diff options
| -rw-r--r-- | Bugzilla/Install/Localconfig.pm | 531 | ||||
| -rwxr-xr-x | checksetup.pl | 396 |
2 files changed, 553 insertions, 374 deletions
diff --git a/Bugzilla/Install/Localconfig.pm b/Bugzilla/Install/Localconfig.pm new file mode 100644 index 000000000..ba18fcfd9 --- /dev/null +++ b/Bugzilla/Install/Localconfig.pm @@ -0,0 +1,531 @@ +# -*- Mode: perl; indent-tabs-mode: nil -*- +# +# The contents of this file are subject to the Mozilla Public +# License Version 1.1 (the "License"); you may not use this file +# except in compliance with the License. You may obtain a copy of +# the License at http://www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS +# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +# implied. See the License for the specific language governing +# rights and limitations under the License. +# +# The Original Code is the Bugzilla Bug Tracking System. +# +# Contributor(s): Max Kanat-Alexander <mkanat@bugzilla.org> + +package Bugzilla::Install::Localconfig; + +# NOTE: This package may "use" any modules that it likes. However, +# all functions in this package should assume that: +# +# * The data/ directory does not exist. +# * Templates are not available. +# * Files do not have the correct permissions +# * The database is not up to date + +use strict; + +use Bugzilla::Constants; + +use Data::Dumper; +use Fcntl qw(SEEK_END); +use IO::File; +use Safe; + +use base qw(Exporter); +our @EXPORT = qw( + read_localconfig +); + +our @EXPORT_OK = qw( + update_localconfig +); + +# We write this constant as a sub because it has to call other +# subroutines. +sub LOCALCONFIG_VARS { + return ( + { + name => 'create_htaccess', + default => 1, + desc => <<EOT +# If you are using Apache as your web server, Bugzilla can create .htaccess +# files for you that will instruct Apache not to serve files that shouldn't +# be accessed from the web (like your local configuration data and non-cgi +# executable files). For this to work, the directory your Bugzilla +# installation is in must be within the jurisdiction of a <Directory> block +# in the httpd.conf file that has 'AllowOverride Limit' in it. If it has +# 'AllowOverride All' or other options with Limit, that's fine. +# (Older Apache installations may use an access.conf file to store these +# <Directory> blocks.) +# If this is set to 1, Bugzilla will create these files if they don't exist. +# If this is set to 0, Bugzilla will not create these files. +EOT + }, + { + name => 'webservergroup', + default => ON_WINDOWS ? '' : 'apache', + desc => q{# This is the group your web server runs as. +# If you have a Windows box, ignore this setting. +# If you do not have access to the group your web server runs under, +# set this to "". If you do set this to "", then your Bugzilla installation +# will be _VERY_ insecure, because some files will be world readable/writable, +# and so anyone who can get local access to your machine can do whatever they +# want. You should only have this set to "" if this is a testing installation +# and you cannot set this up any other way. YOU HAVE BEEN WARNED! +# If you set this to anything other than "", you will need to run checksetup.pl +# as} . ROOT_USER . qq{, or as a user who is a member of the specified group.\n} + }, + { + name => 'db_driver', + default => 'mysql', + desc => <<EOT +# What SQL database to use. Default is mysql. List of supported databases +# can be obtained by listing Bugzilla/DB directory - every module corresponds +# to one supported database and the name corresponds to a driver name. +EOT + }, + { + name => 'db_host', + default => 'localhost', + desc => + "# The DNS name of the host that the database server runs on.\n" + }, + { + name => 'db_name', + default => 'bugs', + desc => "# The name of the database\n" + }, + { + name => 'db_user', + default => 'bugs', + desc => "# Who we connect to the database as.\n" + }, + { + name => 'db_pass', + default => '', + desc => <<EOT +# Enter your database password here. It's normally advisable to specify +# a password for your bugzilla database user. +# If you use apostrophe (') or a backslash (\\) in your password, you'll +# need to escape it by preceding it with a '\\' character. (\\') or (\\) +# (Far simpler just not to use those characters.) +EOT + }, + { + name => 'db_port', + default => 0, + desc => <<EOT +# Sometimes the database server is running on a non-standard port. If that's +# the case for your database server, set this to the port number that your +# database server is running on. Setting this to 0 means "use the default +# port for my database server." +EOT + }, + { + name => 'db_sock', + default => '', + desc => <<EOT +# MySQL Only: Enter a path to the unix socket for MySQL. If this is +# blank, then MySQL's compiled-in default will be used. You probably +# want that. +EOT + }, + { + name => 'db_check', + default => 1, + desc => <<EOT +# Should checksetup.pl try to verify that your database setup is correct? +# (with some combinations of database servers/Perl modules/moonphase this +# doesn't work) +EOT + }, + { + name => 'index_html', + default => 0, + desc => <<EOT +# With the introduction of a configurable index page using the +# template toolkit, Bugzilla's main index page is now index.cgi. +# Most web servers will allow you to use index.cgi as a directory +# index, and many come preconfigured that way, but if yours doesn't +# then you'll need an index.html file that provides redirection +# to index.cgi. Setting \$index_html to 1 below will allow +# checksetup.pl to create one for you if it doesn't exist. +# NOTE: checksetup.pl will not replace an existing file, so if you +# wish to have checksetup.pl create one for you, you must +# make sure that index.html doesn't already exist +EOT + }, + { + name => 'cvsbin', + default => &_get_default_cvsbin, + desc => <<EOT +# For some optional functions of Bugzilla (such as the pretty-print patch +# viewer), we need the cvs binary to access files and revisions. +# Because it's possible that this program is not in your path, you can specify +# its location here. Please specify the full path to the executable. +EOT + }, + { + name => 'interdiffbin', + default => &_get_default_interdiffbin, + desc => <<EOT +# For some optional functions of Bugzilla (such as the pretty-print patch +# viewer), we need the interdiff binary to make diffs between two patches. +# Because it's possible that this program is not in your path, you can specify +# its location here. Please specify the full path to the executable. +EOT + }, + { + name => 'diffpath', + default => &_get_default_diffpath, + desc => <<EOT +# The interdiff feature needs diff, so we have to have that path. +# Please specify the directory name only; do not use trailing slash. +EOT + }, + ); +} + +use constant OLD_LOCALCONFIG_VARS => qw( + mysqlpath + contenttypes + pages + severities platforms opsys priorities +); + +sub read_localconfig { + my ($include_deprecated) = @_; + my $filename = bz_locations()->{'localconfig'}; + + my %localconfig; + if (-e $filename) { + my $s = new Safe; + $s->rdo($filename); + if ($@ || $!) { + my $err_msg = $@ ? $@ : $!; + die <<EOT; +An error has occurred while reading your 'localconfig' file. The text of +the error message is: + +$err_msg + +Please fix the error in your 'localconfig' file. Alternately, rename your +'localconfig' file, rerun checksetup.pl, and re-enter your answers. + + \$ mv -f localconfig localconfig.old + \$ ./checksetup.pl +EOT + } + + my @vars = map($_->{name}, LOCALCONFIG_VARS); + push(@vars, OLD_LOCALCONFIG_VARS) if $include_deprecated; + foreach my $var (@vars) { + my $glob = $s->varglob($var); + # We can't get the type of a variable out of a Safe automatically. + # We can only get the glob itself. So we figure out its type this + # way, by trying first a scalar, then an array, then a hash. + # + # The interesting thing is that this converts all deprecated + # array or hash vars into hashrefs or arrayrefs, but that's + # fine since as I write this all modern localconfig vars are + # actually scalars. + if (defined $$glob) { + $localconfig{$var} = $$glob; + } + elsif (defined @$glob) { + $localconfig{$var} = \@$glob; + } + elsif (defined %$glob) { + $localconfig{$var} = \%$glob; + } + } + } + + return \%localconfig; +} + + +# +# This is quite tricky. But fun! +# +# First we read the file 'localconfig'. Then we check if the variables we +# need are defined. If not, we will append the new settings to +# localconfig, instruct the user to check them, and stop. +# +# Why do it this way? +# +# Assume we will enhance Bugzilla and eventually more local configuration +# stuff arises on the horizon. +# +# But the file 'localconfig' is not in the Bugzilla CVS or tarfile. You +# know, we never want to overwrite your own version of 'localconfig', so +# we can't put it into the CVS/tarfile, can we? +# +# Now, when we need a new variable, we simply add the necessary stuff to +# LOCALCONFIG_VARS. When the user gets the new version of Bugzilla from CVS and +# runs checksetup, it finds out "Oh, there is something new". Then it adds +# some default value to the user's local setup and informs the user to +# check that to see if it is what the user wants. +# +# Cute, ey? +# +sub update_localconfig { + my ($params) = @_; + + my $output = $params->{output} || 0; + my $answer = $params->{answer} || {}; + my $localconfig = read_localconfig('include deprecated'); + + my @new_vars; + foreach my $var (LOCALCONFIG_VARS) { + my $name = $var->{name}; + if (!defined $localconfig->{$name}) { + push(@new_vars, $name); + $localconfig->{$name} = $answer->{$name} || $var->{default}; + } + } + + my @old_vars; + foreach my $name (OLD_LOCALCONFIG_VARS) { + push(@old_vars, $name) if defined $localconfig->{$name}; + } + + if (!$localconfig->{'interdiffbin'} && $output) { + print <<EOT + +OPTIONAL NOTE: If you want to be able to use the 'difference between two +patches' feature of Bugzilla (which requires the PatchReader Perl module +as well), you should install patchutils from: + + http://cyberelk.net/tim/patchutils/ + +EOT + } + + my $filename = bz_locations->{'localconfig'}; + + if (scalar @old_vars) { + my $oldstuff = join(', ', @old_vars); + print <<EOT + +The following variables are no longer used in $filename, and +should be removed: $oldstuff + +EOT + } + + if (scalar @new_vars) { + my $filename = bz_locations->{'localconfig'}; + my $fh = new IO::File($filename, '>>') || die "$filename: $!"; + $fh->seek(0, SEEK_END); + foreach my $var (LOCALCONFIG_VARS) { + if (grep($_ eq $var->{name}, @new_vars)) { + print $fh "\n", $var->{desc}, + Data::Dumper->Dump([$localconfig->{$var->{name}}], + ["*$var->{name}"]); + } + } + + my $newstuff = join(', ', @new_vars); + print <<EOT; + +This version of Bugzilla contains some variables that you may want to +change and adapt to your local settings. Please edit the file +$filename and rerun checksetup.pl. + +The following variables are new to $filename since you last ran +checksetup.pl: $newstuff + +EOT + exit; + } + + # Now we do some checks on localconfig values. + _check_web_server_group($localconfig->{'webservergroup'}) if $output; + + return { old_vars => \@old_vars, new_vars => \@new_vars }; +} + +sub _get_default_cvsbin { + return '' if ON_WINDOWS; + + my $cvs_executable = `which cvs`; + if ($cvs_executable =~ /no cvs/ || $cvs_executable eq '') { + # If which didn't find it, just set to blank + $cvs_executable = ""; + } else { + chomp $cvs_executable; + } + return $cvs_executable; +} + +sub _get_default_interdiffbin { + return '' if ON_WINDOWS; + + my $interdiff = `which interdiff`; + if ($interdiff =~ /no interdiff/ || $interdiff eq '') { + # If which didn't find it, just set to blank + $interdiff = ''; + } else { + chomp $interdiff; + } + return $interdiff; +} + +sub _get_default_diffpath { + return '' if ON_WINDOWS; + + my $diff_binaries; + $diff_binaries = `which diff`; + if ($diff_binaries =~ /no diff/ || $diff_binaries eq '') { + # If which didn't find it, set to blank + $diff_binaries = ""; + } else { + $diff_binaries =~ s:/diff\n$::; + } + return $diff_binaries; +} + +sub _check_web_server_group { + my ($group) = @_; + + my $filename = bz_locations()->{'localconfig'}; + + # If we are on Windows, webservergroup does nothing + if (ON_WINDOWS && $group) { + print <<EOT + +Warning: You have set webservergroup in $filename +Please understand that this does not bring you any security when +running under Windows. +Verify that the file permissions in your Bugzilla directory are +suitable for your system. Avoid unnecessary write access. + +EOT + } + + # If we're not on Windows, make sure that webservergroup isn't + # empty. + elsif (!ON_WINDOWS && !$group) { + print <<EOT; + +********************************************************************************WARNING! You have not entered a value for the "webservergroup" parameter +in localconfig. This means that certain files and directories which need +to be editable by both you and the webserver must be world writable, and +other files (including the localconfig file which stores your database +password) must be world readable. This means that _anyone_ who can obtain +local access to this machine can do whatever they want to your Bugzilla +installation, and is probably also able to run arbitrary Perl code as the +user that the webserver runs as. + +You really, really, really need to change this setting. +******************************************************************************** +EOT + } + + # If we're not on Windows, make sure we are actually a member of + # the webservergroup. + elsif (!ON_WINDOWS && $group) { + # If on unix, see if we need to print a warning about a webservergroup + # that we can't chgrp to + my $webservergid = (getgrnam($group))[2] + or die("no such group: $group"); + if ($< != 0 && !grep($_ eq $webservergid, split(" ", $)))) { + my $root = ROOT_USER; + print <<EOT; + +Warning: you have entered a value for the "webservergroup" parameter in +localconfig, but you are not either a) running this script as $root; or b) a +member of this group. This can cause permissions problems and decreased +security. If you experience problems running Bugzilla scripts, log in as +$root and re-run this script, become a member of the group, or remove the +value of the "webservergroup" parameter. Note that any warnings about +"uninitialized values" that you may see below are caused by this. + +EOT + } + } +} + +1; + +__END__ + +=head1 NAME + +Bugzilla::Install::Localconfig - Functions and variables dealing + with the manipulation and creation of the F<localconfig> file. + +=head1 SYNOPSIS + + use Bugzilla::Install::Requirements qw(read_localconfig update_localconfig) + my $localconfig = read_localconfig(); + update_localconfig({ output => 1, answer => \%answer }); + +=head1 DESCRIPTION + +This module is used primarily by L<checksetup.pl> to create and +modify the localconfig file. + +=head1 CONSTANTS + +=over + +=item C<LOCALCONFIG_VARS> + +An array of hashrefs. These hashrefs contain three keys: + + name - The name of the variable. + default - The default value for the variable. Should always be + something that can fit in a scalar. + desc - Additional text to put in localconfig before the variable + definition. Must end in a newline. Each line should start + with "#" unless you have some REALLY good reason not + to do that. + +=item C<OLD_LOCALCONFIG_VARS> + +An array of names of variables. If C<update_localconfig> finds these +variables defined in localconfig, it will print out a warning. + +=back + +=head1 SUBROUTINES + +=over + +=item C<read_localconfig($include_deprecated)> + +Description: Reads the localconfig file and returns all valid + values in a hashref. + +Params: C<$include_deprecated> - C<true> if you want the returned + hashref to also include variables listed in + C<OLD_LOCALCONFIG_VARS>, if they exist. Generally + this is only for use by C<update_localconfig>. + +Returns: A hashref of the localconfig variables. If an array + is defined, it will be an arrayref in the returned hash. If a + hash is defined, it will be a hashref in the returned hash. + Only includes variables specified in C<LOCALCONFIG_VARS> + (and C<OLD_LOCALCONFIG_VARS> if C<$include_deprecated> is + specified). + +=item C<update_localconfig({ output =E<gt> 1, answer =E<gt> \%answer })> + +Description: Adds any new variables to localconfig that aren't + currently defined there. Also optionally prints out + a message about vars that *should* be there and aren't. + Exits the program if it adds any new vars. + +Params: C<output> - C<true> if the function should display informational + output and warnings. It will always display errors or + any message which would cause program execution to halt. + +Returns: A hashref, with C<old_vals> being an array of names of variables + that were removed, and C<new_vals> being an array of names + of variables that were added to localconfig. + +=back diff --git a/checksetup.pl b/checksetup.pl index 837bdb674..a51294aa1 100755 --- a/checksetup.pl +++ b/checksetup.pl @@ -180,15 +180,14 @@ prompting the user or by editing localconfig. The format of that file is as follows: - $answer{'db_host'} = q[ - $db_host = 'localhost'; - $db_driver = 'mydbdriver'; - $db_port = 3306; - $db_name = 'mydbname'; - $db_user = 'mydbuser'; - ]; + $answer{'db_host'} = 'localhost'; + $answer{'db_driver'} = 'mydbdriver'; + $answer{'db_port'} = 0; + $answer{'db_name'} = 'mydbname'; + $answer{'db_user'} = 'mydbuser'; + $answer{'db_pass'} = 'mydbpass'; - $answer{'db_pass'} = q[$db_pass = 'mydbpass';]; + (Any localconfig variable can be specified as above.) $answer{'ADMIN_OK'} = 'Y'; $answer{'ADMIN_EMAIL'} = 'myadmin@mydomain.net'; @@ -302,373 +301,21 @@ import Bugzilla::User qw(insert_new_user); require Bugzilla::Bug; import Bugzilla::Bug qw(is_open_state); +require Bugzilla::Install::Localconfig; +import Bugzilla::Install::Localconfig qw(read_localconfig update_localconfig); + ########################################################################### -# Check and update local configuration +# Check and update --LOCAL-- configuration ########################################################################### -# -# This is quite tricky. But fun! -# -# First we read the file 'localconfig'. Then we check if the variables we -# need are defined. If not, we will append the new settings to -# localconfig, instruct the user to check them, and stop. -# -# Why do it this way? -# -# Assume we will enhance Bugzilla and eventually more local configuration -# stuff arises on the horizon. -# -# But the file 'localconfig' is not in the Bugzilla CVS or tarfile. You -# know, we never want to overwrite your own version of 'localconfig', so -# we can't put it into the CVS/tarfile, can we? -# -# Now, when we need a new variable, we simply add the necessary stuff to -# checksetup. When the user gets the new version of Bugzilla from CVS and -# runs checksetup, it finds out "Oh, there is something new". Then it adds -# some default value to the user's local setup and informs the user to -# check that to see if it is what the user wants. -# -# Cute, ey? -# - -my $root = ROOT_USER; - -print "Checking user setup ...\n" unless $silent; -$@ = undef; -my $localconfig = bz_locations()->{'localconfig'}; -do $localconfig; -if ($@) { # capture errors in localconfig, bug 97290 - print STDERR <<EOT; -An error has occurred while reading your -'localconfig' file. The text of the error message is: - -$@ - -Please fix the error in your 'localconfig' file. -Alternately rename your 'localconfig' file, rerun -checksetup.pl, and re-enter your answers. - - \$ mv -f localconfig localconfig.old - \$ ./checksetup.pl - - -EOT - die "Syntax error in localconfig"; -} - -sub LocalVarExists -{ - my ($name) = @_; - return $main::{$name}; # if localconfig declared it, we're done. -} - -my $newstuff = ""; -sub LocalVar -{ - my ($name, $definition) = @_; - return if LocalVarExists($name); # if localconfig declared it, we're done. - $newstuff .= " " . $name; - open FILE, '>>', bz_locations()->{'localconfig'}; - print FILE ($answer{$name} or $definition), "\n\n"; - close FILE; -} - - -# -# Set up the defaults for the --LOCAL-- variables below: -# - -LocalVar('index_html', <<'END'); -# -# With the introduction of a configurable index page using the -# template toolkit, Bugzilla's main index page is now index.cgi. -# Most web servers will allow you to use index.cgi as a directory -# index, and many come preconfigured that way, but if yours doesn't -# then you'll need an index.html file that provides redirection -# to index.cgi. Setting $index_html to 1 below will allow -# checksetup.pl to create one for you if it doesn't exist. -# NOTE: checksetup.pl will not replace an existing file, so if you -# wish to have checksetup.pl create one for you, you must -# make sure that index.html doesn't already exist -$index_html = 0; -END +print "Reading " . bz_locations()->{'localconfig'} . "...\n" unless $silent; +update_localconfig({ output => !$silent, answer => \%answer }); +my $lc_hash = read_localconfig(); - -if (!LocalVarExists('cvsbin')) { - my $cvs_executable; - if ($^O !~ /MSWin32/i) { - $cvs_executable = `which cvs`; - if ($cvs_executable =~ /no cvs/ || $cvs_executable eq '') { - # If which didn't find it, just set to blank - $cvs_executable = ""; - } else { - chomp $cvs_executable; - } - } else { - $cvs_executable = ""; - } - - LocalVar('cvsbin', <<"END"); -# -# For some optional functions of Bugzilla (such as the pretty-print patch -# viewer), we need the cvs binary to access files and revisions. -# Because it's possible that this program is not in your path, you can specify -# its location here. Please specify the full path to the executable. -\$cvsbin = "$cvs_executable"; -END -} - - -if (!LocalVarExists('interdiffbin')) { - my $interdiff_executable; - if ($^O !~ /MSWin32/i) { - $interdiff_executable = `which interdiff`; - if ($interdiff_executable =~ /no interdiff/ || - $interdiff_executable eq '') { - if (!$silent) { - print "\nOPTIONAL NOTE: If you want to be able to "; - print "use the\n 'difference between two patches' feature"; - print "of Bugzilla (requires\n the PatchReader Perl module "; - print "as well), you should install\n patchutils from "; - print "http://cyberelk.net/tim/patchutils/\n\n"; - } - - # If which didn't find it, set to blank - $interdiff_executable = ""; - } else { - chomp $interdiff_executable; - } - } else { - $interdiff_executable = ""; - } - - LocalVar('interdiffbin', <<"END"); - -# -# For some optional functions of Bugzilla (such as the pretty-print patch -# viewer), we need the interdiff binary to make diffs between two patches. -# Because it's possible that this program is not in your path, you can specify -# its location here. Please specify the full path to the executable. -\$interdiffbin = "$interdiff_executable"; -END -} - - -if (!LocalVarExists('diffpath')) { - my $diff_binaries; - if ($^O !~ /MSWin32/i) { - $diff_binaries = `which diff`; - if ($diff_binaries =~ /no diff/ || $diff_binaries eq '') { - # If which didn't find it, set to blank - $diff_binaries = ""; - } else { - $diff_binaries =~ s:/diff\n$::; - } - } else { - $diff_binaries = ""; - } - - LocalVar('diffpath', <<"END"); - -# -# The interdiff feature needs diff, so we have to have that path. -# Please specify the directory name only; do not use trailing slash. -\$diffpath = "$diff_binaries"; -END -} - - -LocalVar('create_htaccess', <<'END'); -# -# If you are using Apache as your web server, Bugzilla can create .htaccess -# files for you that will instruct Apache not to serve files that shouldn't -# be accessed from the web (like your local configuration data and non-cgi -# executable files). For this to work, the directory your Bugzilla -# installation is in must be within the jurisdiction of a <Directory> block -# in the httpd.conf file that has 'AllowOverride Limit' in it. If it has -# 'AllowOverride All' or other options with Limit, that's fine. -# (Older Apache installations may use an access.conf file to store these -# <Directory> blocks.) -# If this is set to 1, Bugzilla will create these files if they don't exist. -# If this is set to 0, Bugzilla will not create these files. -$create_htaccess = 1; -END - -my $webservergroup_default; -if ($^O !~ /MSWin32/i) { - $webservergroup_default = 'apache'; -} else { - $webservergroup_default = ''; -} - -LocalVar('webservergroup', <<"END"); -# -# This is the group your web server runs as. -# If you have a windows box, ignore this setting. -# If you do not have access to the group your web server runs under, -# set this to "". If you do set this to "", then your Bugzilla installation -# will be _VERY_ insecure, because some files will be world readable/writable, -# and so anyone who can get local access to your machine can do whatever they -# want. You should only have this set to "" if this is a testing installation -# and you cannot set this up any other way. YOU HAVE BEEN WARNED! -# If you set this to anything other than "", you will need to run checksetup.pl -# as $root, or as a user who is a member of the specified group. -\$webservergroup = "$webservergroup_default"; -END - - - -LocalVar('db_driver', ' -# -# What SQL database to use. Default is mysql. List of supported databases -# can be obtained by listing Bugzilla/DB directory - every module corresponds -# to one supported database and the name corresponds to a driver name. -# -$db_driver = "mysql"; -'); -LocalVar('db_host', q[ -# -# How to access the SQL database: -# -$db_host = 'localhost'; # where is the database? -$db_name = 'bugs'; # name of the SQL database -$db_user = 'bugs'; # user to attach to the SQL database - -# Sometimes the database server is running on a non-standard -# port. If that's the case for your database server, set this -# to the port number that your database server is running on. -# Setting this to 0 means "use the default port for my database -# server." -$db_port = 0; -]); -LocalVar('db_pass', q[ -# -# Enter your database password here. It's normally advisable to specify -# a password for your bugzilla database user. -# If you use apostrophe (') or a backslash (\) in your password, you'll -# need to escape it by preceding it with a '\' character. (\') or (\\) -# (Far simpler just not to use those characters.) -# -$db_pass = ''; -]); - -LocalVar('db_sock', q[ -# MySQL Only: Enter a path to the unix socket for MySQL. If this is -# blank, then MySQL's compiled-in default will be used. You probably -# want that. -$db_sock = ''; -]); - -LocalVar('db_check', q[ -# -# Should checksetup.pl try to verify that your database setup is correct? -# (with some combinations of database servers/Perl modules/moonphase this -# doesn't work) -# -$db_check = 1; -]); - -my @deprecatedvars; -push(@deprecatedvars, '@severities') if (LocalVarExists('severities')); -push(@deprecatedvars, '@priorities') if (LocalVarExists('priorities')); -push(@deprecatedvars, '@opsys') if (LocalVarExists('opsys')); -push(@deprecatedvars, '@platforms') if (LocalVarExists('platforms')); - -if (@deprecatedvars) { - print "\nThe following settings in your localconfig file", - " are no longer used:\n " . join(", ", @deprecatedvars) . - "\nThis data is now controlled through the Bugzilla", - " administrative interface.\nWe recommend you remove these", - " settings from localconfig after checksetup\nruns successfully.\n"; -} -if (LocalVarExists('mysqlpath')) { - print "\nThe \$mysqlpath setting in your localconfig file ", - "is no longer required.\nWe recommend you remove it.\n"; -} - -if ($newstuff ne "") { - print "\nThis version of Bugzilla contains some variables that you may \n", - "want to change and adapt to your local settings. Please edit the\n", - "file " . bz_locations()->{'localconfig'} ." and rerun ", - "checksetup.pl\n\n", - "The following variables are new to localconfig since you last ran\n", - "checksetup.pl: $newstuff\n\n"; - exit; -} - -# 2000-Dec-18 - justdave@syndicomm.com - see Bug 52921 -# This is a hack to read in the values defined in localconfig without getting -# them defined at compile time if they're missing from localconfig. -# Ideas swiped from pp. 281-282, O'Reilly's "Programming Perl 2nd Edition" -# Note that we won't need to do this in Bugzilla::Config because -# Bugzilla::Config couldn't care less whether they were defined ahead -# of time or not. -my $my_db_check = ${*{$main::{'db_check'}}{SCALAR}}; -my $my_db_driver = ${*{$main::{'db_driver'}}{SCALAR}}; -my $my_db_name = ${*{$main::{'db_name'}}{SCALAR}}; -my $my_index_html = ${*{$main::{'index_html'}}{SCALAR}}; -my $my_create_htaccess = ${*{$main::{'create_htaccess'}}{SCALAR}}; -my $my_webservergroup = ${*{$main::{'webservergroup'}}{SCALAR}}; - -if ($my_webservergroup && !$silent) { - if ($^O !~ /MSWin32/i) { - # if on unix, see if we need to print a warning about a webservergroup - # that we can't chgrp to - my $webservergid = (getgrnam($my_webservergroup))[2] - or die("no such group: $my_webservergroup"); - if ($< != 0 && !grep($_ eq $webservergid, split(" ", $)))) { - print <<EOF; - -Warning: you have entered a value for the "webservergroup" parameter in -localconfig, but you are not either a) running this script as $root; or b) a -member of this group. This can cause permissions problems and decreased -security. If you experience problems running Bugzilla scripts, log in as -$root and re-run this script, become a member of the group, or remove the -value of the "webservergroup" parameter. Note that any warnings about -"uninitialized values" that you may see below are caused by this. - -EOF - } - } - - else { - # if on Win32, print a reminder that setting this value adds no security - print <<EOF; - -Warning: You have set webservergroup in your localconfig. -Please understand that this does not bring you any security when -running under Windows. -Verify that the file permissions in your Bugzilla directory are -suitable for your system. -Avoid unnecessary write access. - -EOF - } - -} else { - # There's no webservergroup, this is very very very very bad. - # However, if we're being run on windows, then this option doesn't - # really make sense. Doesn't make it any more secure either, though, - # but don't print the message, since they can't do anything about it. - if (($^O !~ /MSWin32/i) && !$silent) { - print <<EOF; - -******************************************************************************** -WARNING! You have not entered a value for the "webservergroup" parameter -in localconfig. This means that certain files and directories which need -to be editable by both you and the webserver must be world writable, and -other files (including the localconfig file which stores your database -password) must be world readable. This means that _anyone_ who can obtain -local access to this machine can do whatever they want to your Bugzilla -installation, and is probably also able to run arbitrary Perl code as the -user that the webserver runs as. - -You really, really, really need to change this setting. -******************************************************************************** - -EOF - } -} +# XXX Eventually these two variables can be eliminated, but they are +# used more than once throughout checksetup right now. +my $my_db_driver = $lc_hash->{'db_driver'}; +my $my_webservergroup = $lc_hash->{'webservergroup'}; ########################################################################### # Check Database setup @@ -681,7 +328,7 @@ EOF # everything we need to create the DB. We have to create it early, # because some data required to populate data/params are stored in the DB. -if ($my_db_check) { +if ($lc_hash->{'db_check'}) { # Only certain values are allowed for $db_driver. if (!exists DB_MODULE->{lc($my_db_driver)}) { die "$my_db_driver is not a valid choice for \$db_driver in", @@ -721,6 +368,7 @@ if ($my_db_check) { $check_dbh->disconnect; }; if (!$conn_success) { + my $my_db_name = $lc_hash->{'db_name'}; print "Creating database $my_db_name ...\n"; # Try to create the DB, and if we fail print an error. if (!eval { $dbh->do("CREATE DATABASE $my_db_name") }) { @@ -984,7 +632,7 @@ END } } -if ($my_create_htaccess) { +if ($lc_hash->{'create_htaccess'}) { my $fileperm = 0644; my $dirperm = 01777; if ($my_webservergroup) { @@ -1105,7 +753,7 @@ END } -if ($my_index_html) { +if ($lc_hash->{'index_html'}) { if (!-e "index.html") { print "Creating index.html...\n"; open HTML, '>', 'index.html'; |