[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Phpgroupware-cvs] phpgroupware/doc/install/presetuptask.html, 1.1.2.2
From: |
nomail |
Subject: |
[Phpgroupware-cvs] phpgroupware/doc/install/presetuptask.html, 1.1.2.2 |
Date: |
Mon, 12 Jul 2004 09:24:59 +0200 |
Update of /phpgroupware/doc/install
Modified Files:
Branch: Version-0_9_16-branch
presetuptask.html
date: 2004/07/12 07:24:59; author: skwashd; state: Exp; lines: +133 -58
Log Message:
mass doc cleanup/update :)
=====================================================================
Index: phpgroupware/doc/install/presetuptask.html
diff -u phpgroupware/doc/install/presetuptask.html:1.1.2.1
phpgroupware/doc/install/presetuptask.html:1.1.2.2
--- phpgroupware/doc/install/presetuptask.html:1.1.2.1 Wed Jan 28 10:46:38 2004
+++ phpgroupware/doc/install/presetuptask.html Mon Jul 12 07:24:59 2004
@@ -1,62 +1,137 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
- <head>
- <title>phpGroupWare [wiki]</title>
- <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
- </head>
- <body bgcolor="ffffff">
- <!-- $Id$ -->
- <img src="../pics/logo.png" alt="phpgroupware" /><br />
- <h1>Pre-setup_tasks</h1>
- There are a few thing you must do before phpgroupware's setup system can
be run. For the time being it is recommended that php's register_globals be On.
Applications are currently being ported to not require this but this will take
a bit of time. You can change this in your php.ini file. You should be able to
install phpgw without it but some applications will behave oddly unless
register_globals = On.<br />
- <br />
- Create a database and a user with full access to this new database. You
may use your favorite GUI to do this, I prefer Webmin, or use the mysql command
line tool. You do not need to root run this, but you will need to use a mysql
user with full access to the "mysql" database, the mysql root user has this by
default. The command to create a database called "phpgroupware" and user
"phpgw" with password "my-db-passwd" is:<br />
- <br />
- <dl>
- <dd> $ mysqladmin -u root -p create phpgroupware (enter root's password
when prompted)</dd>
- <dd> $ mysql -u root -p</dd>
- <dd> mysql> grant all on phpgroupware.* to address@hidden identified by
"my-db-passwd";</dd>
- <dd> mysql> exit;</dd>
- </dl>
- <br />
- for postgresql is:<br />
- <dl>
- <dd> $ /usr/bin/createdb phpgroupware </dd>
- <dd> $ /usr/bin/createuser phpgroupware --pwprompt</dd>
- <dd> $ psql -U phpgroupware phpgroupware</dd>
- <dd> phpgroupware=# GRANT ALL PRIVILEGES ON DATABASE phpgroupware TO
PUBLIC;</dd>
- </dl>
- <br />
- if the psql line doesn't work, you're not connecting to the db. You need
to read the postgresql site and look into pg_hdba.conf and pg_ident.conf
settings .. it's been a while since I did it (if you find out what to do, post
the settings to the mailing list so we can add them here for future users)<br />
- <br />
- Next, you need to prepare setup to create the "header.inc.php" file where
the database connectivity and other core configuration data will be stored. Go
to <a href="#">http://www.your_server.whatever/phpgroupware/setup</a> and you
should see a web form to fill in a bunch of settings including the above db
user and password. To save the settings, you have 2 options, all will assume
you're still in the phpgroupware directory from doing the cvs update, the
security issues of each will be addressed in section 3:<br />
- <br />
- <dl>
- <dd> 1. Least secure but easiest: Make your phpgroupware directory world
writable $chmod a+w ../phpgroupware</dd>
- <dd> 2. Most secure but slightly error prone: Use the "view" or
"download" option in header manager and upload or copy/paste the result to your
server. If you choose this method take care there is no white space (spaces,
tabs, blank lines) at all before the first "<?" and that your editor doesn't
wrap any lines for you where it shouldn't have. You may then make the
header.inc.php world writable, which is better than #1 but still has risks.</dd>
- </dl>
- <br />
- Whichever you choose, I recommend not leaving this world writable, and
only making it writable when you actually need to change some configuration,
which is very rare once you have a working system.<br />
- <br />
- If you plan on using the phpwebhosting filemanager or any application that
makes use of the vfs home/group directories (sorry, I don't have a list of
other apps that do) you will need to prepare the "files" directory. By default,
the files directory is in the phpgroupware root, but this would allow smart
users to upload/create a php file and execute whatever they want, including
reading your header config and then the database! Luckily, the default is also
to disallow the ability to upload files in the first place since the files
directory is not writable by the anonymous web user. We will be moving the
files dir outside of the web root for securities sake. Since I'm installing
under my home directory I've made ~/phpgwadmin/ and I'm going to put it there
and make it and all its contents world writable. You can put it wherever you
want so long as every directory up to it is world readable:<br />
- <br />
- <dl>
- <dd> $mv files ~/phpgwadmin/</dd>
- <dd> $chmod -R a+w ~/phpgwadmin/files</dd>
- </dl>
- <br />
- NOTE: I am told the FreeBSD port doens't include the files directory, you
can create the following tree in ~/phpgwadmin/ and then chmod.<br />
- NOTE: As of 0.9.14.006 the files directory MUST be outside the web root.
<br />
- <br />
- files/<br />
- |-- home/<br />
- | |-- groups/<br />
- | |-- users/<br />
- | |-- home/<br />
- <br />
- Now as along as the prereqs are up and running we are ready to
configure!<br />
- <hr />
- <small>(C) 2000-2003 Free Software Foundation Inc</small>
- </body>
+ <head>
+ <meta http-equiv="Content-Type" content="text/html;
charset=iso-8859-1" />
+ <link rel="stylesheet" type="text/css"
href="../styles/screen.css" media="screen" />
+ <link rel="stylesheet" type="text/css"
href="../styles/print.css" media="print" />
+ <title>phpGroupWare - Installation & Security HOWTO</title>
+ </head>
+ <body>
+ <div>
+ <div id="printheader">
+ <img src="../pics/logo.png" alt="phpGW logo" />
+ Installation & Security HOWTO
+ </div>
+ <div id="top">
+ <img src="../pics/logo.png"
+ alt="phpGroupWare" />
+ <div id="sitename"><a
href="index.html">Installation & Security HOWTO</a></div>
+ </div>
+ <div id="content">
+ <h2>Pre setup Tasks</h2>
+ <p>
+ There are a few thing you must do
before phpgroupware's setup system can
+ be run. For the time being it is
recommended that php's register_globals
+ be Off. Most applications have been
ported to not require register_globals = On
+ but there are a few which may not run
properly. You can change this in your
+ php.ini file. If an application behaves
oddly try changing it to
+ register_globals = On.
+ </p>
+ <p>
+ Create a database and a user with full
access to this new database.
+ You may use your favorite GUI to do
this, I prefer Webmin, or use the
+ mysql command line tool. You do not
need to root run this, but you will
+ need to use a mysql user with full
access to the "mysql" database, the
+ mysql root user has this by default.
The command to create a database
+ called "phpgroupware" and user "phpgw"
with password "my-db-passwd" is:
+ </p>
+ <pre>
+ $ mysqladmin -u root -p create phpgroupware (enter
root's password when prompted)
+ $ mysql -u root -p
+ mysql> grant all on phpgroupware.* to address@hidden
identified by "my-db-passwd";
+ mysql> exit;
+ </pre>
+ <p>
+ for postgresql you use:
+ </p>
+ <pre>
+ $ /usr/bin/createdb phpgroupware
+ $ /usr/bin/createuser phpgroupware --pwprompt
+ $ psql -U phpgroupware phpgroupware
+ phpgroupware=# GRANT ALL PRIVILEGES ON DATABASE
phpgroupware TO PUBLIC;
+ </pre>
+ <p>
+ if the psql line doesn't work, you're
not connecting to the db. You need
+ to read the postgresql site and look
into pg_hdba.conf and pg_ident.conf
+ settings .. it's been a while since I
did it (if you find out what to
+ do, post the settings to the mailing
list so we can add them here for
+ future users)
+ </p>
+ <p>
+ Next, you need to prepare setup to
create the "header.inc.php" file
+ where the database connectivity and
other core configuration data
+ will be stored. Go to
+ <a
href="#">http://www.your_server.whatever/phpgroupware/setup</a>
+ and you should see a web form to fill
in a bunch of settings including
+ the above db user and password. To save
the settings, you have 2 options,
+ all will assume you're still in the
phpgroupware directory from doing the
+ cvs update, the security issues of each
will be addressed in section 3:
+ </p>
+ <ol>
+ <li>Least secure but easiest: Make your
phpgroupware directory world
+ writable $chmod a+w
../phpgroupware</li>
+ <li>Most secure but slightly error
prone: Use the "view" or "download"
+ option in header manager and
upload or copy/paste the result to
+ your server. If you choose this
method take care there is no white
+ space (spaces, tabs, blank
lines) at all before the first "<?php"
+ and that your editor doesn't
wrap any lines for you where it shouldn't
+ have. You may then make the
header.inc.php world writable, which is
+ better than #1 but still has
risks.</li>
+ </ol>
+ <p>
+ Whichever you choose, I recommend not
leaving this world writable, and
+ only making it writable when you
actually need to change some configuration,
+ which is very rare once you have a
working system.
+ </p>
+ <p>
+ If you plan on using the phpwebhosting
filemanager or any application
+ that makes use of the vfs home/group
directories (sorry, I don't have
+ a list of other apps that do) you will
need to prepare the "files"
+ directory. By default, the files
directory is in the phpgroupware root,
+ but this would allow smart users to
upload/create a php file and execute
+ whatever they want, including reading
your header config and then the
+ database! Luckily, the default is also
to disallow the ability to upload
+ files in the first place since the
files directory is not writable by the
+ anonymous web user. We will be moving
the files dir outside of the web
+ root for securities sake. Since I'm
installing under my home directory I've
+ made ~/phpgwadmin/ and I'm going to put
it there and make it and all its
+ contents world writable. You can put it
wherever you want so long as every
+ directory up to it is world readable:
+ </p>
+ <pre>
+ $ mv files ~/phpgwadmin/
+ $ chmod -R a+w ~/phpgwadmin/files
+ </pre>
+ <p>
+ NOTE: I am told the FreeBSD port
doens't include the files directory,
+ you can create the following tree in
~/phpgwadmin/ and then chmod.
+ </p>
+ <p>
+ <b>NOTE:</b> As of 0.9.14.006 the files
directory MUST be outside the web root.
+ </p>
+ <pre>
+ files/
+ |-- home/
+ | |-- groups/
+ | |-- users/
+ | |-- home/
+ </pre>
+ <p>
+ Now as along as the prereqs are up and
running we are ready to configure!
+ </p>
+ </div>
+ <div id="footer">
+ The most recent version of this document can be
found
+ at <a
href="http://docs.phpgroupware.org/html/install/">docs.phpgroupware.org</a><br
/>
+ Copyright © 2000-2004 <a
href="http://www.fsf.org" target="_blank">Free Software
+ Foundation Inc</a>,
+ distributed under the terms of the <a
href="http://www.gnu.org/copyleft/fdl.html"
+ target="_blank">GNU Free Documentation
License</a><br />
+ <b>Source:</b> $Source$<br />
+ <b>Version:</b> $Revision$<br />
+ <b>Last Modified:</b> $Date$ by $Name$
+ </div>
+ </div>
+ </body>
</html>
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Phpgroupware-cvs] phpgroupware/doc/install/presetuptask.html, 1.1.2.2,
nomail <=