Versions Compared

Old Version 5

changes.mady.by.user Josh Thompson

Saved on

compared with

New Version 6

changes.mady.by.user Josh Thompson

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. copy your old code out of the way
    Code Block
    cd /var/www/html
mv vcl ~/vcl_2.2.1_web
  2. copy the new code in place
    Code Block
    cd /root/apache-VCL-2.3-incubating
cp -r web /var/www/html/vcl
  3. copy your 2.2.1 config files
    Code Block
    cd ~/vcl_2.2.1_web/.ht-inc
cp conf.php secrets.php pubkey.pem keys.pem /var/www/html/vcl/.ht-inc
  4. Make the maintenance directory writable by the web server user. You will need to know what user httpd runs as on your server. This can be found with
    Code Block
    ps aux | grep httpd
    Look at the first column. One process will be owned by root. The remaining processes will be owned by the web server user. Now, own /var/www/html/vcl/.ht-inc/maintenance to that user (replacing 'apache' with your web server user if different):
    Code Block
    chown apache /var/www/html/vcl/.ht-inc/maintenance
  5. make some changes to conf.php:
    Code Block
    vi /var/www/html/vcl/.ht-inc/conf.php or nano /var/www/html/vcl/.ht-inc/conf.php
    1. $blockNotifyUsers has been replaced by a user group permission so it needs to be removed
    2. Multilingualization has been added VCL - so DEFAULTLOCALE has been to conf.php to set the default locale. Add
      Code Block
      define("DEFAULTLOCALE", "en_US");
      to your file, changing en_US if needed to match your locale. You can look in /var/www/html/vcl/locale to see which ones are available.
    3. some LDAP related items have been simplified in the code using some additional options in $authMechs. For any LDAP entries, you need to add two options. "lookupuserbeforeauth" is used if you need VCL to look up the full DN of a user and use that when doing the bind that authenticates the user (if you don't know what this means, leave it set to 0). If you need to set it to 1, then you will need to set "lookupuserfield" to what LDAP attribute to use when looking up the user's DN (typically either 'cn', 'uid', or 'samaccountname')
      Code Block
      "lookupuserbeforeauth" => 0,
"lookupuserfield" => '',
    4. If you are using any Local accounts for authentication, you need to modify the entries for $addUserFunc and $updateUserFunc. Change
      Code Block
      $addUserFunc[$item['affiliationid']] = create_function('', 'return 0;');
$updateUserFunc[$item['affiliationid']] = create_function('', 'return 0;');
      to
      Code Block
      $addUserFunc[$item['affiliationid']] = create_function('', 'return NULL;');
$updateUserFunc[$item['affiliationid']] = create_function('', 'return NULL;');
      If you are using Shibboleth authentication, you need to add the following lines for each affiliation using Shibboleth, replacing all occurances of 'affilid' with the id for that affiliation
    5. Add the following definition:
      Code Block
      $affilValFunc[affilid] = create_function('', 'return 1;');
$addUserFunc[affilid] = 'addShibUserStub';
$addUserFuncArgs[affilid] = affilid;
$updateUserFunc[affilid] = create_function('', 'return NULL;');
define("ALLOWADDSHIBUSERS", 0);
      If you are using Shibboleth and would like to be able to add users to groups before the user has ever logged in to VCL, you can set this to 1. However, please note that if you typo the userid, there is no way to verify it, and the user will be added with the typoed userid.

Restart httpd service

Code Block
service httpd start or /etc/init.d/httpd start

...