The installation of the platform itself is easier on Mandrake or RedHat, because you can use RPMs, so no build are needed. Still There was some hard problems for SSL module to launch, new hosts to be taken in account in DNS, and so on, but there are particular to the configuration, I guess.
Only the postgres must be updated from the .org site, since 7.2 contains only postgres 7.1.
Note that all services should be started. Then there are a number of check of each with the web server, if you didn't use them yet. Each of the package is well documented. None of the packaged software there need to configure, build and install, which makes it rather a breeze.
As Mandrake is based on Red Hat, it use the same packaging, and all rpms works in principle.
For postgres, I took a rpm under a Mandrake dir, so I suppose there is indeed some differences...
The real problem after, is that not knowing a lot about these tools, even though you have them installed and running by pushing one button, it is difficult to spot even simple problems, and you will always have some.
For this platform, the most vexing issue was to get openssl running
with apache. see below.
By reusing and adapting scripts in the debian package and sf-genericinst,
it should be possible to have an automated installation on Mandrake.
The benefit of this package is to include some corrections, and some extra files needed.
For now the content of the rpm (release 1) is :
Each package define the required package to get running. It contains the files, paths and access rights, as well as scripts to execute at different phase of installation (pre, post...). You can built source packages and binary packages. In the case of source forge, it doesnot make any sense yet, since the code is interpreted, except for one small c program needed for a suid. RPM does like other package system (HP Software depot is far more complex, but does this the same way): It will test the dependancies and inform you of the problems. urpmi handle the dependancies to install all needed packages as one step. Also, it use a databse to know where the packages are lcoated, so that you just have to put the CD in the drive. It can be used from the command line or using a GUI, rpmdrake or krpm. Here's the spec file that I built for sourceforge. file sourceforge.spec (for your curiosity)
Summary: SourceForge Open Source Software Development web site Name: sourceforge Version: 2.5 Release: 1 Copyright: VA Linux GPL Packager: Yves Bardout URL: http://sf-genericinst.sourceforge.net Group: Network/WWW Prefix: /home/dev/SF2.5mdk Prefix: /var/www Requires: apache >= 1.3.6, openssl >= 0.9.4, mod_ssl >= 2.4.10, MySQL >= 3.22.25, postgresql >= 7.1 Requires: php >= 4.0, python >= 1.3, perl, cvs, %description SourceForge is a community for open source software development offering easy access to the best in web hosted project, including version control, mailing lists, change tracking, message boards/forums, task management, site hosting, permanent file archival, full backups, and total web-based administration. It is relocatable from the prefixes: /home/dev/SF2.5mdk/ %files "/home/dev/SF2.5mdk/"
rpm --relocate /home/dev/SF2.5mdk=newpath sourceforge-2.5-1.i686.rpm
History from my install :
Tool | Source Forge
request |
Option | Mandrake 7.2 (.rpm) |
---|---|---|---|
apache | 1.3.9 | 1.3.6 | |
openssl | 0.9.4 | yes | 0.9.5a-8mdk |
mod_ssl | 2.4.10-1.3.9 | yes | 2.6.6-1mdk |
MySQL | 3.22.25 | 3.22.29 (client 3.22.30 in PHP) | |
php | 4.0 | 4.0.4pl1 (download 1/11/01) | |
postgresql | 7.1Beta | 7.1-1mdk.i586 for Mandrake7.2 (download) (1) | |
cvs | 1_11 | 1.1.0.8-6mdk | |
cvsweb | 1_93 | 1.93-2mdk.noarch | |
python | 1.5.2-12mdk | ||
mailman | 2.0.1 | 2.0.6.tgz (download 7/29/01) | |
proftpd | 1.2.0rc2 | yes | 1.2.2rc2-1 (download 7/29/01) (2) |
openldap | 2.0.7 | yes | 1.2.9-7mdk |
ldapexplorer | 1.16 | yes |
/etc/local.inc
php.ini PATH .:/<SF>/web/include
follows INSTALL with mysql for dynamic module:
srm.conf: addtype
.php3
test: mysql Webadmin mysqlwebadm
/etc/rc.d/rc1.d/K90postgresql -> /etc/init.d/postgresql /etc/rc.d/rc2.d/S90postgresql -> /etc/init.d/postgresql /etc/rc.d/rc3.d/S90postgresql -> /etc/init.d/postgresql /etc/rc.d/rc4.d/S90postgresql -> /etc/init.d/postgresql /etc/rc.d/rc5.d/S90postgresql -> /etc/init.d/postgresqlYou can start/stop it with
service postgresql start/stop/statusyou can test it with provided test package, or just call a client:
su postgres; psqlYou shall see the steps in SF2.5 install to get the database setup and the web site and backend connect to it. When you installed postgres from an RPM, the -i option which allows TCP/IP connections is generally not on by default. My solution is to avoid IP connection, and use unix socket when running a single box.
mkdir <your cvsroot>; ln -s <your cvsroot> /cvsroot
openssl s_client -connect <yourdomain>:443
(See SLL docs)
The issue is that the ssl module will try to write a mutex lock into the log directory, and apache will spawn processes in a loop, so that any connection to the web server is blocked. The apache daemon runs as apache, but fork children as nobody this works for http, but make the web server hang on a request on https no more request (http or https) are answered after that. in the error.log, loops with :
child cannot open ssl MUTEX lock file /var/log/httpd/ssl_mutex.<pid>"
I tried chmod a+rw /var/log/httpd/
and it keeps going back to perm only for owner, at each restart. reload
does not help.
There is a chmod in /etc/init.d/httpd that is documented "This
is a hack for the broken MSEC"
HACK (INSECURE): I commented out the hack and let the directory open:
TO STUDY: which user should apache run and who should own the
directory ?
mkdir /sfcache
mkdir <ftproot>/incoming
list all differences: See rpl.log for substitutions.
ServerType inetd
<Anonymous /var/ftp>
User ftp
Group ftp
UserAlias anonymous ftp
Note that the configuration is quite minimal. There was more in the wu-ftp
configuration for security. Need to work on the setup to set limit on #
users, on allowed actions, ...
$sys_use_ldap=0;
cd $SF/cronjobs perl -pi -e "s:/usr/local/bin/php:/usr/bin/php:g" *.php#!/usr/local/bin/php --- > #!/usr/bin/php