372 lines
17 KiB
HTML
372 lines
17 KiB
HTML
|
|
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
|
|
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"
|
|
lang="en" dir="ltr">
|
|
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
|
<title></title>
|
|
<!-- metadata -->
|
|
<meta name="generator" content="Offline" />
|
|
<meta name="version" content="Offline 0.1" />
|
|
<!-- style sheet links -->
|
|
<link rel="stylesheet" media="all" type="text/css" href="../../../css/all.css" />
|
|
<link rel="stylesheet" media="screen" type="text/css" href="../../../css/screen.css" />
|
|
<link rel="stylesheet" media="print" type="text/css" href="../../../css/print.css" />
|
|
|
|
</head>
|
|
<body>
|
|
<div class="dokuwiki export">
|
|
|
|
|
|
<h1 class="sectionedit1" id="installation_on_redhatcentos">Installation on RedHat/CentOS</h1>
|
|
<div class="level1">
|
|
|
|
</div>
|
|
<!-- EDIT1 SECTION "Installation on RedHat/CentOS" [1-45] -->
|
|
<h2 class="sectionedit2" id="organization">Organization</h2>
|
|
<div class="level2">
|
|
|
|
<p>
|
|
LemonLDAP::NG provides these packages:
|
|
</p>
|
|
<ul>
|
|
<li class="level1"><div class="li"> lemonldap-ng: meta-package, contains no file but dependencies on other packages</div>
|
|
</li>
|
|
<li class="level1"><div class="li"> lemonldap-ng-doc: contains <abbr title="HyperText Markup Language">HTML</abbr> documentation and project docs (README, etc.)</div>
|
|
</li>
|
|
<li class="level1"><div class="li"> lemonldap-ng-conf: contains default configuration (<abbr title="Domain Name System">DNS</abbr> domain: example.com)</div>
|
|
</li>
|
|
<li class="level1"><div class="li"> lemonldap-ng-test: contains sample CGI test page</div>
|
|
</li>
|
|
<li class="level1"><div class="li"> lemonldap-ng-handler: contains Apache Handler implementation (agent)</div>
|
|
</li>
|
|
<li class="level1"><div class="li"> lemonldap-ng-manager: contains administration interface and session explorer</div>
|
|
</li>
|
|
<li class="level1"><div class="li"> lemonldap-ng-portal: contains authentication portal and menu</div>
|
|
</li>
|
|
<li class="level1"><div class="li"> perl-Lemonldap-NG-Common: CPAN - Shared modules</div>
|
|
</li>
|
|
<li class="level1"><div class="li"> perl-Lemonldap-NG-Handler: CPAN - Handler modules</div>
|
|
</li>
|
|
<li class="level1"><div class="li"> perl-Lemonldap-NG-Manager: CPAN - Manager modules</div>
|
|
</li>
|
|
<li class="level1"><div class="li"> perl-Lemonldap-NG-Portal: CPAN - Portal modules</div>
|
|
</li>
|
|
</ul>
|
|
|
|
<p>
|
|
This schema shows the dependencies between modules:
|
|
</p>
|
|
|
|
<p>
|
|
<a href="/_detail/documentation/lemonldap-ng-packages.png?id=documentation%3A1.9%3Ainstallrpm" class="media" title="documentation:lemonldap-ng-packages.png"><img src="../../../media/documentation/lemonldap-ng-packages.png" class="mediacenter" alt="" /></a>
|
|
</p>
|
|
|
|
</div>
|
|
<!-- EDIT2 SECTION "Organization" [46-943] -->
|
|
<h2 class="sectionedit3" id="get_the_packages">Get the packages</h2>
|
|
<div class="level2">
|
|
|
|
</div>
|
|
<!-- EDIT3 SECTION "Get the packages" [944-973] -->
|
|
<h3 class="sectionedit4" id="yum_repository">YUM repository</h3>
|
|
<div class="level3">
|
|
|
|
<p>
|
|
You can add this YUM repository to get recent packages:
|
|
</p>
|
|
<pre class="code">vi /etc/yum.repos.d/lemonldap-ng.repo</pre>
|
|
<pre class="file">[lemonldap-ng]
|
|
name=LemonLDAP::NG packages
|
|
baseurl=http://lemonldap-ng.org/rpm/
|
|
enabled=1
|
|
gpgcheck=1
|
|
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-OW2</pre>
|
|
|
|
<p>
|
|
<p><div class="notetip">
|
|
Change the base <abbr title="Uniform Resource Locator">URL</abbr> for EL6 packages:
|
|
</p>
|
|
<pre class="file">baseurl=http://lemonldap-ng.org/rpm6/</pre>
|
|
|
|
<p>
|
|
Change the base <abbr title="Uniform Resource Locator">URL</abbr> for EL7 packages:
|
|
</p>
|
|
<pre class="file">baseurl=http://lemonldap-ng.org/rpm7/</pre>
|
|
|
|
<p>
|
|
|
|
</div></p>
|
|
</p>
|
|
|
|
<p>
|
|
Run this to update packages cache:
|
|
</p>
|
|
<pre class="code">yum update</pre>
|
|
|
|
<p>
|
|
<p><div class="notewarning">
|
|
You must also install the EPEL repository for non-core dependencies. See <a href="../../documentation/1.9/prereq.html#yum" class="wikilink1" title="documentation:1.9:prereq">prerequisites and dependencies</a> chapter for more.
|
|
|
|
</div></p>
|
|
</p>
|
|
|
|
</div>
|
|
<!-- EDIT4 SECTION "YUM repository" [974-1698] -->
|
|
<h3 class="sectionedit5" id="manual_download">Manual download</h3>
|
|
<div class="level3">
|
|
|
|
<p>
|
|
RPMs are available on the <a href="../../download.html" class="wikilink1" title="download">Download page</a>.
|
|
</p>
|
|
|
|
</div>
|
|
<!-- EDIT5 SECTION "Manual download" [1699-1781] -->
|
|
<h2 class="sectionedit6" id="package_gpg_signature">Package GPG signature</h2>
|
|
<div class="level2">
|
|
|
|
<p>
|
|
The GPG key can be downloaded here: <a href="../media/rpm-gpg-key-ow2" class="media mediafile mf_" title="rpm-gpg-key-ow2 (1.7 KB)">rpm-gpg-key-ow2</a>
|
|
</p>
|
|
|
|
<p>
|
|
Install it to trust RPMs:
|
|
</p>
|
|
<pre class="code">rpm --import rpm-gpg-key-ow2</pre>
|
|
|
|
</div>
|
|
<!-- EDIT6 SECTION "Package GPG signature" [1782-1947] -->
|
|
<h2 class="sectionedit7" id="install_packages">Install packages</h2>
|
|
<div class="level2">
|
|
|
|
</div>
|
|
<!-- EDIT7 SECTION "Install packages" [1948-1977] -->
|
|
<h3 class="sectionedit8" id="with_yum">With YUM</h3>
|
|
<div class="level3">
|
|
|
|
<p>
|
|
If the packages are stored in a yum repository:
|
|
</p>
|
|
<pre class="code shell">yum install lemonldap-ng</pre>
|
|
<pre class="code shell">Transaction Summary
|
|
===================================================
|
|
Install 82 Package(s)
|
|
Upgrade 0 Package(s)
|
|
|
|
Total download size: 18 M
|
|
Is this ok [y/N]: y</pre>
|
|
|
|
<p>
|
|
You can also use yum on local RPMs file:
|
|
</p>
|
|
<pre class="code">yum localinstall lemonldap-ng-* perl-Lemonldap-NG-*</pre>
|
|
|
|
</div>
|
|
<!-- EDIT8 SECTION "With YUM" [1978-2395] -->
|
|
<h3 class="sectionedit9" id="with_rpm">With RPM</h3>
|
|
<div class="level3">
|
|
|
|
<p>
|
|
Before installing the packages, install all <a href="../../documentation/1.9/prereq.html" class="wikilink1" title="documentation:1.9:prereq">dependencies</a>.
|
|
</p>
|
|
|
|
<p>
|
|
You have then to install all the downloaded packages:
|
|
</p>
|
|
<pre class="code">rpm -Uvh lemonldap-ng-* perl-Lemonldap-NG-*</pre>
|
|
|
|
<p>
|
|
<p><div class="notetip">
|
|
You can choose to install only one component by choosing the package <code>lemonldap-ng-portal</code>, <code>lemonldap-ng-handler</code> or <code>lemonldap-ng-manager</code>.
|
|
</p>
|
|
|
|
<p>
|
|
Install the package <code>lemonldap-ng-conf</code> on all server which contains one of those packages.
|
|
|
|
</div></p>
|
|
</p>
|
|
|
|
<p>
|
|
<p><div class="notewarning">
|
|
If you install packages on 64bits system, create those symbolic links:
|
|
</p>
|
|
<pre class="code">ln -s /usr/lib/perl5/vendor_perl/5.8.8/Lemonldap /usr/lib64/perl5/
|
|
ln -s /usr/lib/perl5/vendor_perl/5.8.8/auto/Lemonldap /usr/lib64/perl5/auto/</pre>
|
|
|
|
<p>
|
|
|
|
</div></p>
|
|
</p>
|
|
|
|
</div>
|
|
<!-- EDIT9 SECTION "With RPM" [2396-3117] -->
|
|
<h2 class="sectionedit10" id="first_configuration_steps">First configuration steps</h2>
|
|
<div class="level2">
|
|
|
|
</div>
|
|
<!-- EDIT10 SECTION "First configuration steps" [3118-3156] -->
|
|
<h3 class="sectionedit11" id="change_default_dns_domain">Change default DNS domain</h3>
|
|
<div class="level3">
|
|
|
|
<p>
|
|
By default, <abbr title="Domain Name System">DNS</abbr> domain is <code>example.com</code>. You can change it quick with a sed command. For example, we change it to <code>ow2.org</code>:
|
|
</p>
|
|
<pre class="code shell">sed -i 's/example\.com/ow2.org/g' /etc/lemonldap-ng/* /var/lib/lemonldap-ng/conf/lmConf-1 /var/lib/lemonldap-ng/test/index.pl</pre>
|
|
|
|
</div>
|
|
<!-- EDIT11 SECTION "Change default DNS domain" [3157-3471] -->
|
|
<h3 class="sectionedit12" id="apache_virtual_host">Apache virtual host</h3>
|
|
<div class="level3">
|
|
|
|
<p>
|
|
If <abbr title="LemonLDAP::NG">LL::NG</abbr> is the only software installed in Apache, the virtual host feature may not have already been activated.
|
|
</p>
|
|
|
|
<p>
|
|
To do it, uncomment the <code>NameVirtualHost</code> line in <code>/etc/httpd/conf.d/z-lemonldap-ng-handler.conf</code>:
|
|
</p>
|
|
<pre class="code file apache"><span class="kw1">NameVirtualHost</span> *:<span class="nu0">80</span></pre>
|
|
|
|
<p>
|
|
Check Apache configuration and restart:
|
|
</p>
|
|
<pre class="code shell">apachectl configtest
|
|
apachectl restart</pre>
|
|
|
|
</div>
|
|
<!-- EDIT12 SECTION "Apache virtual host" [3472-3866] -->
|
|
<h3 class="sectionedit13" id="default_virtual_host">Default virtual host</h3>
|
|
<div class="level3">
|
|
|
|
<p>
|
|
Apache on RedHat comes with a default virtual host:
|
|
</p>
|
|
<pre class="code file apache"><<span class="kw3">LocationMatch</span> <span class="st0">"^/+$"</span>>
|
|
<span class="kw1">Options</span> -<span class="kw2">Indexes</span>
|
|
<span class="kw1">ErrorDocument</span> 403 /.noindex.html
|
|
</<span class="kw3">LocationMatch</span>></pre>
|
|
|
|
<p>
|
|
This conflicts with LemonLDAP::NG ErrorDocument configuration, so you need to comment this part of the vhost.
|
|
If you have an apache fresh install, it can be a good idea to completely disable the welcome vhost.
|
|
</p>
|
|
|
|
</div>
|
|
<!-- EDIT13 SECTION "Default virtual host" [3867-4274] -->
|
|
<h3 class="sectionedit14" id="reload_virtual_host">Reload virtual host</h3>
|
|
<div class="level3">
|
|
|
|
<p>
|
|
To allow the manager to reload the configuration, register the reload virtual host name in the hosts of the server:
|
|
</p>
|
|
<pre class="code shell">echo "127.0.0.1 reload.example.com" >> /etc/hosts</pre>
|
|
|
|
<p>
|
|
<p><div class="notetip">Adapt the reload virtual host name to the domain you configured.
|
|
</div></p>
|
|
</p>
|
|
|
|
</div>
|
|
<!-- EDIT14 SECTION "Reload virtual host" [4275-4576] -->
|
|
<h3 class="sectionedit15" id="upgrade">Upgrade</h3>
|
|
<div class="level3">
|
|
|
|
<p>
|
|
If you upgraded <abbr title="LemonLDAP::NG">LL::NG</abbr>, check all <a href="../../documentation/1.9/upgrade.html" class="wikilink1" title="documentation:1.9:upgrade">upgrade notes</a>.
|
|
</p>
|
|
|
|
<p>
|
|
For apache configuration, you may have to remove the old symbolic link, if not done by the RPM:
|
|
</p>
|
|
<pre class="code shell">rm -f /etc/httpd/conf.d/z-lemonldap-ng.conf</pre>
|
|
|
|
<p>
|
|
Your old Apache configuration should have been saved, you need to port your specificities in new Apache configuration files:
|
|
</p>
|
|
<pre class="code shell">vi /etc/lemonldap-ng/apache2.conf.rpmsave</pre>
|
|
|
|
<p>
|
|
The upgrade process will also have migrate old configuration files into <code>/etc/lemonldap-ng/lemonldap-ng.ini</code>. This includes the application list which is now set in the <code>applicationList</code> parameter from <code>[portal]</code> section, for example:
|
|
</p>
|
|
<pre class="code file ini"><span class="re0"><span class="br0">[</span>portal<span class="br0">]</span></span>
|
|
<span class="re1">applicationList</span><span class="sy0">=</span><span class="re2"><span class="br0">{</span> 'Menu' <span class="sy0">=</span>> <span class="br0">{</span> type <span class="sy0">=</span>> 'category', 'Example' <span class="sy0">=</span>> <span class="br0">{</span> type <span class="sy0">=</span>> 'category', 'test1' <span class="sy0">=</span>> <span class="br0">{</span> type <span class="sy0">=</span>> 'application', options <span class="sy0">=</span>> <span class="br0">{</span> name <span class="sy0">=</span>> 'Application Test 1', uri <span class="sy0">=</span>> 'http://test1.example.com/', description <span class="sy0">=</span>> 'A simple application displaying authenticated user', logo <span class="sy0">=</span>> 'wheels.png', display <span class="sy0">=</span>> 'auto', <span class="br0">}</span>, <span class="br0">}</span>,'test2' <span class="sy0">=</span>> <span class="br0">{</span> type <span class="sy0">=</span>> 'application', options <span class="sy0">=</span>> <span class="br0">{</span> name <span class="sy0">=</span>> 'Application Test 2', uri <span class="sy0">=</span>> 'http://test2.example.com/', description <span class="sy0">=</span>> 'The same simple application displaying authenticated user', logo <span class="sy0">=</span>> 'wheels.png', display <span class="sy0">=</span>> 'auto', <span class="br0">}</span>, <span class="br0">}</span>, <span class="br0">}</span>,'Administration' <span class="sy0">=</span>> <span class="br0">{</span> type <span class="sy0">=</span>> 'category', 'manager' <span class="sy0">=</span>> <span class="br0">{</span> type <span class="sy0">=</span>> 'application', options <span class="sy0">=</span>> <span class="br0">{</span> name <span class="sy0">=</span>> 'WebSSO Manager', uri <span class="sy0">=</span>> 'http://manager.example.com/', description <span class="sy0">=</span>> 'Configure LemonLDAP::NG WebSSO', logo <span class="sy0">=</span>> 'tools.png', display <span class="sy0">=</span>> 'on', <span class="br0">}</span>, <span class="br0">}</span>,'sessions' <span class="sy0">=</span>> <span class="br0">{</span> type <span class="sy0">=</span>> 'application', options <span class="sy0">=</span>> <span class="br0">{</span> name <span class="sy0">=</span>> 'Sessions explorer', uri <span class="sy0">=</span>> 'http://manager.example.com/sessions.pl', description <span class="sy0">=</span>> 'Explore WebSSO sessions', logo <span class="sy0">=</span>> 'tools.png', display <span class="sy0">=</span>> 'on', <span class="br0">}</span>, <span class="br0">}</span>, <span class="br0">}</span>,'Documentation' <span class="sy0">=</span>> <span class="br0">{</span> type <span class="sy0">=</span>> 'category', 'localdoc' <span class="sy0">=</span>> <span class="br0">{</span> type <span class="sy0">=</span>> 'application', options <span class="sy0">=</span>> <span class="br0">{</span> name <span class="sy0">=</span>> 'Local documentation', uri <span class="sy0">=</span>> 'http://manager.example.com/doc/', description <span class="sy0">=</span>> 'Documentation supplied with LemonLDAP::NG', logo <span class="sy0">=</span>> 'docs.png', display <span class="sy0">=</span>> 'on', <span class="br0">}</span>, <span class="br0">}</span>,'officialwebsite' <span class="sy0">=</span>> <span class="br0">{</span> type <span class="sy0">=</span>> 'application', options <span class="sy0">=</span>> <span class="br0">{</span> name <span class="sy0">=</span>> 'Offical Website', uri <span class="sy0">=</span>> 'http://wiki.lemonldap.objectweb.org/xwiki/bin/view/NG/Presentation', description <span class="sy0">=</span>> 'Official LemonLDAP::NG Website', logo <span class="sy0">=</span>> 'web.png', display <span class="sy0">=</span>> 'on', <span class="br0">}</span>, <span class="br0">}</span>, <span class="br0">}</span>, <span class="br0">}</span>, <span class="br0">}</span></span></pre>
|
|
|
|
<p>
|
|
<p><div class="noteimportant">You should now use the Manager to configure all <a href="../../documentation/1.9/portalmenu.html#categories_and_applications" class="wikilink1" title="documentation:1.9:portalmenu">applications and categories</a>, and then comment or remove the <code>applicationList</code> parameter from <code>/etc/lemonldap-ng/lemonldap-ng.ini</code>.
|
|
</div></p>
|
|
</p>
|
|
|
|
</div>
|
|
<!-- EDIT15 SECTION "Upgrade" [4577-7086] -->
|
|
<h3 class="sectionedit16" id="dns">DNS</h3>
|
|
<div class="level3">
|
|
|
|
<p>
|
|
Configure your <abbr title="Domain Name System">DNS</abbr> server to resolve names with your server <abbr title="Internet Protocol">IP</abbr>.
|
|
</p>
|
|
|
|
<p>
|
|
<p><div class="notetip">
|
|
For tests with <code>example.com</code>, launch the following :
|
|
</p>
|
|
<pre class="code shell">cat /etc/lemonldap-ng/for_etc_hosts >> /etc/hosts</pre>
|
|
|
|
<p>
|
|
|
|
</div></p>
|
|
</p>
|
|
|
|
<p>
|
|
Follow the <a href="../../documentation/1.9/start.html#configuration" class="wikilink1" title="documentation:1.9:start">next steps</a>
|
|
</p>
|
|
|
|
</div>
|
|
<!-- EDIT16 SECTION "DNS" [7087-7359] -->
|
|
<h2 class="sectionedit17" id="file_location">File location</h2>
|
|
<div class="level2">
|
|
<ul>
|
|
<li class="level1"><div class="li"> Configuration is in /etc/lemonldap-ng</div>
|
|
</li>
|
|
<li class="level1"><div class="li"> LemonLDAP::NG configuration (edited by the Manager) is in /var/lib/lemonldap-ng/conf/</div>
|
|
</li>
|
|
<li class="level1"><div class="li"> All Perl modules are in the VENDOR perl directory </div>
|
|
</li>
|
|
<li class="level1"><div class="li"> All Perl scripts/pages are in /var/lib/lemonldap-ng/</div>
|
|
</li>
|
|
<li class="level1"><div class="li"> All static content (examples, <abbr title="Cascading Style Sheets">CSS</abbr>, images, etc.) is in /usr/share/lemonldap-ng/</div>
|
|
</li>
|
|
</ul>
|
|
|
|
</div>
|
|
<!-- EDIT17 SECTION "File location" [7360-7716] -->
|
|
<h2 class="sectionedit18" id="build_your_packages">Build your packages</h2>
|
|
<div class="level2">
|
|
|
|
<p>
|
|
If you need it, you can rebuild RPMs:
|
|
</p>
|
|
<ul>
|
|
<li class="level1"><div class="li"> Install rpm-build package</div>
|
|
</li>
|
|
<li class="level1"><div class="li"> Install all build dependencies (see BuildRequires in lemonldap-ng.<abbr title="specification">spec</abbr>)</div>
|
|
</li>
|
|
<li class="level1"><div class="li"> Put LemonLDAP::NG tarball in %_topdir/SOURCES</div>
|
|
</li>
|
|
<li class="level1"><div class="li"> Edit ~/.rpmmacros and set your build parameters (example for RHEL5):</div>
|
|
</li>
|
|
</ul>
|
|
<pre class="file">%_topdir /home/user/build
|
|
%dist .el5
|
|
%rhel 5</pre>
|
|
<ul>
|
|
<li class="level1"><div class="li"> Go to %_topdir</div>
|
|
</li>
|
|
<li class="level1"><div class="li"> Build:</div>
|
|
</li>
|
|
</ul>
|
|
<pre class="code">rpmbuild -ta SOURCES/lemonldap-ng-VERSION.tar.gz</pre>
|
|
|
|
</div>
|
|
</div><!-- closes <div class="dokuwiki export">--> |