[LON-CAPA-cvs] cvs: doc /install/linux install.pl
raeburn
raeburn at source.lon-capa.org
Wed Nov 11 15:58:37 EST 2020
raeburn Wed Nov 11 20:58:37 2020 EDT
Modified files:
/doc/install/linux install.pl
Log:
- For Mariadb 10.14 and later, MySQL set up uses unix_socket authentication
for OS root user access to Mariadb from localhost (SLES 15; Fedora 32, 33).
-------------- next part --------------
Index: doc/install/linux/install.pl
diff -u doc/install/linux/install.pl:1.67 doc/install/linux/install.pl:1.68
--- doc/install/linux/install.pl:1.67 Wed Jul 8 17:19:10 2020
+++ doc/install/linux/install.pl Wed Nov 11 20:58:37 2020
@@ -77,7 +77,7 @@
&mt('Stopping execution.')."\n";
exit;
} else {
- print LOG '$Id: install.pl,v 1.67 2020/07/08 17:19:10 raeburn Exp $'."\n";
+ print LOG '$Id: install.pl,v 1.68 2020/11/11 20:58:37 raeburn Exp $'."\n";
}
#
@@ -519,9 +519,9 @@
unless ($localecmd eq '') {
return ($distro,$gotprereqs,$localecmd);
}
- my ($mysqlon,$mysqlsetup,$mysqlrestart,$dbh,$has_pass,$has_lcdb,%recommended,
- $downloadstatus,$filetouse,$production,$testing,$apachefw,$tostop,
- $uses_systemctl,$hostname,$hostip);
+ my ($mysqlon,$mysqlsetup,$mysqlrestart,$dbh,$has_pass,$mysql_unix_socket,$has_lcdb,
+ %recommended,$downloadstatus,$filetouse,$production,$testing,$apachefw,
+ $tostop,$uses_systemctl,$hostname,$hostip);
my $wwwuid = &uid_of_www();
my $wwwgid = getgrnam('www');
if (($wwwuid eq '') || ($wwwgid eq '')) {
@@ -552,7 +552,7 @@
$mysqlon = &check_mysql_running($distro);
if ($mysqlon) {
my $mysql_has_wwwuser = &check_mysql_wwwuser();
- ($mysqlsetup,$has_pass,$dbh,$mysql_has_wwwuser) =
+ ($mysqlsetup,$has_pass,$dbh,$mysql_has_wwwuser,$mysql_unix_socket) =
&check_mysql_setup($instdir,$dsn,$distro,$mysql_has_wwwuser);
if ($mysqlsetup eq 'needsrestart') {
$mysqlrestart = '';
@@ -587,10 +587,10 @@
($recommended{'download'},$downloadstatus,$filetouse,$production,$testing)
= &need_download();
return ($distro,$gotprereqs,$localecmd,$packagecmd,$updatecmd,$installnow,
- $mysqlrestart,\%recommended,$dbh,$has_pass,$has_lcdb,$downloadstatus,
- $filetouse,$production,$testing,$apachefw,$uses_systemctl,$hostname,
- $hostip,$sslhostsfilesref,$has_std,$has_int,$rewritenum,$nochgstd,
- $nochgint);
+ $mysqlrestart,\%recommended,$dbh,$has_pass,$mysql_unix_socket,
+ $has_lcdb,$downloadstatus,$filetouse,$production,$testing,$apachefw,
+ $uses_systemctl,$hostname,$hostip,$sslhostsfilesref,$has_std,$has_int,
+ $rewritenum,$nochgstd,$nochgint);
}
sub check_mysql_running {
@@ -1530,8 +1530,31 @@
sub check_mysql_setup {
my ($instdir,$dsn,$distro,$mysql_has_wwwuser) = @_;
- my ($mysqlsetup,$has_pass);
+ my ($mysqlsetup,$has_pass,$mysql_unix_socket);
my $dbh = DBI->connect($dsn,'root','',{'PrintError'=>0});
+ my ($mysqlversion,$mysqlsubver,$mysqlname) = &get_mysql_version();
+ if (($mysqlname =~ /^MariaDB/i) && ($mysqlversion >= 10.4)) {
+ if ($dbh) {
+ my $sth = $dbh->prepare("SELECT Priv FROM mysql.global_priv WHERE (User = 'root' AND Host ='localhost')");
+ $sth->execute();
+ while (my $priv = $sth->fetchrow_array) {
+ if ($priv =~ /unix_socket/) {
+ $mysql_unix_socket = 1;
+ last;
+ }
+ }
+ $sth->finish();
+ if ($mysql_unix_socket) {
+ print_and_log(&mt('MariaDB using unix_socket for root access from localhost.')."\n");
+ $mysqlsetup = 'rootok';
+ $mysql_unix_socket = 1;
+ unless ($mysql_has_wwwuser) {
+ $mysql_has_wwwuser = &check_mysql_wwwuser();
+ }
+ return ($mysqlsetup,$has_pass,$dbh,$mysql_has_wwwuser,$mysql_unix_socket);
+ }
+ }
+ }
if ($dbh) {
$mysqlsetup = 'noroot';
} elsif ($DBI::err =~ /1045/) {
@@ -1856,9 +1879,10 @@
my $dsn = "DBI:mysql:database=mysql";
my ($distro,$gotprereqs,$localecmd,$packagecmd,$updatecmd,$installnow,$mysqlrestart,
- $recommended,$dbh,$has_pass,$has_lcdb,$downloadstatus,$filetouse,$production,
- $testing,$apachefw,$uses_systemctl,$hostname,$hostip,$sslhostsfiles,$has_std,
- $has_int,$rewritenum,$nochgstd,$nochgint) = &check_required($instdir,$dsn);
+ $recommended,$dbh,$has_pass,$mysql_unix_socket,$has_lcdb,$downloadstatus,
+ $filetouse,$production,$testing,$apachefw,$uses_systemctl,$hostname,$hostip,
+ $sslhostsfiles,$has_std,$has_int,$rewritenum,$nochgstd,$nochgint) =
+ &check_required($instdir,$dsn);
if ($distro eq '') {
print "\n".&mt('Linux distribution could not be verified as a supported distribution.')."\n".
&mt('The following are supported: [_1].',
@@ -1900,9 +1924,10 @@
exit;
} else {
($distro,$gotprereqs,$localecmd,$packagecmd,$updatecmd,$installnow,
- $mysqlrestart,$recommended,$dbh,$has_pass,$has_lcdb,$downloadstatus,
- $filetouse,$production,$testing,$apachefw,$uses_systemctl) =
- &check_required($instdir,$dsn);
+ $mysqlrestart,$recommended,$dbh,$has_pass,$mysql_unix_socket,
+ $has_lcdb,$downloadstatus,$filetouse,$production,$testing,$apachefw,
+ $uses_systemctl,$hostname,$hostip,$sslhostsfiles,$has_std,$has_int,
+ $rewritenum,$nochgstd,$nochgint) = &check_required($instdir,$dsn);
}
} else {
print &mt('Failed to run command to install LONCAPA-prerequisites')."\n";
@@ -1999,7 +2024,8 @@
if ($callsub{'mysql'}) {
if ($dbh) {
- &setup_mysql($callsub{'mysqlperms'},$distro,$dbh,$has_pass,$has_lcdb);
+ &setup_mysql($callsub{'mysqlperms'},$dbh,$has_pass,
+ $mysql_unix_socket,$has_lcdb);
} else {
print &mt('Unable to configure MySQL because access is denied.')."\n";
}
@@ -2007,7 +2033,7 @@
&print_and_log(&mt('Skipping configuration of MySQL.')."\n");
if ($callsub{'mysqlperms'}) {
if ($dbh) {
- &setup_mysql_permissions($dbh,$has_pass);
+ &setup_mysql_permissions($dbh,$has_pass,$mysql_unix_socket);
} else {
print &mt('Unable to configure MySQL because access is denied.')."\n";
}
@@ -2427,7 +2453,7 @@
}
sub setup_mysql {
- my ($setup_mysql_permissions,$distro,$dbh,$has_pass,$has_lcdb) = @_;
+ my ($setup_mysql_permissions,$dbh,$has_pass,$mysql_unix_socket,$has_lcdb) = @_;
my @mysql_lc_commands;
unless ($has_lcdb) {
push(@mysql_lc_commands,"CREATE DATABASE loncapa");
@@ -2437,7 +2463,7 @@
CREATE TABLE IF NOT EXISTS metadata (title TEXT, author TEXT, subject TEXT, url TEXT, keywords TEXT, version TEXT, notes TEXT, abstract TEXT, mime TEXT, language TEXT, creationdate DATETIME, lastrevisiondate DATETIME, owner TEXT, copyright TEXT, domain TEXT, dependencies TEXT, modifyinguser TEXT, authorspace TEXT, lowestgradelevel TEXT, highestgradelevel TEXT, standards TEXT, count INT, course INT, course_list TEXT, goto INT, goto_list TEXT, comefrom INT, comefrom_list TEXT, sequsage INT, sequsage_list TEXT, stdno INT, stdno_list TEXT, avetries FLOAT, avetries_list TEXT, difficulty FLOAT, difficulty_list TEXT, disc FLOAT, disc_list TEXT, clear FLOAT, technical FLOAT, correct FLOAT, helpful FLOAT, depth FLOAT, hostname TEXT, FULLTEXT idx_title (title), FULLTEXT idx_author (author), FULLTEXT idx_subject (subject), FULLTEXT idx_url (url), FULLTEXT idx_keywords (keywords), FULLTEXT idx_version (version), FULLTEXT idx_notes (notes), FULLTEXT idx_abstract (abstract), FULLTEXT idx_mime (mi
me), FULLTEXT idx_language (language), FULLTEXT idx_owner (owner), FULLTEXT idx_copyright (copyright)) ENGINE=MYISAM
});
if ($setup_mysql_permissions) {
- &setup_mysql_permissions($dbh,$has_pass, at mysql_lc_commands);
+ &setup_mysql_permissions($dbh,$has_pass,$mysql_unix_socket, at mysql_lc_commands);
} else {
print_and_log(&mt('Skipping MySQL permissions setup.')."\n");
if ($dbh) {
@@ -2454,12 +2480,14 @@
}
sub setup_mysql_permissions {
- my ($dbh,$has_pass, at mysql_lc_commands) = @_;
+ my ($dbh,$has_pass,$mysql_unix_socket, at mysql_lc_commands) = @_;
my ($mysqlversion,$mysqlsubver,$mysqlname) = &get_mysql_version();
- my ($usesauth,$is_mariadb,$hasauthcol, at mysql_commands);
+ my ($usescreate,$usesauth,$is_mariadb,$hasauthcol, at mysql_commands);
if ($mysqlname =~ /^MariaDB/i) {
$is_mariadb = 1;
- if ($mysqlversion >= 10.2) {
+ if ($mysqlversion >= 10.4) {
+ $usescreate = 1;
+ } elsif ($mysqlversion >= 10.2) {
$usesauth = 1;
} elsif ($mysqlversion >= 5.5) {
$hasauthcol = 1;
@@ -2471,7 +2499,9 @@
$hasauthcol = 1;
}
}
- if ($usesauth) {
+ if ($usescreate) {
+ @mysql_commands = ("CREATE USER 'www'\@'localhost' IDENTIFIED BY 'localhostkey'");
+ } elsif ($usesauth) {
@mysql_commands = ("INSERT user (Host, User, ssl_cipher, x509_issuer, x509_subject, authentication_string) VALUES('localhost','www','','','','')");
if ($is_mariadb) {
push(@mysql_commands,"ALTER USER 'www'\@'localhost' IDENTIFIED BY 'localhostkey'");
@@ -2491,7 +2521,7 @@
INSERT db (Host,Db,User,Select_priv,Insert_priv,Update_priv,Delete_priv,Create_priv,Drop_priv,Grant_priv,References_priv,Index_priv,Alter_priv,Create_tmp_table_priv,Lock_tables_priv) VALUES('localhost','loncapa','www','Y','Y','Y','Y','Y','Y','N','Y','Y','Y','Y','Y')");
}
push(@mysql_commands,"DELETE FROM user WHERE host<>'localhost'");
- if ($has_pass) {
+ if (($has_pass) || ($mysql_unix_socket)) {
if ($dbh) {
push(@mysql_commands,"FLUSH PRIVILEGES");
if (@mysql_commands) {
More information about the LON-CAPA-cvs
mailing list