libcipux-storage-perl/examples/debian/cipadmin-group.ldif|sed "s/@BASEDN@/$BASEDN/"|ldapadd -xWZD $ADMINDN

    perl -pe 's/\@PW\@/$ENV{"cipadminpw"}/;s/\@BASEDN\@/$ENV{"BASEDN"}/' /usr/share/doc/libcipux-storage-perl/examples/debian/cipadmin-user.ldif|ldapadd -xWZD $ADMINDN

    unset cipadminpw

## Installing CipUX task tools

Create role accounts

    for i in admin teacher student professor assistant pupil tutor lecturer; \
    do  cipux_task_client -t cipux_task_create_role_account -o $i; done

Add cipadmin to group admins

    cipux_task_client -t cipux_task_add_member_to_role_account -o admin -x value=cipadmin


# Installing CipUX-RPC Server on top of the Middleware

    perl -e 'use CPANPLUS;use CPANPLUS::Backend;$b=CPANPLUS::Backend->new;$c=$b->configure_object;$c->set_conf(verbose=>1);$c->set_conf(prereqs=>1);$c->set_conf(prefer_makefile=>0);$o1=$b->reload_indices;$b->install(modules=>[qw(CipUX::RPC)]);'

Start CipUX rpcd server

    invoke-rc.d cipux-rpcd start


# Configuring PAM

## Debian Lenny

The following data should be considered correct for your installation if you
choose BASEDN=ou=CipUX,dc=nodomain, otherwise you should adopt the changes to
your BASEDN.

    uri ldap://127.0.0.1
    base ou=CipUX,dc=nodomain
    rootbinddn cn=admin,dc=nodomain

    passwd:         compat ldap
    group:          compat ldap


Please verify that if one of the following files exists it contains the correct
values.

    /etc/libnss-ldap.conf
    /etc/pam-ldap.conf
    /etc/nsswitch.conf
    /etc/nss-ldapd.conf

You have to have a working PAM for CipUX. CipUX will use PAM for authentication. Please test your PAM setup

# CipUX-CAT-Web

     perl -e 'use CPANPLUS;use CPANPLUS::Backend;$b=CPANPLUS::Backend->new;$c=$b->configure_object;$c->set_conf(verbose=>1);$c->set_conf(prereqs=>1);$c->set_conf(prefer_makefile=>0);$o1=$b->reload_indices;$b->install(modules=>[qw(CipUX::CAT::Web CipUX::CAT::Web::Module::UserList CipUX::CAT::Web::Module::SelfPassword)]);'
Repository List / CipUX / trunk / cipux-core / / cipux / src / doc / install / debian / cipux_release_installation.mkd @ HEAD
