407 lines
16 KiB
HTML
407 lines
16 KiB
HTML
|
|
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
|
|
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"
|
|
lang="en" dir="ltr">
|
|
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
|
<title></title>
|
|
<!-- metadata -->
|
|
<meta name="generator" content="Offline" />
|
|
<meta name="version" content="Offline 0.1" />
|
|
<!-- style sheet links -->
|
|
<link rel="stylesheet" media="all" type="text/css" href="../../../css/all.css" />
|
|
<link rel="stylesheet" media="screen" type="text/css" href="../../../css/screen.css" />
|
|
<link rel="stylesheet" media="print" type="text/css" href="../../../css/print.css" />
|
|
|
|
</head>
|
|
<body>
|
|
<div class="dokuwiki export">
|
|
|
|
|
|
|
|
|
|
<h1><a name="installation_on_redhatcentos" id="installation_on_redhatcentos">Installation on RedHat/CentOS</a></h1>
|
|
<div class="level1">
|
|
|
|
</div>
|
|
<!-- SECTION "Installation on RedHat/CentOS" [1-45] -->
|
|
<h2><a name="organization" id="organization">Organization</a></h2>
|
|
<div class="level2">
|
|
|
|
<p>
|
|
|
|
LemonLDAP::NG provides these packages:
|
|
</p>
|
|
<ul>
|
|
<li class="level1"><div class="li"> lemonldap-ng: meta-package, contains no file but dependencies on other packages</div>
|
|
</li>
|
|
<li class="level1"><div class="li"> lemonldap-ng-doc: contains <acronym title="HyperText Markup Language">HTML</acronym> documentation and project docs (README, etc.)</div>
|
|
</li>
|
|
<li class="level1"><div class="li"> lemonldap-ng-conf: contains default configuration (<acronym title="Domain Name System">DNS</acronym> domain: example.com)</div>
|
|
</li>
|
|
<li class="level1"><div class="li"> lemonldap-ng-test: contains sample <acronym title="Common Gateway Interface">CGI</acronym> test page</div>
|
|
</li>
|
|
<li class="level1"><div class="li"> lemonldap-ng-handler: contains Apache Handler implementation (agent)</div>
|
|
</li>
|
|
<li class="level1"><div class="li"> lemonldap-ng-manager: contains administration interface and session explorer</div>
|
|
</li>
|
|
<li class="level1"><div class="li"> lemonldap-ng-portal: contains authentication portal and menu</div>
|
|
</li>
|
|
<li class="level1"><div class="li"> perl-Lemonldap-NG-Common: CPAN - Shared modules</div>
|
|
</li>
|
|
<li class="level1"><div class="li"> perl-Lemonldap-NG-Handler: CPAN - Handler modules</div>
|
|
</li>
|
|
<li class="level1"><div class="li"> perl-Lemonldap-NG-Manager: CPAN - Manager modules</div>
|
|
</li>
|
|
<li class="level1"><div class="li"> perl-Lemonldap-NG-Portal: CPAN - Portal modules</div>
|
|
</li>
|
|
</ul>
|
|
|
|
<p>
|
|
|
|
This schema shows the dependencies between modules:
|
|
</p>
|
|
|
|
<p>
|
|
<a href="/_detail/documentation/lemonldap-ng-packages.png?id=documentation%3A1.3%3Ainstallrpm" class="media" title="documentation:lemonldap-ng-packages.png"><img src="../../../media/documentation/lemonldap-ng-packages.png" class="mediacenter" alt="" /></a>
|
|
</p>
|
|
|
|
</div>
|
|
<!-- SECTION "Organization" [46-943] -->
|
|
<h2><a name="get_the_packages" id="get_the_packages">Get the packages</a></h2>
|
|
<div class="level2">
|
|
|
|
</div>
|
|
<!-- SECTION "Get the packages" [944-973] -->
|
|
<h3><a name="yum_repository" id="yum_repository">YUM repository</a></h3>
|
|
<div class="level3">
|
|
|
|
<p>
|
|
|
|
You can add this YUM repository to get recent packages:
|
|
|
|
</p>
|
|
<pre class="code">
|
|
vi /etc/yum.repos.d/lemonldap-ng.repo
|
|
</pre>
|
|
<pre class="file">
|
|
[lemonldap-ng]
|
|
name=LemonLDAP::NG packages
|
|
baseurl=http://lemonldap-ng.org/rpm/
|
|
enabled=1
|
|
gpgcheck=1
|
|
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-OW2
|
|
</pre>
|
|
|
|
<p>
|
|
<p><div class="notetip">
|
|
Change the base <acronym title="Uniform Resource Locator">URL</acronym> for EL6 packages:
|
|
|
|
</p>
|
|
<pre class="file">
|
|
baseurl=http://lemonldap-ng.org/rpm6/
|
|
</pre>
|
|
|
|
<p>
|
|
|
|
|
|
</div></p>
|
|
</p>
|
|
|
|
<p>
|
|
Run this to update packages cache:
|
|
|
|
</p>
|
|
<pre class="code">
|
|
yum update
|
|
</pre>
|
|
|
|
<p>
|
|
<p><div class="notewarning">
|
|
You must also install a repository for non-core dependencies. Example with EPEL:
|
|
|
|
</p>
|
|
<pre class="code shell">rpm -Uvh http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-4.noarch.rpm</pre>
|
|
|
|
<p>
|
|
See <a href="../../documentation/1.3/prereq.html#yum" class="wikilink1" title="documentation:1.3:prereq">prerequisites and dependencies</a> chapter for more.
|
|
|
|
</div></p>
|
|
</p>
|
|
|
|
</div>
|
|
<!-- SECTION "YUM repository" [974-1728] -->
|
|
<h3><a name="manual_download" id="manual_download">Manual download</a></h3>
|
|
<div class="level3">
|
|
|
|
<p>
|
|
|
|
RPMs are available on the <a href="../../download.html" class="wikilink1" title="download">Download page</a>.
|
|
</p>
|
|
|
|
</div>
|
|
<!-- SECTION "Manual download" [1729-1811] -->
|
|
<h2><a name="package_gpg_signature" id="package_gpg_signature">Package GPG signature</a></h2>
|
|
<div class="level2">
|
|
|
|
<p>
|
|
|
|
The GPG key can be downloaded here: <a href="../media/rpm-gpg-key-ow2" class="media mediafile mf_" title="rpm-gpg-key-ow2">rpm-gpg-key-ow2</a>
|
|
</p>
|
|
|
|
<p>
|
|
Install it to trust RPMs:
|
|
</p>
|
|
<pre class="code">
|
|
rpm --import rpm-gpg-key-ow2
|
|
</pre>
|
|
|
|
</div>
|
|
<!-- SECTION "Package GPG signature" [1812-1977] -->
|
|
<h2><a name="install_packages" id="install_packages">Install packages</a></h2>
|
|
<div class="level2">
|
|
|
|
</div>
|
|
<!-- SECTION "Install packages" [1978-2007] -->
|
|
<h3><a name="with_yum" id="with_yum">With YUM</a></h3>
|
|
<div class="level3">
|
|
|
|
<p>
|
|
|
|
If the packages are stored in a yum repository:
|
|
|
|
</p>
|
|
<pre class="code shell">yum install lemonldap-ng</pre>
|
|
<pre class="code shell">Transaction Summary
|
|
===================================================
|
|
Install 82 Package(s)
|
|
Upgrade 0 Package(s)
|
|
|
|
Total download size: 18 M
|
|
Is this ok [y/N]: y</pre>
|
|
|
|
<p>
|
|
You can also use yum on local RPMs file:
|
|
|
|
</p>
|
|
<pre class="code">
|
|
yum localinstall lemonldap-ng-* perl-Lemonldap-NG-*
|
|
</pre>
|
|
|
|
</div>
|
|
<!-- SECTION "With YUM" [2008-2425] -->
|
|
<h3><a name="with_rpm" id="with_rpm">With RPM</a></h3>
|
|
<div class="level3">
|
|
|
|
<p>
|
|
|
|
Before installing the packages, install all <a href="../../documentation/1.3/prereq.html" class="wikilink1" title="documentation:1.3:prereq">dependencies</a>.
|
|
</p>
|
|
|
|
<p>
|
|
You have then to install all the downloaded packages:
|
|
|
|
</p>
|
|
<pre class="code">
|
|
rpm -Uvh lemonldap-ng-* perl-Lemonldap-NG-*
|
|
</pre>
|
|
|
|
<p>
|
|
|
|
<p><div class="notetip">
|
|
You can choose to install only one component by choosing the package <code>lemonldap-ng-portal</code>, <code>lemonldap-ng-handler</code> or <code>lemonldap-ng-manager</code>.
|
|
</p>
|
|
|
|
<p>
|
|
Install the package <code>lemonldap-ng-conf</code> on all server which contains one of those packages.
|
|
|
|
</div></p>
|
|
</p>
|
|
|
|
<p>
|
|
<p><div class="notewarning">
|
|
If you install packages on 64bits system, create those symbolic links:
|
|
|
|
</p>
|
|
<pre class="code">
|
|
ln -s /usr/lib/perl5/vendor_perl/5.8.8/Lemonldap /usr/lib64/perl5/
|
|
ln -s /usr/lib/perl5/vendor_perl/5.8.8/auto/Lemonldap /usr/lib64/perl5/auto/
|
|
</pre>
|
|
|
|
<p>
|
|
|
|
|
|
</div></p>
|
|
</p>
|
|
|
|
</div>
|
|
<!-- SECTION "With RPM" [2426-3147] -->
|
|
<h2><a name="first_configuration_steps" id="first_configuration_steps">First configuration steps</a></h2>
|
|
<div class="level2">
|
|
|
|
</div>
|
|
<!-- SECTION "First configuration steps" [3148-3186] -->
|
|
<h3><a name="change_default_dns_domain" id="change_default_dns_domain">Change default DNS domain</a></h3>
|
|
<div class="level3">
|
|
|
|
<p>
|
|
|
|
By default, <acronym title="Domain Name System">DNS</acronym> domain is <code>example.com</code>. You can change it quick with a sed command. For example, we change it to <code>ow2.org</code>:
|
|
</p>
|
|
<pre class="code shell">sed -i 's/example\.com/ow2.org/g' /etc/lemonldap-ng/* /var/lib/lemonldap-ng/conf/lmConf-1 /var/lib/lemonldap-ng/test/index.pl</pre>
|
|
|
|
</div>
|
|
<!-- SECTION "Change default DNS domain" [3187-3501] -->
|
|
<h3><a name="apache_virtual_host" id="apache_virtual_host">Apache virtual host</a></h3>
|
|
<div class="level3">
|
|
|
|
<p>
|
|
|
|
If <acronym title="LemonLDAP::NG">LL::NG</acronym> is the only software installed in Apache, the virtual host feature may not have already been activated.
|
|
</p>
|
|
|
|
<p>
|
|
To do it, uncomment the <code>NameVirtualHost</code> line in <code>/etc/httpd/conf.d/z-lemonldap-ng-handler.conf</code>:
|
|
</p>
|
|
<pre class="code file apache"><span class="kw1">NameVirtualHost</span> *:<span class="nu0">80</span></pre>
|
|
|
|
<p>
|
|
Check Apache configuration and restart:
|
|
|
|
</p>
|
|
<pre class="code shell">apachectl configtest
|
|
apachectl restart</pre>
|
|
|
|
</div>
|
|
<!-- SECTION "Apache virtual host" [3502-3896] -->
|
|
<h3><a name="reload_virtual_host" id="reload_virtual_host">Reload virtual host</a></h3>
|
|
<div class="level3">
|
|
|
|
<p>
|
|
|
|
To allow the manager to reload the configuration, register the reload virtual host name in the hosts of the server:
|
|
|
|
</p>
|
|
<pre class="code shell">echo "127.0.0.1 reload.example.com" >> /etc/hosts</pre>
|
|
|
|
<p>
|
|
<p><div class="notetip">Adapt the reload virtual host name to the domain you configured.
|
|
</div></p>
|
|
</p>
|
|
|
|
</div>
|
|
<!-- SECTION "Reload virtual host" [3897-4198] -->
|
|
<h3><a name="upgrade" id="upgrade">Upgrade</a></h3>
|
|
<div class="level3">
|
|
|
|
<p>
|
|
|
|
If you upgraded <acronym title="LemonLDAP::NG">LL::NG</acronym>, check all <a href="../../documentation/1.3/upgrade.html" class="wikilink1" title="documentation:1.3:upgrade">upgrade notes</a>.
|
|
</p>
|
|
|
|
<p>
|
|
For apache configuration, you may have to remove the old symbolic link, if not done by the RPM:
|
|
|
|
</p>
|
|
<pre class="code shell">rm -f /etc/httpd/conf.d/z-lemonldap-ng.conf</pre>
|
|
|
|
<p>
|
|
Your old Apache configuration should have been saved, you need to port your specificities in new Apache configuration files:
|
|
|
|
</p>
|
|
<pre class="code shell">vi /etc/lemonldap-ng/apache2.conf.rpmsave</pre>
|
|
|
|
<p>
|
|
The upgrade process will also have migrate old configuration files into <code>/etc/lemonldap-ng/lemonldap-ng.ini</code>. This includes the application list which is now set in the <code>applicationList</code> parameter from <code>[portal]</code> section, for example:
|
|
|
|
</p>
|
|
<pre class="code file ini"><span class="re0"><span class="br0">[</span>portal<span class="br0">]</span></span>
|
|
<span class="re1">applicationList</span><span class="sy0">=</span><span class="re2"><span class="br0">{</span> 'Menu' <span class="sy0">=</span>> <span class="br0">{</span> type <span class="sy0">=</span>> 'category', 'Example' <span class="sy0">=</span>> <span class="br0">{</span> type <span class="sy0">=</span>> 'category', 'test1' <span class="sy0">=</span>> <span class="br0">{</span> type <span class="sy0">=</span>> 'application', options <span class="sy0">=</span>> <span class="br0">{</span> name <span class="sy0">=</span>> 'Application Test <span class="nu0">1</span>', uri <span class="sy0">=</span>> 'http://test1.example.com/', description <span class="sy0">=</span>> 'A simple application displaying authenticated user', logo <span class="sy0">=</span>> 'wheels.png', display <span class="sy0">=</span>> 'auto', <span class="br0">}</span>, <span class="br0">}</span>,'test2' <span class="sy0">=</span>> <span class="br0">{</span> type <span class="sy0">=</span>> 'application', options <span class="sy0">=</span>> <span class="br0">{</span> name <span class="sy0">=</span>> 'Application Test <span class="nu0">2</span>', uri <span class="sy0">=</span>> 'http://test2.example.com/', description <span class="sy0">=</span>> 'The same simple application displaying authenticated user', logo <span class="sy0">=</span>> 'wheels.png', display <span class="sy0">=</span>> 'auto', <span class="br0">}</span>, <span class="br0">}</span>, <span class="br0">}</span>,'Administration' <span class="sy0">=</span>> <span class="br0">{</span> type <span class="sy0">=</span>> 'category', 'manager' <span class="sy0">=</span>> <span class="br0">{</span> type <span class="sy0">=</span>> 'application', options <span class="sy0">=</span>> <span class="br0">{</span> name <span class="sy0">=</span>> 'WebSSO Manager', uri <span class="sy0">=</span>> 'http://manager.example.com/', description <span class="sy0">=</span>> 'Configure LemonLDAP::NG WebSSO', logo <span class="sy0">=</span>> 'tools.png', display <span class="sy0">=</span>> 'on', <span class="br0">}</span>, <span class="br0">}</span>,'sessions' <span class="sy0">=</span>> <span class="br0">{</span> type <span class="sy0">=</span>> 'application', options <span class="sy0">=</span>> <span class="br0">{</span> name <span class="sy0">=</span>> 'Sessions explorer', uri <span class="sy0">=</span>> 'http://manager.example.com/sessions.pl', description <span class="sy0">=</span>> 'Explore WebSSO sessions', logo <span class="sy0">=</span>> 'tools.png', display <span class="sy0">=</span>> 'on', <span class="br0">}</span>, <span class="br0">}</span>, <span class="br0">}</span>,'Documentation' <span class="sy0">=</span>> <span class="br0">{</span> type <span class="sy0">=</span>> 'category', 'localdoc' <span class="sy0">=</span>> <span class="br0">{</span> type <span class="sy0">=</span>> 'application', options <span class="sy0">=</span>> <span class="br0">{</span> name <span class="sy0">=</span>> 'Local documentation', uri <span class="sy0">=</span>> 'http://manager.example.com/doc/', description <span class="sy0">=</span>> 'Documentation supplied with LemonLDAP::NG', logo <span class="sy0">=</span>> 'docs.png', display <span class="sy0">=</span>> 'on', <span class="br0">}</span>, <span class="br0">}</span>,'officialwebsite' <span class="sy0">=</span>> <span class="br0">{</span> type <span class="sy0">=</span>> 'application', options <span class="sy0">=</span>> <span class="br0">{</span> name <span class="sy0">=</span>> 'Offical Website', uri <span class="sy0">=</span>> 'http://wiki.lemonldap.objectweb.org/xwiki/bin/view/NG/Presentation', description <span class="sy0">=</span>> 'Official LemonLDAP::NG Website', logo <span class="sy0">=</span>> 'web.png', display <span class="sy0">=</span>> 'on', <span class="br0">}</span>, <span class="br0">}</span>, <span class="br0">}</span>, <span class="br0">}</span>, <span class="br0">}</span></span></pre>
|
|
|
|
<p>
|
|
<p><div class="noteimportant">You should now use the Manager to configure all <a href="../../documentation/1.3/portalmenu.html#categories_and_applications" class="wikilink1" title="documentation:1.3:portalmenu">applications and categories</a>, and then comment or remove the <code>applicationList</code> parameter from <code>/etc/lemonldap-ng/lemonldap-ng.ini</code>.
|
|
</div></p>
|
|
</p>
|
|
|
|
</div>
|
|
<!-- SECTION "Upgrade" [4199-6708] -->
|
|
<h3><a name="dns" id="dns">DNS</a></h3>
|
|
<div class="level3">
|
|
|
|
<p>
|
|
|
|
Configure your <acronym title="Domain Name System">DNS</acronym> server to resolve names with your server <acronym title="Internet Protocol">IP</acronym>.
|
|
</p>
|
|
|
|
<p>
|
|
<p><div class="notetip">
|
|
For tests with <code>example.com</code>, launch the following :
|
|
|
|
</p>
|
|
<pre class="code shell">cat /etc/lemonldap-ng/for_etc_hosts >> /etc/hosts</pre>
|
|
|
|
<p>
|
|
|
|
|
|
</div></p>
|
|
</p>
|
|
|
|
<p>
|
|
Follow the <a href="../../documentation/1.3/start.html#configuration" class="wikilink1" title="documentation:1.3:start">next steps</a>
|
|
</p>
|
|
|
|
</div>
|
|
<!-- SECTION "DNS" [6709-6981] -->
|
|
<h2><a name="file_location" id="file_location">File location</a></h2>
|
|
<div class="level2">
|
|
<ul>
|
|
<li class="level1"><div class="li"> Configuration is in /etc/lemonldap-ng</div>
|
|
</li>
|
|
<li class="level1"><div class="li"> LemonLDAP::NG configuration (edited by the Manager) is in /var/lib/lemonldap-ng/conf/</div>
|
|
</li>
|
|
<li class="level1"><div class="li"> All <acronym title="Practical Extraction and Report Language">Perl</acronym> modules are in the VENDOR perl directory </div>
|
|
</li>
|
|
<li class="level1"><div class="li"> All <acronym title="Practical Extraction and Report Language">Perl</acronym> scripts/pages are in /var/lib/lemonldap-ng/</div>
|
|
</li>
|
|
<li class="level1"><div class="li"> All static content (examples, <acronym title="Cascading Style Sheets">CSS</acronym>, images, etc.) is in /usr/share/lemonldap-ng/</div>
|
|
</li>
|
|
</ul>
|
|
|
|
</div>
|
|
<!-- SECTION "File location" [6982-7338] -->
|
|
<h2><a name="build_your_packages" id="build_your_packages">Build your packages</a></h2>
|
|
<div class="level2">
|
|
|
|
<p>
|
|
|
|
If you need it, you can rebuild RPMs:
|
|
</p>
|
|
<ul>
|
|
<li class="level1"><div class="li"> Install rpm-build package</div>
|
|
</li>
|
|
<li class="level1"><div class="li"> Install all build dependencies (see BuildRequires in lemonldap-ng.<acronym title="specification">spec</acronym>)</div>
|
|
</li>
|
|
<li class="level1"><div class="li"> Put LemonLDAP::NG tarball in %_topdir/SOURCES</div>
|
|
</li>
|
|
<li class="level1"><div class="li"> Edit ~/.rpmmacros and set your build parameters (example for RHEL5):</div>
|
|
</li>
|
|
</ul>
|
|
<pre class="file">
|
|
%_topdir /home/user/build
|
|
%dist .el5
|
|
%rhel 5
|
|
</pre>
|
|
<ul>
|
|
<li class="level1"><div class="li"> Go to %_topdir</div>
|
|
</li>
|
|
<li class="level1"><div class="li"> Build:</div>
|
|
</li>
|
|
</ul>
|
|
<pre class="code">
|
|
rpmbuild -ta SOURCES/lemonldap-ng-VERSION.tar.gz
|
|
</pre>
|
|
|
|
</div>
|
|
<!-- SECTION "Build your packages" [7339-] --></div><!-- closes <div class="dokuwiki export">--> |