Table of Contents
This is a complex task and some level of familiarity with the Unix/Linux command line will be needed to be successful. Please make sure that all of the packages/services described in the prequisites chapter have been installed and are running correctly.
- Create the wacs user account and group and place your own
username in the group file (
/etc/groupor distributed name service equivalent). This is easily done with the useradd command on Redhat-based distributions:# groupadd -r wacs # useradd -m -g wacs -r -c "WACS Files Owner" \ -s /bin/bash wacs #
- check the web server is working, install the barebones WACS index
pages from the htmlbones directory of the distribution into your web tree
and check you can see it. On a default Fedora Core 5 installation, this
would be done with:
# cd
unpack_location# mkdir /var/www/html/wacs # cp -rp htmlbones/* /var/www/html/wacs # - For the perl modules, first check whether your operating system
distribution includes them - Fedora Core 5 had packages called
perl-DBIandperl-DBD-MySQL- so these could be simply installed with yum install perl-DBI and yum install perl-DBD-MySQL. The next easiest way to install the necessary perl modules, if they are not already present, is to use the cpan command. On some recent releases, the cpan command has become optional, you will have to do a yum install cpan first. Once you have cpan, the necessary perl module installs can typically be done with:# cpan install XML::Simple # cpan install Data::Dumper # cpan install File::Basename # cpan install MIME::Base64 #
- install the
Wacs.pm, WacsUI.pm, WacsStd.pmandWacsId.pmperl modules into the site_perl directory of your system - change the 5.8.8 to whatever your current version of perl is. [NB: note the change of case of the first letter of the perl module name from wacs.pm to Wacs.pm, and of wacsid.pm to WacsId.pm]:# cd
unpack_location# cp modules/wacs.pm /usr/lib/perl5/site_perl/5.8.8/Wacs.pm # cp modules/wacsui.pm /usr/lib/perl5/site_perl/5.8.8/WacsUI.pm # cp modules/wacsstd.pm /usr/lib/perl5/site_perl/5.8.8/WacsStd.pm # cp modules/wacsid.pm /usr/lib/perl5/site_perl/5.8.8/WacsId.pm # - install the wacs PAM (Plugable Authentication Modules)
configuration into the
/etc/pam.ddirectory. You will also need to compile the pam_auth program using the provided make file and then install the binary created into whereever your tooldirs configuration variable is set to (a common value is/usr/local/bin). If this compilation fails, the most likely cause is that the libpam development package is not installed. Then you need to create the/var/run/wacsdirectory where the dynamic leases files are stored and change it's ownership to apache (or whatever your web server user is).# cp
unpack_location/security/wacs.pam /etc/pam.d/wacs # chown root.root /etc/pam.d/wacs # chmod 644 /etc/pam.d/wacs # cdunpack_location/security # make -f Makefile all Building pam_auth.x86_64-Fedora8 ... cc -o pam_auth.`arch`-`lsb_release -si | sed 's/\ /_/g'``lsb_release -sr` pam_auth.c -lpam # ls pam_auth* pam_auth pam_auth.c pam_auth.x86_64-Fedora8 # cp pam_auth.x86_64-Fedora8 /usr/local/bin/pam_auth # chown root.wacs /usr/local/bin/pam_auth # chmod u+s /usr/local/bin/pam_auth # mkdir /var/run/wacs # chown apache.apache /var/run/wacs #If the leases file does not exist when you first do this and you encounter problems, try using the second of these two commands again.![[Note]](images/note.png)
Note if you run selinux (Security Enhanced Linux) on Fedora Core or Redhat (or another future distro that includes it), you will need to give apache privilege to read the /var/run/wacs directory - this can be done by changing the context of the directories and files. The commands to do this are:
# chcon system_u:object_r:httpd_sys_content_t /var/run/wacs # chcon -R system_u:object_r:httpd_sys_content_t /var/run/wacs/* #
- install the wacs application programs into
the cgi-bin tree:
# cd
unpack_location# cp index/wacs* models/wacs* presentation/wacs* /var/www/cgi-bin/ # cp retrieval/wacs* search/wacs* tag/wacs* /var/www/cgi-bin/ # cp security/wacs* manage/wacs* /var/www/cgi-bin/ # chmod 755 /var/www/cgi-bin/wacs* # - install the wacs application programs into the cgi-bin tree:
# cd
unpack_location# cp index/wacs* models/wacs* presentation/wacs* /var/www/cgi-bin/ # cp retrieval/wacs* search/wacs* tag/wacs* /var/www/cgi-bin/ # cp security/wacs* manage/wacs* /var/www/cgi-bin/ # chmod 755 /var/www/cgi-bin/wacs* # - copy the applications that are just duplicate versions of existing
commands and change the appropriate mode variables:
# cd /var/www/cgi-bin # cp wacsmodelpage wacsmpthumbs #
edit the file and change the mode variable (thumbsmode in this case). Repeat this process for wacsimgcats becomes wacsvidcats and wacsphotcats, and so on. At the end, make sure all of the copies are executable:editorwacsmpthumbs # cp wacsimgcats wacsvidcats #editorwacsvidcats # cp wacsimgcats wacsphotcats #editorwacsphotcats # cp wacsimglist wacsvidlist #editorwacsvidlist # cp wacsnewsets wacsnewvideo #editorwacsnewvideo ## cd /var/www/cgi-bin # chmod 755 wacs*
- install the configuration file,
wacs.cfginto a suitable location such as/etc/wacs.dor/usr/local/etc/wacs.d. Edit this file and make sure the key settings are right for your server, specifically the location of the image files, the location of the video files and the server name in the URLs. You will also need settings for the database user name and password you intend to use, and the environment and path locations needed for the database system you are using. For more information, see the Configuration Guide. - create a suitable permanent access control list in the configuration
directory choosen above, the supplied
wacs.aclshould provide a suitable template. This step can be skipped if you're only ever going to use lease-based access with logins. For more information on the format of the access control lists, please see the section on security in the Configuration guide. - create a suitable owner account for the wacs data tables in your
database system. The instructions here cover doing this for both MySQL and
Oracle 10g, in that order. With MySQL 5.x, this would be done with:
% mysql --user=root Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 17 to server version: 5.0.22 Type 'help;' or '\h' for help. Type '\c' to clear the buffer. mysql> create database wacs; mysql> create user 'wacs'@'myserver' identified by 'wacs'; mysql> create user 'wacs'@'localhost' identified by 'wacs'; mysql> grant all on wacs.* to wacs; mysql> commit; mysql> flush privileges; mysql> quit
With Oracle 10g, this would be something like:% sqlplus SQL*Plus: Release 10.1.0.3.0 - Production on Fri Sep 29 14:53:56 2006 Copyright (c) 1982, 2004, Oracle. All rights reserved. Enter user-name: system Password: ******* Connected to: Oracle Database 10g Release 10.1.0.3.0 - 64bit Production SQL> create user wacs identified by wacs; User created. SQL> grant connect, resource to wacs; Grant succeeded. SQL> alter user wacs default tablespace main quota unlimited on main; User altered. SQL> commit; Commit complete. SQL> quit Disconnected from Oracle Database 10g Release 10.1.0.3.0 - 64bit Production
Of course there is a huge amount of variance in how any given database is installed, so you will need some knowledge about your installation. For instance, your main tablespace may not be called "main" as it is in the example. - login as the database user just created and run the table create
SQL script from the creation directory of the wacs distribution. These scripts
are called by a single creation script, the one for oracle is called
create_oracle.sql, the one for MySQL is calledcreate_mysql.sql. To run this on MySQL 5.1 using the account created in the step above, you would do the following:% cd
To run this on Oracle 10g using the account created in the step above, you would do the following:unpack_location/creation % mysql --user=wacs --password=wacs wacs < create_mysql [...] %% cd
unpack_location/creation % sqlplus wacs/wacs @create_oracle SQL*Plus: Release 10.1.0.2.0 - Production on Fri Oct 6 19:11:41 2006 Copyright (c) 1982, 2004, Oracle. All rights reserved. Connected to: Oracle Database 10g Release 10.1.0.3.0 - 64bit Production WACS Database Table Creation Script for Oracle Commencing Table Creation: 1. Photographer Table created. 2. Vendor Table created. 3. Sets Table created. 4. Models Table created. 5. Assoc Table created. 6. Idmap Table created. 7. Download Table created. 8. Tag Table created. 9. Conn Table created. 10. Keyword Table created. Tables Created - Committing Changes Commit complete. Completed. Disconnected from Oracle Database 10g Release 10.1.0.3.0 - 64bit Production % - The penultimate major activity is to install the tools scripts, and
if required the download and migrate tools, into a suitable directory, normally
this would be
/usr/local/bin, but it could be put within the wacs tree if desired./usr/local/binis usually in the default path for all the shells and thus available to user accounts without further work. To install, do:# cd
If you want to put it somewhere else, within the wacs home area would be fine, somewhere likeunpack_location# cp -p tools/* /usr/local/bin # cp -p download/* /usr/local/bin # cp -p migrate/* /usr/local/bin #/home/wacs/bin, but you will then need to add that directory to the path of your shell. For the C-shell, you would addset path=(/home/wacs/bin $path)into the .cshrc file in the home directory of your own account and those of other people who might be adding contents to the wacs server. For the Bourne style shells (sh,bash,etc), you would need to addPATH=/home/wacs/bin:$PATHandexport PATHto the .profile or .bashrc files in the home directories. Once added, depending on the shell, you may need to typerehashto rescan the path for the new commands. - The next step is to populate the vendor database with the sample
records, which can be done with:
# cd
Please contribute back vendor descriptions you create to be included in the next release.unpack_location/populate # ./vendpop vendors.xml Inserting Entries For Site: ATKP Inserting Entries For Site: AMK Inserting Entries For Site: ATE Inserting Entries For Site: SE # - Next we need to preload the keywords database table so that the
automatic tagging will occur correctly. We do this with:
# cd
unpack_location/populate # ./keywordpop keywords.xml [...] # - Finally we need to load the photographers database with some initial
example records, which can be done with:
# cd
unpack_location/populate # ./photpop photographers.xml [...] #
| Note |
|---|---|
Although we have discussed the steps needed to get WACS working under SELinux, we've currently not managed to track down all of the dependencies and in the interests of expediency we have gone ahead with code development without it. At this point we do not consider the WACS 0.8.1 release or any release prior to that to be SELinux compatible. |
We therefore recommend that your operating system is configured so as to ensure that SELinux is running in a reduced mode that will not block the WACS components from working. This is only an issue on Fedora and other Red Hat based releases at present. We hope to have this resolved by the next release of WACS. You can determine the current mode of SELinux using the sestatus command:
% /usr/sbin/sestatus
SELinux status: disabled
%
To change the normal operational mode, you need to edit the file
called /etc/sysconfig/selinux and change the line
which reads SELINUX=enabled to either
SELINUX=permissive (generates big log files and
slows machine but allows for SELinux to be turned back on later more
easily) or SELINUX=disabled (which disables it
completely but can cause problems in the future if you want to switch
it back on). You will also probably want to disable it immediately
rather than doing a reboot before you can continue working on WACS - to
do this, become root and run the following:
# /usr/sbin/setenforce 0
setenforce: SELinux is disabled
#
You can check this change has taken effect by using the sestatus command again.