Manual Installation: Steps
Prev Chapter 8. Manual Installation Next

Manual Installation: Steps

Preparation - With Root Account

  1. Create the wacs user account and group and place your own username in the group file (/etc/group or distributed name service equivalent). This is easily done with the useradd command on Redhat-based distributions: 
    # groupadd -r wacs
# useradd -m -g wacs -r -c "WACS Files Owner" \
  -s /bin/bash wacs 
#
  2. check the web server is working, install the barebones WACS index pages from the htmlbones directory of the distribution into your web tree and check you can see it. On a default Fedora Core 5 installation, this would be done with: 
    # cd unpack_location
# mkdir /var/www/html/wacs
# cp -rp htmlbones/* /var/www/html/wacs
#
  3. For the perl modules, first check whether your operating system distribution includes them - Fedora Core 5 had packages called perl-DBI and perl-DBD-MySQL - so these could be simply installed with yum install perl-DBI and yum install perl-DBD-MySQL. The next easiest way to install the necessary perl modules, if they are not already present, is to use the cpan command. On some recent releases, the cpan command has become optional, you will have to do a yum install cpan first. Once you have cpan, the necessary perl module installs can typically be done with: 
    # cpan XML::Simple
# cpan Data::Dumper
# cpan File::Basename
# cpan MIME::Base64
#

Preparation - Web Hosting Site

The first step is to create a new folder under the web document tree (conventionally public_html) called wacs. Into this directory you need to copy all the components in the unpack_location/htmlbones directory and it's sub-directories, retaining the directory structure as found below htmlbones. There are a number of ways in which to achieve this and they vary enormously depending on your hosting provider, level of access at your hosting provider and equipment available to you locally.

The second step is to check with the Perl Modules option in the control panel and make sure that DBI and DBD::MySQL modules are available. If not, you may need to either go through the process of importing them from CPAN or raise a support call with your hosting provider asking for them to be added.

Wacs Code - With Root Account

  1. install the Wacs.pm, WacsUI.pm, WacsStd.pm and WacsId.pm perl modules into the site_perl directory of your system - change the 5.8.8 to whatever your current version of perl is. [NB: note the change of case of the first letter of the perl module name from wacs.pm to Wacs.pm, and of wacsid.pm to WacsId.pm]: 
    # cd unpack_location
# cp modules/wacs.pm /usr/lib/perl5/site_perl/5.8.8/Wacs.pm
# cp modules/wacsui.pm /usr/lib/perl5/site_perl/5.8.8/WacsUI.pm
# cp modules/wacsstd.pm /usr/lib/perl5/site_perl/5.8.8/WacsStd.pm
# cp modules/wacsid.pm /usr/lib/perl5/site_perl/5.8.8/WacsId.pm
#
  2. install the wacs PAM (Plugable Authentication Modules) configuration into the /etc/pam.d directory. You will also need to compile the pam_auth program using the provided make file and then install the binary created into whereever your tooldirs configuration variable is set to (a common value is /usr/local/bin). If this compilation fails, the most likely cause is that the libpam development package is not installed. Then you need to create the /var/run/wacs directory where the dynamic leases files are stored and change it's ownership to apache (or whatever your web server user is). 
    # cp unpack_location/security/wacs.pam /etc/pam.d/wacs
# chown root.root /etc/pam.d/wacs
# chmod 644 /etc/pam.d/wacs
# cd unpack_location/security
# make -f Makefile all
Building pam_auth.x86_64-Fedora8 ...
cc -o pam_auth.`arch`-`lsb_release -si | sed 's/\ /_/g'``lsb_release -sr`
	pam_auth.c -lpam
# ls pam_auth*
pam_auth    pam_auth.c   pam_auth.x86_64-Fedora8
# cp pam_auth.x86_64-Fedora8 /usr/local/bin/pam_auth
# chown root.wacs /usr/local/bin/pam_auth
# chmod u+s /usr/local/bin/pam_auth
# mkdir /var/run/wacs
# chown apache.apache /var/run/wacs
#
    [Note]Note

    if you run selinux (Security Enhanced Linux) on Fedora Core or Redhat (or another future distro that includes it), you will need to give apache privilege to read the /var/run/wacs directory - this can be done by changing the context of the directories and files. The commands to do this are: 

    # chcon system_u:object_r:httpd_sys_content_t /var/run/wacs
# chcon -R system_u:object_r:httpd_sys_content_t /var/run/wacs/*
#
    If the leases file does not exist when you first do this and you encounter problems, try using the second of these two commands again.
  3. install the wacs application programs into the cgi-bin tree: 
    # cd unpack_location
# cp index/wacs* models/wacs* presentation/wacs* /var/www/cgi-bin/
# cp retrieval/wacs* search/wacs* tag/wacs* /var/www/cgi-bin/
# cp security/wacslogin /var/www/cgi-bin/
# cp security/wacslogout /var/www/cgi-bin/
# cp security/wacspref /var/www/cgi-bin/
# cp manage/wacs* /var/www/cgi-bin/
# chmod 755 /var/www/cgi-bin/wacs*
#
  4. install the wacs application programs into the cgi-bin tree: 
    # cd unpack_location
# cp index/wacs* models/wacs* presentation/wacs* /var/www/cgi-bin/
# cp retrieval/wacs* search/wacs* tag/wacs* /var/www/cgi-bin/
# cp security/wacs* manage/wacs* /var/www/cgi-bin/
# chmod 755 /var/www/cgi-bin/wacs*
#
  5. copy the applications that are just duplicate versions of existing commands and change the appropriate mode variables: 
    # cd /var/www/cgi-bin
# cp wacsmodelpage wacsmpthumbs
# editor wacsmpthumbs
# cp wacsmodelpage wacsmpmini
# editor wacsmpmini
# cp wacsimgcats wacsvidcats
# editor wacsvidcats
# cp wacsimgcats wacsphotcats
# editor wacsphotcats
# cp wacsimglist wacsvidlist
# editor wacsvidlist
# cp wacsnewsets wacsnewvideo
# editor wacsnewvideo
#
    edit the file and change the mode variable (thumbsmode in this case). Repeat this process for wacsimgcats becomes wacsvidcats and wacsphotcats, and so on. At the end, make sure all of the copies are executable: 
    # cd /var/www/cgi-bin
# chmod 755 wacs*

Wacs Code - Web Hosting Site

Due to limitations on what you can install, the ability to authenticate user accounts using the operating system tools cannot be implemented when using a Web Hosting Site. You will therefore have to use one of the other authentication techniques - permanent access lists or enable all access at the WACS level and then use Apache's .htaccess files to demand a password before accessing those commands.

[Note]Note

We will be addressing these issues in a future release, hopefully the very next release, Wacs 0.8.5. Support for using Wacs on a web hosting site has been added right at the very end of development work on the Wacs 0.8.4 series as we've been creating our demonstration site, PinkMetallic.com

The first step is to copy the Wacs Perl Modules into an appropriate place - our web hosting provider had already created a perl subdirectory of our account's home directory, so we used that. That probably makes sense even if it hasn't already been done for you.

# cd unpack_location
# cp modules/wacs.pm ~/perl/Wacs.pm
# cp modules/wacsui.pm ~/perl/WacsUI.pm
# cp modules/wacsstd.pm ~/perl/WacsStd.pm
# cp modules/wacsid.pm ~/perl/WacsId.pm
#
[Tip]Tip

Note the change of case of the names; most command line ftp/sftp tools will allow you to specify a second name on a put command for the name of the file at the destination. Thus you can do: put wacs.pm Wacs.pm to do the name change as part of the transfer itself.

You can skip all of the bits about security and the pam modules as we'll be unable to use those aspects of the Wacs system on a web hosting service. The next step is setting up the cgi-bin directory - the first thing to do is to find out where the hosting provider has put it. In the case of the provider we're using for PinkMetallic.com this is a sub-directory called cgi-bin under the public_html directory.

In common with the packaged versions of Wacs, we're going to recommend putting the wacs scripts into a sub-directory of the cgi-bin directory when using a web hosting service. 

# cd unpack_location
# cp index/wacs* ~/public_html/cgi-bin/wacs/
# cp models/wacs* ~/public_html/cgi-bin/wacs/
# cp presentation/wacs* ~/public_html/cgi-bin/wacs/
# cp retrieval/wacs* ~/public_html/cgi-bin/wacs/
# cp search/wacs* ~/public_html/cgi-bin/wacs/
# cp tag/wacs* ~/public_html/cgi-bin/wacs/
# cp security/wacslogin ~/public_html/cgi-bin/wacs/
# cp security/wacslogout ~/public_html/cgi-bin/wacs/
# cp security/wacspref ~/public_html/cgi-bin/wacs/
# cp manage/wacs* ~/public_html/cgi-bin/wacs/
# chmod 755 ~/public_html/cgi-bin/wacs/wacs*
#

As described above, the next step is to make copies of those wacs applications that are merely versions of existing applications with alternative default values. In most cases, this will be changing variables called either thumbsmode or vidmode as appropriate.

# cd ~/public_html/cgi-bin/wacs
# cp wacsmodelpage wacsmpthumbs
# editor wacsmpthumbs
# cp wacsmodelpage wacsmpmini
# editor wacsmpmini
# cp wacsimgcats wacsvidcats
# editor wacsvidcats
# cp wacsimgcats wacsphotcats
# editor wacsphotcats
# cp wacsimglist wacsvidlist
# editor wacsvidlist
# cp wacsnewsets wacsnewvideo
# editor wacsnewvideo
#

One additional step we have to take within the web hosting environment is to add symbolic links within the cgi-bin directory back out to the ~/perl directory in order that our web applications can pick up the Wacs perl modules. This is done as follows:

# cd /home/yoursite/public_html/cgi-bin/wacs
# ln -s /home/yoursite/perl/Wacs.pm
# ln -s /home/yoursite/perl/WacsUI.pm
# ln -s /home/yoursite/perl/WacsStd.pm
# ln -s /home/yoursite/perl/WacsId.pm
#

Configuration - With Root Account

  1. install the configuration file, wacs.cfg into a suitable location such as /etc/wacs.d or /usr/local/etc/wacs.d. Edit this file and make sure the key settings are right for your server, specifically the location of the image files, the location of the video files and the server name in the URLs. You will also need settings for the database user name and password you intend to use, and the environment and path locations needed for the database system you are using. For more information, see the Configuration Guide.
  2. create a suitable permanent access control list in the configuration directory choosen above, the supplied wacs.acl should provide a suitable template. This step can be skipped if you're only ever going to use lease-based access with logins. For more information on the format of the access control lists, please see the section on security in the Configuration guide.

Configuration - Web Hosting Site

This is one area where the procedure for a Web Hosting Site is significantly more complex than that for a conventional Wacs install as practically all of the entries related to database and file system locations (fsloc) will need tuning based upon actual layout of the account on the web hosting site.

The first step is to create a suitable sub-directory for the wacs configuration files, ideally in the top level of your file space. If at all possible DO NOT put it in the web space directory as it contains passwords and other configuration items which you do not want everyone to be able to access. Next you want to find out the full path name of your top level directory, for which you use the pwd to the Linux/Unix shell.

# pwd
/home/yoursite
#

Your wacs configuration files will therefore live in /home/yoursite/wacs.d instead of the normal location of /etc/wacs.d. To make this change we have to go into the Wacs.pm perl module in the perl sub-directory and make the appropriate change. We could avoid this if the web hosting provider would allow us to establish the WACS_CONFIG environment variable in the appropriate virtual server configuration section in the apache web server. Our hosting provider would not do this for us so we have to work around that by modifying the default value in the Wacs.pm perl module itself. This is a little unfortunate in that it'll mean we have to modify this module each and every time there is a Wacs code update that affects it.

Here's the appropriate change you need to make - what we've done here is copy the line setting the existing value called default_location1 and commented out the original version with a hash (# ) symbol at the start of the line. We've then edited the copy to have the new location on our web hosting provider's site there as the first default location:

# Assumptions
my $fssep = '/';

# Where to find the WACS configuration
#my $default_location1="/etc/wacs.d";
my $default_location1="/home/yoursite/wacs.d";
my $default_location2="/usr/local/etc/wacs.d";
my $default_location3="/opt/wacs/etc/wacs.d";
my $default_specifier="WACS_CONFIG";

The next step is to copy into this new wacs.d directory a sample wacs.cfg and wacs.acl file. We've provided a sample pair that will hopefully be a good starting point in the conf/WebHost sub-directory of the wacs source distribution. Please do make sure that you manually create at least each toplevel directory under your account's home area - ie run, cache, etc.

Database - With Root Account

  1. create a suitable owner account for the wacs data tables in your database system. The instructions here cover doing this for both MySQL and Oracle 10g, in that order. With MySQL 5.x, this would be done with: 
    % mysql --user=root
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 17 to server version: 5.0.22

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> create database wacs;

mysql> create user 'wacs'@'myserver' identified by 'wacs';

mysql> create user 'wacs'@'localhost' identified by 'wacs';

mysql> grant all on wacs.* to wacs;

mysql> commit;

mysql> flush privileges;

mysql> quit
    With Oracle 10g, this would be something like: 
    % sqlplus
SQL*Plus: Release 10.1.0.3.0 - Production on Fri Sep 29 14:53:56 2006
Copyright (c) 1982, 2004, Oracle.  All rights reserved.

Enter user-name: system
Password: *******

Connected to:
Oracle Database 10g Release 10.1.0.3.0 - 64bit Production

SQL> create user wacs identified by wacs;

User created.

SQL> grant connect, resource to wacs;

Grant succeeded.

SQL> alter user wacs default tablespace main
   quota unlimited on main;

User altered.

SQL> commit;

Commit complete.

SQL> quit
Disconnected from Oracle Database 10g Release 10.1.0.3.0 - 64bit Production
    Of course there is a huge amount of variance in how any given database is installed, so you will need some knowledge about your installation. For instance, your main tablespace may not be called "main" as it is in the example.

Database - With Web Hosting

This is an area within the process where unfortunately we can't give you much help as it will vary between the different web hosting providers. With our provider for the PinkMetallic.com domain, there was a control panel for creating MySQL Databases which consisted of three steps: Create New Database, then MySQL Users: Add New User and finally Add User To Database. There was an additional option of Modify Databases which we had no cause to need at this point.

With these three done in that order, we got a MySQL database account we could log into using the following:

# mysql -u yoursite_wacs -p yoursite_wacs
Enter password:
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 206917
Server version: 5.0.81-community MySQL Community Edition (GPL)

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql>

Database Schema Creation - Both Environments

  1. login as the database user just created and run the table create SQL script from the creation directory of the wacs distribution. These scripts are called by a single creation script, the one for oracle is called create_oracle.sql, the one for MySQL is called create_mysql.sql. To run this on MySQL 5.1 using the account created in the step above, you would do the following (the only difference for a web hosting service is that you probably have a yoursite_ prefix on the user and database names): 
    % cd unpack_location/creation
% mysql --user=wacs --password=wacs wacs < create_mysql
[...]
%
    To run this on Oracle 10g using the account created in the step above, you would do the following: 
    % cd unpack_location/creation
% sqlplus wacs/wacs @create_oracle
SQL*Plus: Release 10.1.0.2.0 - Production on Fri Oct 6 19:11:41 2006
Copyright (c) 1982, 2004, Oracle.  All rights reserved.

Connected to:
Oracle Database 10g Release 10.1.0.3.0 - 64bit Production

WACS Database Table Creation Script for Oracle

Commencing Table Creation:

  1. Photographer


Table created.

  2. Vendor


Table created.

  3. Sets


Table created.

  4. Models


Table created.

  5. Assoc


Table created.

  6. Idmap


Table created.

  7. Download


Table created.

  8. Tag


Table created.

  9. Conn


Table created.

 10. Keyword


Table created.

Tables Created - Committing Changes


Commit complete.

Completed.

Disconnected from Oracle Database 10g Release 10.1.0.3.0 - 64bit Production
%

Support Scripts - With Root Account

  1. The penultimate major activity is to install the tools scripts, and if required the download and migrate tools, into a suitable directory, normally this would be /usr/local/bin, but it could be put within the wacs tree if desired. /usr/local/bin is usually in the default path for all the shells and thus available to user accounts without further work. To install, do: 
    # cd unpack_location
# cp -p tools/* /usr/local/bin
# cp -p download/chkmodel /usr/local/bin
# cp -p download/getarc /usr/local/bin
# cp -p download/refresh /usr/local/bin
# cp -p migrate/* /usr/local/bin
#
    If you want to put it somewhere else, within the wacs home area would be fine, somewhere like /home/wacs/bin, but you will then need to add that directory to the path of your shell. For the C-shell, you would add set path=(/home/wacs/bin $path) into the .cshrc file in the home directory of your own account and those of other people who might be adding contents to the wacs server. For the Bourne style shells (sh,bash,etc), you would need to add PATH=/home/wacs/bin:$PATH and export PATH to the .profile or .bashrc files in the home directories. Once added, depending on the shell, you may need to type rehash to rescan the path for the new commands.

Support Scripts - With Web Hosting

The procedure here is almost exactly the same as above except of course that we cannot add things to /usr/local/bin and so we have to place them within our account's home directory.

# cd unpack_location
# cp -p tools/* ~/bin
# cp -p download/* ~/bin
# cp -p migrate/* ~/bin
#

Additionally you will need to ensure that the PERL5LIB environment variable is established within your shell environment in order to use the command line tools. This can be done initially with:

# PERL5LIB=/home/yoursite/perl
# export PERL5LIB
#

To add it to your shell configuration so it is always established, you'll need to edit your shell start-up file (usually .bashrc in your home directory) and add the following line at the bottom of it:

export PERL5LIB=/home/yoursite/perl

Populate The Initial Database - Both Environments

[Note]Note

From WACS 0.8.4 onwards we've suppressed the Inserting Entries For... messages as they were playing havoc with the formatting on wacssetup. If you want to see them, simply edit the wacs.cfg debug section and set it to 1 or higher.

  1. The next step is to populate the vendor database with the sample records, which can be done with: 
    # cd unpack_location/populate
# ./vendpop vendors.xml
Inserting Entries For Site: ATKP
Inserting Entries For Site: AMK
Inserting Entries For Site: ATE
Inserting Entries For Site: SE
#
    Please contribute back vendor descriptions you create to be included in the next release.
  2. Next we need to preload the keywords database table so that the automatic tagging will occur correctly. We do this with: 
    # cd unpack_location/populate
# ./keywordpop keywords.xml
[...]
#
  3. Finally we need to load the photographers database with some initial example records, which can be done with: 
    # cd unpack_location/populate
# ./photpop photographers.xml
[...]
#

Final Notes - With Web Hosting

[Warning]Warning

The details for how to setup WACS for use in a Web Hosting Provider's environment are new in 0.8.4 and are based on our own experience setting up PinkMetallic.com and may well be incomplete. Additionally some aspects of Wacs are not yet tailored to this kind of environment and are bound to cause issues. Please report any problems you find to us using the facilities on sourceforge or our email addresses.

There's a known issue with the security settings when you use the wacsimport and (probably) wacsxmlin. Once these have created the icons, they change the permissions of the owning directory to be accessible only by the user and group. This is not the correct strategy on a web hosting provider as their apache web server is not a member of any unix group in common with the shell user account. The quick solution to this is to run the following on the web document tree (usually under ~/public_html/ after each importation has taken place:

# cd ~/public_html
# chmod -R o+rX bigicons cache icons images wacs
#

Unfortunately there can be further issues when trying to use the WACS system in that many web hosting providers do not install all of the infra-structure that it needs, including packages like the netpbm tools which provide the image scaling and thumbnailing facilities we use extensively within WACS. It is quite possible to copy both the binary programs and the necessary shared libraries from another Linux host of similar architecture onto your space on the web hosting provider. The alternative approach is to compile the netpbm suite from source code and then statically link the resulting binaries. This is what we had to do to make the PinkMetallic.com site work. The commands below show what we did - the first command being to determine the CPU/runtime architecture being used - in this case standard 64-bit AMD/Intel EMT architecture, and the second to determine the distribution being used:

# uname -p
x86_64
# uname -r
2.6.18-128.1.6.el5
# mkdir ~/lib
# export LD_LIBRARY_PATH=/home/yoursite/lib
#
[Tip]Tip

We understand this step is non-trivial and confusing and there's very little we can do about this other than to invite you to post on the wacs-users mailing list for help and advice. Each web hosting provider probably has a different combination and there is little else we can do other than offer to help as best we can.

This tells us (from experience) that we're dealing with a RedHat Enterprise Linux distribution running on a 64-bit AMD-style architecture processor. For that centos.org is the best place to find suitable packages for download - we selected two RPMs from one of their mirror sites: netpbm-10.35.58-8.el5.x86_64.rpm for the libraries and netpbm-progs-10.35.58-8.el5.x86_64.rpm for the tool binaries. We then used the rpm2cpio command to covert these rpm archives into more standard archive formats and then the cpio command itself to unpack the result.

# wget http://www.mirrorservice.org/sites/mirror.centos.org/5.4/o
s/x86_64/CentOS/netpbm-10.35.58-8.el5.x86_64.rpm
[...]
# rpm2cpio netpbm-10.35.58-8.el5.x86_64.rpm > netpbm-10.35.cpio
# cpio -ivudB < netpbm-10.35.cpio
[...]
# wget http://www.mirrorservice.org/sites/mirror.centos.org/5.4/o
s/x86_64/CentOS/netpbm-progs-10.35.58-8.el5.x86_64.rpm
[...]
# rpm2cpio netpbm-progs-10.35.58-8.el5.x86_64.rpm > netpbm-progs-
10.35.cpio
[...]
# cpio -iuvdB < netpbm-progs-10.35.cpio
[...]
#

Having done this we have the entire netpbm tree contained in a directory called usr under the current directory. The first command the wacs program we were trying to run (actually it was generate) complained about was pnmscale so we fetch the pnmscale binary from usr/bin/pnmscale and transfer that up to the web hosting provider and place it in our ~/bin directory. Once we've done that we run the ldd command on it which says:

# cd ~/bin
# ldd pnmscale
	libm.so.6 => /lib64/libm.so.6 (0x000000365ee00000)
	libnetpbm.so.10 => not found
	libc.so.6 => /lib64/libc.so.6 (0x000000365e200000)
	/lib64/ld-linux-x86-64.so.2 (0x000000365de00000)
#

The pertinent thing here is that libnetpbm.so.10 is the only library we need for pnmscale to work that isn't there. If we check back in our unpacked package, we should have that file as usr/lib64/libnetpbm.so.10.35. Since it's libnetpbm.so.10 that it's asking for, we transfer our local usr/lib64/libnetpbm.so.10.35 up to the hosting provider server as libnetpbm.so.10 using the ftp/sftp put command as follows:

sftp> put usr/lib64/libnetpbm.so.10.35 libnetpbm.so.10
Uploading usr/lib64/libnetpbm.so.10.35 to /home/yoursite/lib/libnetpbm.so.10
usr/lib64/libnetpbm.so.10.35                  100%  187KB  93.3KB/s   00:02
sftp>

If we now re-run the ldd command on pnmscale, we should now see that all the dependencies are resolved. The final test is to run the command itself, and it this case it's default action is to complain that you didn't ask it to do anything. All that remains now is to do the same procedure of copying up the other files from usr/bin that Wacs is asking for. We found we needed the following: pbmtext, pnmcat, pnmscale, pnmtojpeg, pnmtopng, pnmtogif, pngtopnm, giftopnm and jpegtopnm.

The first of the two final things we have to do is to check that everything under the ~/public_html/cache tree is publicly writeable (gulp!) because we share no groups in common with the web server. The second is to add the LD_LIBRARY_PATH variable to the environment used by the web server so that the netpbm commands actually work when invoked by the wacs commands themselves. Fortunately the dbienvvar and dbienvvalue variables originally added to enable Oracle to be supported can be used for this purpose. In the wacs.cfg file, set dbienvvar to LD_LIBRARY_PATH and dbienvvalue to the path to your library directory where you placed the libnetpbm.so.10 file; it's probably something along the lines of /home/yoursite/lib. You will also need to add a suitable entry in your .bashrc or .cshrc to set LD_LIBRARY_PATH for your shell.

Prev Up Next
Chapter 8. Manual Installation Home More On SELinux