This changes the scripts so that:
- in koha-create, the zebra password and mysql passwords are set to 16 character "secure" passwords, ie generated with pwgen -s 16 1
- the patron password is set to a 12 character "memorable" password.
Signed-off-by: Magnus Enger <magnus@enger.priv.no>
Looks good. I did not actually build, install and test new packages,
but i did test pwgen with the new arguments and the changes make
sense.
Signed-off-by: Robin Sheat <robin@catalyst.net.nz>
QA signoff
Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
Found because cron.daily/koha output contains the error "[: 97: missing ]"
To test:
1. run koha-run-backups --days 2 --output /var/spool/koha
2. should see no output
Sponsored-by: Library of the Józef Piłsudski Institute of America
Signed-off-by: Vitor FERNANDES <vfernandes@keep.pt>
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
I still get an error:
./koha-run-backups: 58: ./koha-run-backups: koha-list: not found
But this patch fixes the syntax error
Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
This command behaves something like su(1), but provides you with a shell
as the koha user, and with the environment pointing to the right places.
Signed-off-by: Mason James <mtj@kohaaloha.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
Signed-off-by: Robin Sheat <robin@catalyst.net.nz>
Passed-QA-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
The newer version of MySQL in Ubuntu 12.04 installs a default
'localhost' user with no username. Due to the way that MySQL looks up
user details when you connect, if you connect from localhost and the
user was only created with a wildcard host (%), the anonymous localhost
user will be found instead. This means that your username is lost for
the connection, and you have no privileges.
This patch creates a second user with a hostname of 'localhost'. This
will not work if your database is on a remote server, but you probably
know what you are doing if that's the case. Patches to determine this
server's name relative to the MySQL server are welcome (or even ideas on
how to do it.)
It also fixes up a couple of other small things:
* make koha-remove stop zebra properly
* stop the warning that the password file is missing on create
Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
Works as promised.
This patch builds on work by Lars Wirzenius for the Koha packages.
To date, the only way for a Koha librarian to obtain a complete backup
of their system has been to log into the system via SSH (or FTP) to
download the mysqldump file. This patch makes it possible for
superlibrarians in properly configured systems to download night backups
via the staff client's Export tool.
Recognizing that this is functionality with potentially very grave
security implications, system administrators must manually enable these
features in the koha-conf.xml configuration file.
The following configuration settings have been added to the koha-conf.xml
file:
* backupdir => directory where backups should be stored.
* backup_db_via_tools => whether to allow superlibrarians to download
database backups via the Export tool. The default is disabled, and
there is no way -- by design -- to enable this option without manually
editing koha-conf.xml.
* backup_conf_via_tools => whether to allow superlibrarians to download
configuration backups via the Export tool (this may be applicable to
packages only). The default is disabled, and there is no way -- by
design -- to enable this option without manually editing koha-conf.xml.
This commit modifies the following scripts to make use of the new
backupdir configuration option:
* koha-dump and koha-run-backups in the Debian packages
* The sample backup script misc/cronjobs/backup.sh
Note that for security reasons, superlibrarians will not be allowed
to download files that are not owned by the web server's effective user.
This imposes a de facto dependency on ITK (for Apache) or running the
web server as the Koha user (as is done with Plack).
To test:
1. Apply patch.
2. Go to export page as a superlibrarian. Notice that no additional
export options appear because they have not been enabled.
3. Add <backupdir>$KOHADEV/var/spool</backup> to the <config> section
of your koha-conf.xml (note that you will need to adjust that so that
it is pointing at a logical directory).
4. Create the aforementioned directory.
5. Go to export page as a superlibrarian. Notice that no additional
export options appear because they have not been enabled.
6. Add <backup_db_via_tools>1</backup_db_via_tools> to the <config>
section of your koha-conf.xml
7. Go to the export page as a superlibrarian. Notice the new tab.
8. Go to the export page as a non-superlibrarian. Notice there is no
new tab.
9. Run: mysqldump -u koha -p koha | gzip > $BACKUPDIR/backup.sql.gz
(substituting appropriate user, password, and database name)
10. Go to the export page as a superlibrarian, and look at the "Export
database" tab. If you are running the web server as your Koha user,
and ran the above command as your Koha user, you should now see the
file listed as an option for download.
11. If you *did* see the file listed, change the ownership to something
else: sudo chown root:root $BACKUPDIR/backup.sql.gz
11a. Confirm that you no longer see the file listed when you look at the
"Export database" tab.
12. Change the ownership on the file to your web server (or Koha) user:
sudo chown www-data:www-data backup.sql.gz
13. Go to the export page as a superlibrarian, and look at the "Export
database" tab. You should now see backup.sql.gz listed.
14. Choose to download backup.sql.gz
15. Confirm that the downloaded file is what you were expecting.
If you are interested, you can repeat the above steps but replace
<backup_db_via_tools> with <backup_conf_via_tools>, and instead of
creating an sql file, create a tar file.
To test packaging: run koha-dump, confirm that it still creates a
usable backup.
------
This signoff contains two changes:
10-1. If no backup/conf files were present, then the message telling you
so doesn't appear and the download button does. Made them behave
correctly.
10-2. The test for a file existing required it to be owned by the
webserver UID. This change makes it so it only has to be readable.
Signed-off-by: Robin Sheat <robin@catalyst.net.nz>
Fixes bugs 6684 6997 4880:
6684 koha-remove should check the number of arguments it gets
6997 koha-remove leaves system in inconsistent state if there is an error
4880 koha-remove sometimes fails because user is logged in
Amended by chrisc@catalyst.net.nz
Trying to resolve conflicts.
Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
Rebased on top of bug 7924.
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
koha-remove would fail with a message like this:
Removing Koha instance --
ERROR 1396 (HY000) at line 1: Operation DROP USER failed for 'koha_--'@'%'
After fixing this, the --keep-mysql option made the script exit without doing
anything.
To test:
Alt 1
- Build package with build-git-snapshot
- Install package
Alt 2
- Replicate the changes in the patch in an existing installation
Then:
- Add instance1 and instance2
- koha-remove instance1
-- Check that script completes and the databse is gone
- koha-remove --keep-mysql instance2
-- Check that the script completes but the database is not removed
Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
This commit makes koha-create more flexible by adding a number of command-line
and configuration options.
The biggest change is to add support for pre-determined MySQL credentials using
a file in /etc/koha/passwd (for security reasons, if you use this feature, make
sure the file is not world-readable). The configuration file has the following
format:
instance:user:password:database
The database is optional, but the other two are both required if you want to
specify MySQL credentials. If no credentials are specified for a given instance,
the standard koha_instance username and an auto-generated password are used.
The following additional command line options are now available:
* --use-db - use a pre-existing database, see also --database
* --database - specify the name of the mysql database (still defaults to
koha_instance)
* --passwdfile - specify a custom (Koha) passwd file for MySQL credentials
The following additional variables are now available (for use in
koha-sites.conf or a custom config file):
* OPACPORT (previously added but not documented) - port on which the OPAC
should be served
* OPACPREFIX - prefix for the OPAC's virtual host
* OPACSUFFIX - suffix for the OPAC's virtual host
This commit also adds the --keep-mysql option to koha-remove, which, if
specified, will prevent koha-remove from deleting the database or MySQL user
when removing an instance.
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
This does two things:
* Allows OPACPORT to be specified to change the default OPAC port,
* removes the port number from the ServerName directive, as it's already
handled by the VirtualHost declaration.
Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Prior to this patch, the koha-restore Debian script did not set the home
directory properly for the system users it created, causing problems down the
line for koha-rebuild-zebra. This patch fixes that by specifying the home
directory.
http://bugs.koha-community.org/show_bug.cgi?id=7216
Signed-off-by: Robin Sheat <robin@catalyst.net.nz>
Sometimes zebra needs a tmp dir in order to work. This ensures that it
is created both by koha-create-dirs in the packages, and by
rebuild_zebra when it runs.
--
tested ok, signing off
Signed-off-by: Mason James <mtj@kohaaloha.com>
If you accidentally delete one of the files that koha-remove is supposed to
remove, when koha-remove reaches that point in the script, it will die, leaving
later removal steps undone. This patch fixes the problem by checking for the
existence of each file prior to deleting it, so that short of an actual problem
with removing the file, the script can continue. Note that the fix for bug 6929
is also needed to prevent any problems with stopping Zebra from killing
koha-remove.
Signed-off-by: Dobrica Pavlinusic <dpavlin@rot13.org>
Currently, if it attempts to stop a zebra process that doesn't exist,
the script will abort, which leaves things running. This patch prevents
it from aborting.
Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
Signed-off-by: Ian Walls <ian.walls@bywatersolutions.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
This patch
- deletes debian/scripts/koha-create.8
- adds debian/docs/koha-create.xml and koha-remove.xml
Signed-off-by: Robin Sheat <robin@catalyst.net.nz>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
This affects only koha package installations that have multiple
instances running. After this patch, it's worth running the upgrade
again to ensure that everything happened correctly the first time.
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
The revised patch quotes the variable $mysqldb, as suggested by Frère
Sébastien Marie.
This patch makes sure that pointing DEFAULTSQL in /etc/koha/koha-sites.conf
to any (gzip'ed) file produced by mysqldump works, by adding the name of the
database to the end of the call to mysql, when the specified SQL file is
loaded. Files produced with koha-dump-defaults should still work too.
To test:
- Apply the patch
- Create a new package with build-git-snapshot
- Install the package
- Create an SQL file from an existing installation with mysqldump
- gzip the SQL file
- point DEFAULTSQL to the file in /etc/koha/koha-sites.conf
- create a new site with koha-create --create-db
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Robin Sheat <robin@catalyst.net.nz>
(to be followed by another patch that I think helps too)
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Sets the default borrowernumber of staff user to 1 and makes it possible
to override this with ADMINUSER in /etc/koha/koha-sites.conf or with the
--adminuser and -a command line options.
Remember to update the wiki if this gets pushed!
Signed-off-by: Robin Sheat <robin@catalyst.net.nz>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
koha-create would fail to check that --configfile was set on the
commandline, before either including it if it existed or dying if
it did not. This patch should make sure the existence of a
configfile is only tested if --config is set.
Signed-off-by: Robin Sheat <robin@catalyst.net.nz>
This should apply against 3.4 and master.
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
This lets you get into the mysql session for this library instance
really easily. Probably most useful for developers.
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
This allows the database details (username and database name in
particular) to be modified in between a koha-create --request-db and
--populate-db. Most useful when you discover that the username is too
long or something. Now, when populating the database, the connection
information is reloaded from the koha-conf.xml rather than being
generated from the instance name.
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
This causes backups for the last two days to be stored by default. The
backups will go into /var/spool/koha.
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Order of precedence for config options, from lowest to highest:
1. The defaults set in koha-create itself
2. /etc/koha/koha-sites.conf
3. Config file specified with --configfile
4. Individual options set with --marcflavor, --zebralang, --defaultsql
Signed-off-by: Robin Sheat <robin@catalyst.net.nz>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
This will override the setting in /etc/koha/koha-sites.conf.
Signed-off-by: Robin Sheat <robin@catalyst.net.nz>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
This adds the --marcflavor and --zebralang commandline options, as
well as short versions of all options.
Signed-off-by: Robin Sheat <robin@catalyst.net.nz>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
This commit does the following:
* Merge the changelog from the releases of 3.2
* Adds a command 'koha-upgrade-to-3.4' that does the MARC item splitting
stuff.
* Adds a debconf note to make sure people know that they need to run
the above command.
* Fixes the inclusion of jQuery in the packages.
* Makes build-git-snapshot build packages with a 3.5 version.
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
By default the packages now set up the cron jobs to handle things like
overdues and email etc. By default, email is off, 'koha-email-enable'
and 'koha-email-disable' can manage this.
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Galen Charlton <gmcharlt@gmail.com>
This prevents it leaving files lying around in /tmp
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Galen Charlton <gmcharlt@gmail.com>
This way, the various cron jobs will not try to do things to it.
They can't, since it is not yet really created.
Signed-off-by: Galen Charlton <gmcharlt@gmail.com>
This is necessary if we do not have access to DB server with sufficient
permissions. The DB server is used for other things, that may well be
the case.
Signed-off-by: Galen Charlton <gmcharlt@gmail.com>
koha-common.postinst now creates a symlink to the Debian one.
The sysadmin may replace that manually with something that allows
Koha to access a remote mysql server.
Signed-off-by: Galen Charlton <gmcharlt@gmail.com>