[LON-CAPA-announce] New version released - LON-CAPA 2.11.3

Raeburn, Stuart raeburn at msu.edu
Thu Mar 18 00:04:10 EDT 2021

New Version 2.11.3 released.

Update of 2.11.2 installations to 2.11.3 is highly recommended.

It is recommended that domains update from earlier versions, as this new release 
features over a hundred enhancements/bug fixes (see details below), including a 
number of security-related changes.

Changes from 2.11.2

Student Interface
 - Breadcrumb trail with clickable links for folder hierarchy shown for display
   of a resource in course context. (Clicking the folder name displays truncated 
   Course Contents listing, with just the items in that folder listed).
 - No "Groups" item shown in inline menu for users with unprivileged course roles,
   if all group home pages are hidden, and no group tools are enabled.
 - Default math renderer is a domain configuration (can be set to MathJax).
 - When a browser sends a LON-CAPA cookie for an expired session, user will be
   redirected to portal URL for user's domain (for re-authentication).
 - Availability of "Check for changes" link on Courses page is advertised as a
   way to update courses list (in case where no courses are currently listed).
 - If user's course session is stale, and needs updating when page-flip action, 
   student's view of grades, or contents listing were requested, a message and 
   progress bar are shown until update is complete.
 - When uploading a file, client-side checking occurs to see if the size of the 
   file to be uploaded will exceed amount allowed, or space available, for:
   (a) Attachments to LON-CAPA messages, (b) Portfolio files, 
   (c) Drop-box problems, (d) Helpdesk requests (authenticated users),
   (e) Uploads to RSS feeds.
 - For servers using Apache/SSL where External Resource points at http:// URL,
   or syllabus is configured to use an external http:// URL, query string for
   links contains usehttp=1, unless server has Strict-Transport-Security set
   for Apache (with max-age > 0).
 - Course contents listing includes information for resources with a reservation, 
   if after start time, and proctor check-in of the user is still needed.
 - Warning displayed if storage of first access time fails after pushing "Show 
   Resource" button to start timer (error also logged).
 - New users creating accounts can be prompted to choose affiliation (e.g., 
   student, other etc. (defined in domain configuration).
 - Rules for length and/or characters in a LON-CAPA password (internal auth)
   checked client-side and server-side when a user self-creates a user account.
 - Web form used to request new user account prompts for appropriate responses
   depending on self-reported status, and e-mail and username constraints.
 - Feedback for submission which does not satisfy sigfig requirements is now:
   "Use more significant figures", or "Use fewer significant figures.
 - When "Show Problem Status" in effect is "no", and submission is outside
   permitted sigfig range, an orange background is used for the feedback: 
   "Submission not graded ..."
 - If resource(s) in a "composite page" include CSS file dependencies, link(s)
   to the file(s) are included when rendering the page for the web target.

Course Management
 - Content Grading and Individual Points Overview items added to "Grades"
   drop-down list for course personnel.
   - Content Grading allows selection of item to grade.
   - Individual Points Overview includes "Select User" link and "Display 
     Individual Student" button for display of a student's view of grades.
 - Instructors with section-specific role may only modify parameters at section 
   level (for that section), or specific user level (for students in the section).
 - Instructor role can only set/delete/display group-level parameters for groups
   to which the instructor belongs.
 - Parameter setting via table mode for specific users available for users with
   both student and non-student roles.
 - Client-side check used to determine if size of a file uploaded into a course 
   (via Course Editor) will exceed course quota.
 - Blank Web Page (editable) available in "Other" category for Composite page.
 - Simple pages and discussion boards (without posts) can be copied within a 
   course, and between courses using the clipboard.
 - Simple problems can be copied within a course, and between courses using 
   the clipboard. Submission/grade data are not copied.
 - Use of an External Resource URL which includes an anchor will cause page 
   to be loaded in iframe at anchor position.
 - Gracefully handle display (and preview) for External Resources for which
   Content-Security-Policy or X-Frame-Options prevent display in iframe in LC.
   Result of frame-ability check is cached for 1 hour.
 - In course context the Functions menu will include a "View source" item/icon
   for a published assessment item, when the user does not have rights to edit,
   but one of the following is true:
   (a) user's role has privilege to "Copy resources", and content has source set 
       to "open",
   (b) user has privilege to "View XML of assessments in course where a
       course owner/co-owner is author/co-author of content (same domain) and:
       (i) the privilege is from a custom helpdesk role defined in domain, or     
       (ii) the content has source set to "open".
       This privilege is assignable to custom roles, including ad hoc custom
       roles made available to users with a domain helpdesk role.
 - Instructor role can now upload bubblesheet data file to a course.
 - "Verify Content" in Course Editor has option to check if files replicated 
   from another domain are outdated.
 - "Student Submission Reports" include submissions for response items included
   in library files imported into a published problem.
 - Assessment chart now shows appropriate possible points total when folder uses
   randompick and all items included in folder carry equal points.
 - When a csv file of users is uploaded, error messages are displayed in the
   case of (a) an invalid datatoken, or (b) invalid home server for new users,
   In (a) user is prompted to re-upload the file; in (b) user is prompted to
   select default domain again.
 - Course Owner can change a student's password if:
   (a) domain configuration set for this action,
   (b) same domain is used by owner, course, and student,
   (c) student has no active or future roles besides student role in courses
       owned by the course owner making the change,
   (d) course container is not a Community.
   (e) owner is course coordinator in the course,
   (f) setting to disable this action has not been set for the specific course. 
 - "Student Submission Reports" can now include submissions for imported 
   response items.
 - Date range of slot exclusion can be set for "instructor-assigned" slots.
 - Users assigned instructor role can download zip file of submitted files.
 - Last activity data for course's users from servers in course's domain 
   available on "What's New" page.
 - Links to problems in "Problems requiring handgrading" section of
   "What's New" page jump directly to grading.
 - External resource(s) in a composite page: (a) can include an anchor,
   (b) can be displayed if hidden URL is set, (c) will be displayed as a
   link, not iframe, on (i) mobile devices, (ii) if resource's
   server has Content-Security-Policy or X-Frame-Options set to prevent
   iframe use, or (iii) URL is http, but LON-CAPA page is served https.
 - Eliminate 1hr offset in Begin and End times in both table and plot in
   Submission Time Plots.

 - Changes to top level of Grading Interface
   - Receipt verification via "Verify Receipt Number" in Automated Grading.
   - Access to submissions download moved up to: Download submissions.
   - Content Grading allows selection of item to grade.
 - Keywords list menu only shown if selected problem contains one or more
   essayresponse items.
 - Table of options for grading individual students:
   (a) Send Messages - include ability to send message (default is "Yes"
      if selected problem contains an essayresponse item, "No" otherwise).
   (b) Check For Plagiarism - only shown if selected problem contains
       essayresponse item.
 - If problem has file upload items (in essayresponse) in multiple parts
   can select which parts to include when downloading submitted files.
 - Slot status is ignored when rendering content in grading interface for
   "View of the problem for user" and "Correct answer for user" boxes.
 - Tex within <m> </m> tags is rendered when displaying a student's submission 
   for an essayresponse item in the grading interface.
 - Upload of session data for iClicker 7 (also named iClicker Classic) supported.
 - "Check For Plagiarism" is supported for submissions to Simple Problem
   (Essay-open ended). Similarity checking only for submissions in same course.
 - The drop-down list to filter for "Group" now works for the choice:
   "Grade page/folder for one student".
 - If student's view of resource(s) included when displaying submissions in
   grading interface, link tag(s) for CSS file dependencies are now included.

 - Permitted file size increased from 128kB to 1 MB for attachment to messages.
 - Attachment size for files uploaded to help request form can be configured 
   for domain. 
 - Web view of LON-CAPA messages includes word-wrap to improve display of messages
   composed using browsers which ignored wrap="hard" attribute in textarea tag.

 - Settings item in inline menu in Authoring Space provides access to
   preferences for (a) use of CodeMirror, and (b) ad hoc co-author access for DCs.
 - Client-side check determines if size of file to upload exceeds disk space 
   in the author/co-author's Authoring Space.
 - Support for retrypartial parameter included in &check_status() function.
 - numericalresponse with answergroup supports $ (dollar) as a unit.
 - &conv_eng_format() function in a script block generates answer and 
   unit in engineering format for a numericalresponse tag
 - Better error messages about "Computer's answer" where unit includes
   $ or , (in numericalresponse), and format lacks that character.
 - Prevent javascript error from argument in saveScrollPosition(), when buttons 
   are pressed, when filename includes single quotes(s).
 - If questiontype = randomizetry is in effect in Authoring Space:
   (a) Check for randomizeontries parameter when displaying in Authoring Space,
   (b) Include "New Problem Variation ... " header, if no parts,
   (c) Include "New Question Variation ... " header for each part, if parts,
   (d) Include "No Question Variation ... " header for each part where 
       randomizetry not in use, when it is in use for at least 1 other part.
 - When creating a file, include an intermediate confirmation screen when 
   changes were made automatically to path, directory and/or filename proposed 
   by user.
 - When uploading a file to Authoring Space: 
   (a) Remove characters which are not allowed.
   (b) Replace pattern: .number.extension with _letter.extension
   (c) Include feedback to user about changes made.
 - Dynamic plots with gnuplot:
   (a) tic-mark label numerical format specifiers can now include multiples 
       of Pi with optional text: pi (rendered as the greek symbol).
   (b) Colors for the border, grid and background are now supported when
       printing (gnuplot 4.6 and later) if "Color setting for printing" 
       set to color or colour.
 - Complex data structures, e.g., $hash{a}{b}{c} defined in a script block
   are evaluated when referenced within a text block.
 - Warning displayed if <m> tag is used without math delimiters.

Domain Coordination/Domain Settings
 - Domain config for load balancer to use cookie to record offload target.
   Subsequent requests by same user/browser will send requests to same target,
   if remote session still active, and remote node not overloaded.
 - Domain configuration to override domain's helpdesk settings for e-mail
   recipients, and optionally added text, based on requester's affiliation
   (e.g., faculty, staff or student).
 - Domain configuration for nightly status check email
   - Whether error/status email should be sent to the core development group
   - Weights to use when computing total error count
   - Error count thresholds for sending status email
   - Can exclude specific servers from contributing to "Unsent" updates total.
 - loncron will check for changes in IP addresses of LON-CAPA hosts in network.
   Domain configuration for recipient of e-mail if changes detected in IP 
   addresses for other LON-CAPA hosts.
 - Course categories defined in a domain are cached for 1 hour; cache is
   devalidated if categories are changed by DC.
 - Self-cataloging of courses based on institutional code is cached for 1 hour.
 - Self-creation of user accounts using e-mail verification.
   (a) User can be prompted to choose affiliation (e.g., instructor, student,
       other etc.),
   (b) User can be given option to choose a username, while e-mail address
       still used for verification. A required e-mail domain can be set.  
 - Domain Coordinator can display user-selected status and user's e-mail
   address when choosing to approve queued user account requests.
 - Domain Coordinator can upload custom HTML mark-up into the head block of 
   the log-in page for different domains on a multi-domain server.
 - Domain configuration for Passwords for internally authenticated users.
   (a) Options for "Forgot Password" utility: link lifetime, case sensitivity,
       information required, e-mail types, custom text, use of "captcha".
   (b) Options for encryption of Stored Passwords (moved from "Defaults" menu),
   (c) Rules for LON-CAPA Passwords (length, characters, reuse),
   (d) Option for Course Owner to change student's password (with conditions).
 - Domain configuration for bubblesheet data upload formats now includes csv.
   Uploaded CSV data will be converted to (.dat) format specified in format
   file, according to specified column order, and settings for:
    (a) Delete first line (column titles) Y/N,
    (b) Remove leading white space except question responses Y/N,
    (c) Pad PaperID with leading zeroes, up to PaperIDlength Y/N.
 - Domain configuration to set default math renderer for <m> tag content.
 - Domain configuration for which status types can be self-reported by 
   requesters using e-mail verification moved from
   "Default authentication/language/timezone/portal/types" panel to
   "Users self-creating accounts" panel.
 - Domain configuration to offload users from other institutions, on next
   access (after recording any submission to a problem).
 - Domain Coordinator can change password for existing user when assigning
   a student role in a course (in domain context only).
 - Command line script (unsubresources.pl) in debug tools for use when 
   removing surplus access nodes from a domain. 

 - Bubbles are vertically aligned in printouts for radiobutton response items.
 - HTML entities: ℰ and ℰ are mapped to \mathcal{E}, 
   available from the (loaded) amssymb package.
 - Links are launched as modal pop-ups for resources listed in the 
   "Select Resource(s) to print" table.
 - Printouts of external resources include title of item in course, and link
   unless encrypturl is set to yes for the resource.

 - Updates to German translations.

 - Document how students can reserve access in advance to content at a
   particular time and/or place.
 - Document how LON-CAPA handles display of External Resources for which
   the remote server's policies prevent display in an iframe.
 - Fix mismatch between link and filename for Script Functions help item.
 - Add information about &conv_eng_format() to Script Functions help item.
 - Add information about syntax for complex numbers (LONCAPA::LCMathComplex)
   to Script Functions help item.
 - The need to enable dav and dav_fs modules when using webDAV with Ubuntu is
   included in the domain coordination documentation.
 - A generic module name is replaced with the name of Apereo CAS project's 
   mod_auth_cas Apache module in the domain coordination documentation.
 - Document updated top level grading screen.
 - Document use of conditions when authoring sequences using Advanced Editor.

Third-party modules
 - MathJax updated to 2.7.4.
 - jquery updated to 3.2.1 and jquery-ui to 1.12.1.

 - Use 'secure' attribute for session cookie on servers using Apache/SSL.
 - Speed-ups for search by reducing duration of sleeps.
 - Improve robustness of grading formularesponse with sampling.
 - Command line script in /home/httpd/perl/debug/ for use in finding 
   instances where modification date of a published file post-dates 
   corresponding file in Authoring Space.
 - Checking if enrollment data can be accessed for a course uses a single
   call to localenroll::check_instclasses(), mediated via lonnet/lond.
 - Args passed to &Math::Random::random_set_seed() need to be within bounds, 
   otherwise &Math::Random::random_set_seed_from_phrase() is used.
 - Support <randomlist> around parts in bubblesheet grading with CODEs.
 - Eliminate "Unescaped left brace in regex" errors in perl 5.26.
 - Eliminate "undefined symbol: yywrap" error in capa.so on perl 5.26.
 - Support perl 5.26 and later (in which '.' is no longer in @INC).
 - systemd (not SysV) runs loncontrol for stop/start/restart LON-CAPA daemons
   for SLES 15, Ubuntu 18 & 20 LTS, Fedora 26-33, RHEL/CentOS 8, Oracle 7 & 8 
 - Dynamic management of LON-CAPA port 5663 compatible with firewalld.
 - Command: "loncron --justiptables" will update dynamic iptables rules for 
   lond port, and nothing else.
 - Replace use of mailto (metamail package) with mail command.
 - Skip tailing daemon logs when calling context does not update lon-status.
 - If replication fails when retrieving an resource which has been updated,
   unsubscribe and remove the existing file, as it's no longer current.
 - Devalidate cache for self-cataloging of courses, based on institutional
   code for institution's nodes, when creating an "official" course.
 - Include Math::Calculus::Expression in perl Safe space, to support
   parsing of an algebraic expression into a tree structure.
 - Additional Microsoft file extensions for 11 macro-enabled file types.
 - Fix ranges used in array slices to compute degree of discrimination.
 - For &rank_students_by_scores_on_resources() a secondary sort
   (arbitrarily chosen to be by username) is included so rank for users 
   with the same score is invariant between calls.
 - Exclude invalid characters from MySQL table names created by
 - For uploaded files, modify the filename as follows:
   (a) Replace a non-ascii character in the filename of uploaded file with an
       appropriate ascii character (if available).
   (b) If lonnet::clean_filename() reduces filename to .extension, prepend
       milliseconds part of current UNIX time.
 - Suppress "Use of uninitialized value" (Config.pm line 62) warnings in logs
   from reval of perl special hash: %!, in call to &Apache::run::dump()
   when creating ScriptVars display for answer target.
 - Initialize globals before loading a course's maps to eliminate unwanted 
   randomization in ordering of resources in a folder.
 - Gnuplot 5.0 and later are supported.
 - Switching user session to a different server can jump to the same resource
   currently being viewed even when encrypturl is in effect.
 - Accommodate Apache 2.4 updated to address CVE-2019-0220, in which
   multiple consecutive slashes are collapsed into a single slash.
 - URL for external resources in uploaded .page ("Composite page") changed
   to begin /ext/ (but are not wrapped).
 - Proctor check-in to a slot: (a) leading and trailing space(s) removed
   from submitted proctor username; (b) autocomplete="off" set for 
   Proctor Username, Password, and Domain in Proctor Validation form.
 - Send HTTP header when displaying "no server available to host" page.

Other bug fixes
 - Remove final line feed for xlsm, docm and pptm files so uploaded
   file contains same number of bytes as original file. Microsoft Office
   applications should no longer prompt user to "repair" file after download.
 - Section switching no longer results in logging of duplicate adds.
 - Ensure uniqueness of javascript function name for Previous Tries 
   modal pop-up.
 - Eliminate javascript error in composite page containing optionresponse.
 - Fix typo causing an ISE for co-author access to webDAV.
 - Prevent saving "Course Settings" ("General course settings" displayed)
   from deleting externalsyllabus URL.
 - Trap invalid date error in DateTime.pm during date shift when cloning
   a course.
 - "Limit by time" filter now works in Overall Problem Statistics for 
   "%Wrng (plot)".
 - Creation of course(s) by upload of an XML file containing course 
   attributes; if created, xml file moved from pending to processed directory.
 - Fix javascript used to loop over checkboxes for institutional types
   when configuring self-enrollment in a course.
 - Link to param setting from Course Contents screen needs entity encoding
   for single quote(s) for case where resource URL contains a single quote.
 - Display of links to messages in which subjects contain : requires escaping
   the $msgid.
 - Prevent ISE in first print helper screen when checking printability of
   current resource if no resource object.
 - Handle case where /adm/printout is called outside context of a resource.
 - Reinstate "Submit all" functionality in multi-part problems in composite 
 - Support optionresponse using checkboxes instead of select boxes in 
   composite page.
 - URLs containing + can now be viewed in modal pop-up in Course Editor.
 - Source XML for URLs containing special characters can now be viewed in 
   pop-up window.
 - Support student changing of a reservation where slot being added and slot
   being dropped both have exclusivity ranges which overlap.
 - Speed up course loading and Course Contents display for users without adv
   priv where course contains several hidden folders and/or sub-folders.
 - Month(s) selected for "Last modified between" and/or "Created between"
   filters when searching content repository processed correctly.
 - Pass data for crosslisted courses specified in course requests to batch
   course creation.
 - "Paste Selection to List" in Keyword highlighting for essayresponse items
   requires conversion of object to string to eliminate javascript error.
 - Rewrite src attributes for uploaded files in composite pages when cloning.
 - When temporary content blocking is in use for a quiz/exam, determination
   of whether access should be blocked and why more robust for resources
   with multiple instances in a course, and for resource dependencies.
 - Content blocking check now supported for (a) uploaded PDFs, (b) files that
   require /adm/coursedocs/showdoc/, and (c) Student-viewable course roster.
 - When server is unavailable for login because of local lonc/lond problem:
   list of other potential servers features "preferred" servers first.
 - Length of insert statement should not exceed max_allowed_packet size when
   making SQL inserts into md5_*_responsedata and md5_*_parameter tables.
 - Store placeholder in place of actual submission in md5_*_responsedata and
   md5_*_parameter tables if length of submission > max_allowed_packet size.

Supported Linux Distributions
 - CentOS 8 added
 - RHEL 8 added
 - SLES 15 added
 - Ubuntu 18.04 LTS, 20.04 LTS added
 - Oracle Linux 6, 7, 8 added
 - Fedora 26 - 33 added

Specific enhancement requests/bugs addressed: (see http://bugs.loncapa.org)
876, 5349, 5439, 5718, 5895, 5915, 6215, 6347, 6601, 6648, 6656, 6662, 6724, 
6750, 6780, 6791, 6792, 6794, 6798, 6806, 6825, 6835, 6844, 6846, 6854, 6855, 
6859, 6860, 6862, 6863, 6867, 6873, 6881, 6883, 6885, 6889, 6890, 6899, 6900, 
6901, 6903, 6910, 6911, 6917, 6921, 6922, 6925, 6932, 6936, 6938, 6941, 6943,
6944, 6945, 6949

Installation Notes:
To use this release you need to have version 1-26 of LONCAPA-prerequisites

To install this update:

1) You will need to be running CentOS 6, 7 or 8; Scientific Linux 6 or 7;
RHEL 5, 6, 7 or 8; Oracle Linux 6, 7 or 8; SLES 11, 12, or 15;
Ubuntu LTS 14, 16, 18 or 20; or Fedora 25 - 33.

(CentOS/Scientific Linux 5, SLES 10, Ubuntu LTS 12, Fedora 16 - 24, and
SuSE 13.1 - 13.2 should continue to work, but are deprecated).

You will need to be root to use the commands listed at steps 1(a) - 1(d) and
2 to 11 below. On Ubuntu LTS servers either prepend sudo for each command, or
use sudo -i.

To accompany the 2.11.3 release, the GPG key used for LON-CAPA's repositories
has been updated to reflect modern standards.  If you installed LON-CAPA 2.11,2
or earlier, and have not already updated the GPG key, it is recommended to clear
cached packages previously downloaded from the LON-CAPA repository for your Linux
distro, before removing the old GPG key and importing the new one.

(a) You can display the currently installed LON-CAPA package signing GPG key as follows:

(i) CentOS/RHEL/Scientific Linux/Fedora/SLES
rpm -q gpg-pubkey --qf '%{VERSION}\t%{SUMMARY}\n' |grep LON

(ii) Ubuntu
sudo apt-key list

The GPG key used in 2020 and earlier is:
155cf773    MSU LON-CAPA group (LON-CAPA installer) <lon-capa at lon-capa.org>

(b) Clear the cache and import the new GPG key as follows:

(i) CentOS
yum clean all --disablerepo="*" --enablerepo=loncapa-updates-basearch --enablerepo=loncapa-updates-noarch
rpm -e gpg-pubkey-155cf773-431738a8
rpm --import http://install.loncapa.org/versions/centos/RPM-GPG-KEY-loncapa

(ii) RHEL
yum clean all --disablerepo="*" --enablerepo=loncapa-updates-basearch --enablerepo=loncapa-updates-noarch
rpm -e gpg-pubkey-155cf773-431738a8
rpm --import http://install.loncapa.org/versions/redhat/RPM-GPG-KEY-loncapa

(iii) Scientific Linux
yum clean all --disablerepo="*" --enablerepo=loncapa-updates-basearch --enablerepo=loncapa-updates-noarch
rpm -e gpg-pubkey-155cf773-431738a8
rpm --import http://install.loncapa.org/versions/scientific/RPM-GPG-KEY-loncapa

(iv) SuSE/SLES
zypper refresh 'LON-CAPA'

(v) Ubuntu
sudo apt-key del 155CF773
sudo apt-get clean
wget -O ~/APT-GPG-KEY-loncapa.asc https://install.loncapa.org/versions/ubuntu/APT-GPG-KEY-loncapa.asc
sudo apt-key add ~/APT-GPG-KEY-loncapa.asc

(vi) Fedora
yum clean all --disablerepo="*" --enablerepo=loncapa-updates-basearch --enablerepo=loncapa-updates-noarch
rpm -e gpg-pubkey-155cf773-431738a8
rpm --import http://install.loncapa.org/versions/fedora/RPM-GPG-KEY-loncapa

(c) After you have imported the new key for 2021 (and beyond)

(i)CentOS/RHEL/Scientific Linux/Fedora/SLES
rpm -q gpg-pubkey --qf '%{VERSION}\t%{SUMMARY}\n' |grep LON

will report:
c11f2266   LONCAPA Academic Consortium (Package signing) <certificate at loncapa.org>

(ii) Ubuntu
sudo apt-key list

will report:
pub   4096R/BF2CDADF 2018-06-17
uid   MSU LON-CAPA group (LONCAPA installer) <loncapa at loncapa.org>

(d) The EPEL repository is now used by LON-CAPA for CentOS/RHEL/Scientific Linux
6 and 7 (64 bit only), and epel-release is a dependency in LONCAPA-prerequisites 1-26
for CentOS/Scientific Linux 6 and 7 (64 bit only).

On CentOS/Scientific Linux 7 to add the repo you can use:
yum install epel-release

For RHEL use:
wget https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
yum install epel-release-latest-7.noarch.rpm

Note: if you are still running CentOS/Scientific Linux 6 (EOL was November 30 2020),
you would need to change the baseurl in /etc/yum.repos.d/epel.repo to point at:


and also change the baseurl in /etc/yum.repos.d/CentOS-Base.repo to point at:

That said you should update to a newer version of the distro as soon as you can.

If you are still running RHEL 6 (and have a subscription to the Extended Life Cycle Support
(ELS) Add-On, you would add the EPEL repo using:

wget https://archives.fedoraproject.org/pub/archive/epel/6/x86_64/epel-release-6-8.noarch.rpm
yum install epel-release-6-8.noarch.rpm

and would then need to change the baseurl in /etc/yum.repos.d/epel.repo, as described above.

If you previously used EPEL but disabled it, by setting enabled=0 for [epel] in
/etc/yum.repos.d/epel.repo, use a text editor to change that to enabled=1.

2) Update LONCAPA-prerequisites to 1-26

(a) CentOS/RHEL/Oracle Linux 8

dnf update

(b) CentOS/RHEL/Scientific Linux/Oracle Linux 5 - 7

yum update


yum repolist enabled 

to display currently enabled repos (which should include epel).


To refresh the LON-CAPA repository use:  zypper refresh -fdb
To update LONCAPA-prerequisites use: zypper update LONCAPA-prerequisites

(d) Ubuntu

sudo apt-get update
sudo apt-get upgrade

(e) Fedora 22 (and newer)

dnf update

(f) Fedora 21 (and older)

yum update

On all distributions, it is recommended that you check that you have
the correct version of LONCAPA-prerequisites installed before proceeding.

(i) CentOS/RHEL/Scientific Linux/Oracle Linux/Fedora/SLES/SuSE
rpm -q LONCAPA-prerequisites

should report:
(where X is a distro identifier e.g., centos7.lc)

(ii) Ubuntu
sudo dpkg -l loncapa-prerequisites

should report
ii loncapa-prerequisites 1.26-X
(where X is a version number which depends on Ubuntu distro)

Note: unlike its predecessors, LONCAPA-prerequisites 1-26 for
Red Hat/CentOS/Scientific Linux 6 and 7 replaces the dependency on  
R with a dependency on R-core. Accordingly, for those distros,
after updating to 1-26, you can use:

yum remove R R-core-devel R-devel R-java R-java-devel libMath-devel

and you can also use yum to remove java-1.8.0-openjdk and/or 
java-1.7.0-openjdk (which are R-java dependencies), unless you have
modified a standard LON-CAPA installation with packages which
themselves require java.

3) Download the new LON-CAPA tarball from
wget http://install.lon-capa.org/versions/loncapa-2.11.3.tar.gz

and untar it:
tar xzvf loncapa-2.11.3.tar.gz

4) stop the LON-CAPA system services

RHEL/CentOS 8, Oracle Linux 7 & 8, Ubuntu 18 & 20, SLES15, Fedora 26 (and newer)
/home/httpd/perl/loncontrol stop

Other distros/versions:
/etc/init.d/loncontrol stop

5) stop the web server:

RHEL/CentOS/Oracle/Scientific Linux 7 (and newer)
systemctl stop httpd

Fedora 17 (and newer)
service httpd stop

Fedora 16 (and older), RHEL/CentOS/Scientific Linux/Oracle Linux 6 (and older)
/etc/init.d/httpd stop

SLES15, Ubuntu 18 and newer
systemctl stop apache2

SuSE 13.X, SLES12
service apache2 stop

SLES 11, Ubuntu 16 and older
/etc/init.d/apache2 stop

6) Run the UPDATE script as root
(Note: you will be asked to confirm that you wish to remove files
installed by older versions of LON-CAPA which are no longer used by 2.11.3).

cd loncapa-2.11.3

7) If you are updating a LON-CAPA library server from LON-CAPA version
2.10.1 or earlier, you will need to run a script to migrate Authoring 
Spaces in domain(s) hosted on the server from their old locations in:
/home/ to their new locations in /home/httpd/html/priv

To do this use the command:
perl /home/httpd/perl/debug/move_construction_spaces.pl move

Note: You can perform a dry-run, which will show what would happen, but will
not actually move anything, by omitting the "move" argument.

8) If your Apache web server has been configured to use SSL, and you have
included rewrite rules to rewrite all requests to http://<yourserver>/
to https://<yourserver>/ it is recommended you modify your rewrite rule to
(a) allow internal HEAD requests to /cgi-bin/mimetex.cgi to be served
http://, in order to support vertical alignment of mimetex images
(one of the options for rendering Math content); (b) allow requests
for certain URLs (external resource, annotations, and syllabus)
to be served http:// under certain conditions.

Starting with LON-CAPA 2.10, a config file containing rewrite
rules -- loncapa_rewrite.conf -- is added to /etc/httpd/conf
(CentOS, Red Hat, Scientific Linux, Oracle Linux, Fedora) or /etc/apache2 
(SLES, Ubuntu, Debian). By default, rewrites are set to off (using
RewriteEngine off).  If you already have you own rewrite rules in place
for http -> https you should either transfer them to loncapa_rewrite.conf, 
after completing the LON-CAPA update, or leave your existing file in place 
and comment out the entries in loncapa_rewrite.conf. Otherwise, if you are 
using SSL with Apache, and would like requests to http://<yourserver>/
to be rewritten to https://<yourserver>/, you should copy
rewrites/loncapa_rewrite_on.conf to loncapa_rewrite.conf to enable this.
The rules included in that config file do not rewrite internal
requests (i.e., from to https://, so vertical alignment
of mimetex images is supported. In 2.11 there are also rules to exclude
certain URLs from rewrites to https:// to avoid issues with 
mixed active content.

This 2.11.3 release includes updates to rewrites/loncapa_rewrite_on.conf 
and rewrites/loncapa_rewrite_off.conf.  If you have customized 
loncapa_rewrite.conf then you should edit that file to incorporate the
changes, which include addition of this condition in a couple of places:

RewriteCond %{QUERY_STRING} (^|&(amp;|))usehttp=1($|&)

If you have not customized the file, then to enable rewrites, copy 
rewrites/loncapa_rewrite_on.conf to loncapa_rewrite.conf 
or copy rewrites/loncapa_rewrite_off.conf to loncapa_rewrite.conf 
to disable rewrites.

If your Apache configuration includes Strict-Transport-Security 
with max-age > 0, then http to https rewrites will apply for all URLs, 
so vertical alignment of mimetex images will not be supported, and 
browsers will block mixed active content for external resources and/or 
an external syllabus that uses http within an iframe on an https page.

Once you have the rules for ^/adm/wrapper/ext/(?!https:) and
^/public/.*/syllabus$ in place in loncapa_rewrite.conf, unless you use
Strict-Transport-Security you should also add the following to your 
<VirtualHost *:443> </VirtualHost> block, (the "*" might be:
 _default_ or an IP address or *):

<IfModule mod_rewrite.c>
  RewriteEngine on
  RewriteCond %{HTTPS} =on
  RewriteCond %{REQUEST_URI} ^/adm/wrapper/ext/(?!https:\/\/)
  RewriteCond %{QUERY_STRING} (^|&(|amp;))usehttp=1($|&)
  RewriteRule ^/adm/wrapper/ext/(?!https:\/\/) http://%{HTTP_HOST}%{REQUEST_URI} [R,L,NE]
  RewriteCond %{REMOTE_ADDR}
  RewriteRule (.*) - [L]
  RewriteCond %{REMOTE_ADDR} <Server IP>
  RewriteRule (.*) - [L]
  RewriteCond %{REQUEST_URI} ^/public/.*/syllabus$
  RewriteCond %{QUERY_STRING} (^|&(|amp;))usehttp=1($|&)
  RewriteRule ^/public/.*/syllabus$ http://%{HTTP_HOST}%{REQUEST_URI} [R,L,NE]

replacing <Server IP> with the IP address of the server itself.

Note: this is only needed if you are using SSL (i.e., requests to
https://<yourserver>/ are supported) and you want to rewrite external
requests to http://<yourserver>/ to always use https://<yourserver>/
(with the exceptions noted above).

9) Note about /home/httpd/lib/perl/localenroll.pm
When you use UPDATE to update an existing LON-CAPA installation to a newer
version, the customizable localenroll.pm file is not overwritten.  This
is the file which must be customized to support integration of LON-CAPA
with institutional data sources (e.g., for automated update of course
rosters or user information). Whenever new routines are included in
localenroll.pm these will appear in localenroll-std.pm, which is updated
when a new LON-CAPA version is installed.

If you have previously customized localenroll.pm it is recommended that
you compare the contents of localenroll.pm and localenroll-std.pm after
an update to see if there are new subroutines (which exist as stubs in
localenroll-std.pm) which can be copied to your custom localenroll.pm,
and later customized, should you wish to use that functionality.

A recent change is the addition of check_instclasses() in LON-CAPA 2.11.3 
to supply information about which institutional course sections
and cross-listings are available to supply enrollment data, given the 
current list of owner and co-owners. The data are used to populate the 
column titled: "Auto-enrollment of registered students" when showing 
full details for a course in the course catalog.

10) restart the LON-CAPA system services:

RHEL/CentOS 8, Oracle Linux 7 & 8, Ubuntu 18 & 20, SLES 15, Fedora 26 (and newer)
/home/httpd/perl/loncontrol start

Other distros/versions
/etc/init.d/loncontrol start

11) restart the webserver:

RHEL/CentOS/Oracle/Scientific Linux 7 (and newer)
systemctl start httpd

Fedora (16 and older)/RHEL/CentOS/Scientific Linux 6 (and older)
/etc/init.d/httpd start

Fedora 17 (and newer)
service httpd start

SLES15/Ubuntu 18 (and newer)
systemctl start apache2

SuSE 12.X, 13.X, SLES12
service apache2 start

SuSE 11.X, SLES 11, Ubuntu 16 (and older)
/etc/init.d/apache2 start

12) It is recommended that loncron is run
(as the www user) after installation/update is complete.
(On Ubuntu LTS servers, first do: sudo -i )

su www

This will write to files in /home/httpd/lonTabs used to
store information about LON-CAPA versions on other servers in
the cluster to which the server belongs.  It may take some
minutes to complete as the script will contact other servers
in the LON-CAPA network sequentially.

13) It is also recommended that you check disk usage for courses
and Authoring Spaces, as 2.11 introduced default quotas of 0.5 GB
for each course (content uploaded directly via Course Editor) and
the same for each author.

For courses, log-in as Domain Coordinator and use:
Main Menu -> Status of domain servers -> Display quotas and usage for
Course/Community Content.

For Authoring Spaces, log-in as Domain Coordinator and use:
Main Menu -> Create users or modify the roles and privileges of users
->  Manage Users, and select Author in the "Role" dropdown, then
press the "Display List of Users" button.

The 0.5 GB default quota for Authoring Spaces in domain can be replaced via:
Main Menu -> Set domain configuration -> Blogs, personal web pages,
webDAV/quotas, portfolios

The 0.5 GB default quota for Courses can be replaced via:
Main Menu -> Set domain configuration -> Course/Community defaults

Quotas for individual authors can be set via:
Main Menu -> Create users or modify the roles and privileges of users
-> Add/Modify a User

Quotas for individual courses can be set via:
Main Menu -> View or modify a course or community
then search/select the course and use:
"View/Modify quotas for group portfolio files, and for uploaded content".

1) Defects reports, and enhancements requests can be entered at
2) Mailing lists can be joined and left at http://mail.lon-capa.org
3) Installation/update support is available from helpdesk at loncapa.org

Stuart Raeburn
LON-CAPA Academic Consortium

More information about the LON-CAPA-announce mailing list