diff options
Diffstat (limited to 'docs/html/geninstall.html')
| -rw-r--r-- | docs/html/geninstall.html | 489 |
1 files changed, 0 insertions, 489 deletions
diff --git a/docs/html/geninstall.html b/docs/html/geninstall.html deleted file mode 100644 index b5cecc5fc..000000000 --- a/docs/html/geninstall.html +++ /dev/null @@ -1,489 +0,0 @@ -<HTML -><HEAD -><TITLE ->Installation General Notes</TITLE -><META -NAME="GENERATOR" -CONTENT="Modular DocBook HTML Stylesheet Version 1.76b+ -"><LINK -REL="HOME" -TITLE="The Bugzilla Guide" -HREF="index.html"><LINK -REL="UP" -TITLE="Installation" -HREF="installation.html"><LINK -REL="PREVIOUS" -TITLE="BSD Installation Notes" -HREF="bsdinstall.html"><LINK -REL="NEXT" -TITLE="Win32 Installation Notes" -HREF="win32.html"></HEAD -><BODY -CLASS="section" -BGCOLOR="#FFFFFF" -TEXT="#000000" -LINK="#0000FF" -VLINK="#840084" -ALINK="#0000FF" -><DIV -CLASS="NAVHEADER" -><TABLE -SUMMARY="Header navigation table" -WIDTH="100%" -BORDER="0" -CELLPADDING="0" -CELLSPACING="0" -><TR -><TH -COLSPAN="3" -ALIGN="center" ->The Bugzilla Guide</TH -></TR -><TR -><TD -WIDTH="10%" -ALIGN="left" -VALIGN="bottom" -><A -HREF="bsdinstall.html" -ACCESSKEY="P" ->Prev</A -></TD -><TD -WIDTH="80%" -ALIGN="center" -VALIGN="bottom" ->Chapter 3. Installation</TD -><TD -WIDTH="10%" -ALIGN="right" -VALIGN="bottom" -><A -HREF="win32.html" -ACCESSKEY="N" ->Next</A -></TD -></TR -></TABLE -><HR -ALIGN="LEFT" -WIDTH="100%"></DIV -><DIV -CLASS="section" -><H1 -CLASS="section" -><A -NAME="geninstall">3.5. Installation General Notes</H1 -><DIV -CLASS="section" -><H2 -CLASS="section" -><A -NAME="AEN874">3.5.1. Modifying Your Running System</H2 -><P -> Bugzilla optimizes database lookups by storing all relatively static - information in the versioncache file, located in the data/ subdirectory - under your installation directory. - </P -><P -> If you make a change to the structural data in your database - (the versions table for example), or to the - <SPAN -CLASS="QUOTE" ->"constants"</SPAN -> encoded in defparams.pl, you will - need to remove the cached content from the data directory - (by doing a <SPAN -CLASS="QUOTE" ->"rm data/versioncache"</SPAN ->), or your - changes won't show up. - </P -><P -> That file gets automatically regenerated whenever it's more than an - hour old, so Bugzilla will eventually notice your changes by itself, but - generally you want it to notice right away, so that you can test things. - </P -></DIV -><DIV -CLASS="section" -><H2 -CLASS="section" -><A -NAME="AEN881">3.5.2. Upgrading From Previous Versions</H2 -><P -> A plain Bugzilla is fairly easy to upgrade from one version to a newer one. - However, things get a bit more complicated if you've made changes to - Bugzilla's code. In this case, you may have to re-make or reapply those - changes. - It is recommended that you take a backup of your database and your entire - Bugzilla installation before attempting an upgrade. You can upgrade a 'clean' - installation by untarring a new tarball over the old installation. If you - are upgrading from 2.12 or later, you can type <TT -CLASS="filename" ->cvs -z3 - update</TT ->, and resolve conflicts if there are any. - </P -><P -> Because the developers of Bugzilla are constantly adding new tables, columns - and fields, you'll probably get SQL errors if you just update the code and - attempt to use Bugzilla. Always run the checksetup.pl script whenever - you upgrade your installation. - </P -><P -> If you are running Bugzilla version 2.8 or lower, and wish to upgrade to - the latest version, please consult the file, "UPGRADING-pre-2.8" in the - Bugzilla root directory after untarring the archive. - </P -></DIV -><DIV -CLASS="section" -><H2 -CLASS="section" -><A -NAME="htaccess">3.5.3. <TT -CLASS="filename" ->.htaccess</TT -> files and security</H2 -><P -> To enhance the security of your Bugzilla installation, - Bugzilla will generate - <I -CLASS="glossterm" -><TT -CLASS="filename" ->.htaccess</TT -></I -> files - which the Apache webserver can use to restrict access to - the bugzilla data files. The checksetup script will - generate the <TT -CLASS="filename" ->.htaccess</TT -> files. These .htaccess files - will not work with Apache 1.2.x - but this has security holes, so you - shouldn't be using it anyway. - - <DIV -CLASS="note" -><P -></P -><TABLE -CLASS="note" -WIDTH="100%" -BORDER="0" -><TR -><TD -WIDTH="25" -ALIGN="CENTER" -VALIGN="TOP" -><IMG -SRC="../images/note.gif" -HSPACE="5" -ALT="Note"></TD -><TD -ALIGN="LEFT" -VALIGN="TOP" -><P -> If you are using an alternate provider of - <SPAN -CLASS="productname" ->webdot</SPAN -> services for graphing - (as described when viewing - <TT -CLASS="filename" ->editparams.cgi</TT -> in your web - browser), you will need to change the ip address in - <TT -CLASS="filename" ->data/webdot/.htaccess</TT -> to the ip - address of the webdot server that you are using. - </P -></TD -></TR -></TABLE -></DIV -> - - </P -><P -> The default .htaccess file may not provide adequate access - restrictions, depending on your web server configuration. - Be sure to check the <Directory> entries for your - Bugzilla directory so that the <TT -CLASS="filename" ->.htaccess</TT -> - file is allowed to override web server defaults. For instance, - let's assume your installation of Bugzilla is installed to - <TT -CLASS="filename" ->/usr/local/bugzilla</TT ->. You should have - this <Directory> entry in your <TT -CLASS="filename" ->httpd.conf</TT -> - file: - </P -><P -> <TABLE -BORDER="0" -BGCOLOR="#E0E0E0" -WIDTH="100%" -><TR -><TD -><FONT -COLOR="#000000" -><PRE -CLASS="programlisting" -> -<Directory /usr/local/bugzilla/> - Options +FollowSymLinks +Indexes +Includes +ExecCGI - AllowOverride All -</Directory> - - </PRE -></FONT -></TD -></TR -></TABLE -> - </P -><P -> The important part above is <SPAN -CLASS="QUOTE" ->"AllowOverride All"</SPAN ->. - Without that, the <TT -CLASS="filename" ->.htaccess</TT -> file created by - <TT -CLASS="filename" ->checksetup.pl</TT -> will not have sufficient - permissions to protect your Bugzilla installation. - </P -><P -> If you are using Internet Information Server or other web - server which does not observe <TT -CLASS="filename" ->.htaccess</TT -> - conventions, you can disable their creation by editing - <TT -CLASS="filename" ->localconfig</TT -> and setting the - <TT -CLASS="varname" ->$create_htaccess</TT -> variable to - <TT -CLASS="parameter" -><I ->0</I -></TT ->. - </P -></DIV -><DIV -CLASS="section" -><H2 -CLASS="section" -><A -NAME="mod-throttle">3.5.4. <TT -CLASS="filename" ->mod_throttle</TT -> and Security</H2 -><P -> It is possible for a user, by mistake or on purpose, to access - the database many times in a row which can result in very slow - access speeds for other users. If your Bugzilla installation - is experiencing this problem , you may install the Apache - module <TT -CLASS="filename" ->mod_throttle</TT -> which can limit - connections by ip-address. You may download this module at - <A -HREF="http://www.snert.com/Software/Throttle/" -TARGET="_top" ->http://www.snert.com/Software/Throttle/</A ->. Follow the instructions to install into your Apache install. <EM ->This module only functions with the Apache web server!</EM ->. You may use the <B -CLASS="command" ->ThrottleClientIP</B -> command provided by this module to accomplish this goal. See the <A -HREF="http://www.snert.com/Software/Throttle/" -TARGET="_top" ->Module Instructions</A -> for more information. </P -></DIV -><DIV -CLASS="section" -><H2 -CLASS="section" -><A -NAME="content-type">3.5.5. Preventing untrusted Bugzilla content from executing malicious Javascript code</H2 -><P ->It is possible for a Bugzilla to execute malicious - Javascript code. Due to internationalization concerns, we are - unable to incorporate the code changes necessary to fulfill - the CERT advisory requirements mentioned in <A -HREF="http://www.cet.org/tech_tips/malicious_code_mitigation.html/#3" -TARGET="_top" ->http://www.cet.org/tech_tips/malicious_code_mitigation.html/#3</A ->. Executing the following code snippet from a UNIX command shell will rectify the problem if your Bugzilla installation is intended for an English-speaking audience. As always, be sure your Bugzilla installation has a good backup before making changes, and I recommend you understand what the script is doing before executing it. </P -><P -><TABLE -BORDER="0" -BGCOLOR="#E0E0E0" -WIDTH="100%" -><TR -><TD -><FONT -COLOR="#000000" -><PRE -CLASS="programlisting" -> bash# cd $BUGZILLA_HOME; for i in `ls *.cgi`; \ - do cat $i | sed 's/Content-type\: text\/html/Content-Type: text\/html\; charset=ISO-8859-1/' >$i.tmp; \ - mv $i.tmp $i; done - </PRE -></FONT -></TD -></TR -></TABLE -></P -><P -> All this one-liner command does is search for all instances of - <SPAN -CLASS="QUOTE" ->"Content-type: text/html"</SPAN -> and replaces it with - <SPAN -CLASS="QUOTE" ->"Content-Type: text/html; charset=ISO-8859-1"</SPAN ->. - This specification prevents possible Javascript attacks on the - browser, and is suggested for all English-speaking sites. For - non-english-speaking Bugzilla sites, I suggest changing - <SPAN -CLASS="QUOTE" ->"ISO-8859-1"</SPAN ->, above, to <SPAN -CLASS="QUOTE" ->"UTF-8"</SPAN ->. - </P -></DIV -><DIV -CLASS="section" -><H2 -CLASS="section" -><A -NAME="unixhistory">3.5.6. UNIX Installation Instructions History</H2 -><P -> This document was originally adapted from the Bonsai - installation instructions by Terry Weissman - <terry@mozilla.org>. - </P -><P -> The February 25, 1999 re-write of this page was done by Ry4an - Brase <ry4an@ry4an.org>, with some edits by Terry - Weissman, Bryce Nesbitt, Martin Pool, & Dan Mosedale (But - don't send bug reports to them; report them using bugzilla, at <A -HREF="http://bugzilla.mozilla.org/enter_bug.cgi?product=Bugzilla" -TARGET="_top" ->http://bugzilla.mozilla.org/enter_bug.cgi?product=Bugzilla</A -> ). - </P -><P -> This document was heavily modified again Wednesday, March 07 - 2001 to reflect changes for Bugzilla 2.12 release by Matthew - P. Barnson. The securing MySQL section should be changed to - become standard procedure for Bugzilla installations. - </P -><P -> Finally, the README in its entirety was marked up in SGML and - included into the Guide on April 24, 2001 by Matt Barnson. - Since that time, it's undergone extensive modification as - Bugzilla grew. - </P -><P -> Comments from people using this Guide for the first time are - particularly welcome. - </P -></DIV -></DIV -><DIV -CLASS="NAVFOOTER" -><HR -ALIGN="LEFT" -WIDTH="100%"><TABLE -SUMMARY="Footer navigation table" -WIDTH="100%" -BORDER="0" -CELLPADDING="0" -CELLSPACING="0" -><TR -><TD -WIDTH="33%" -ALIGN="left" -VALIGN="top" -><A -HREF="bsdinstall.html" -ACCESSKEY="P" ->Prev</A -></TD -><TD -WIDTH="34%" -ALIGN="center" -VALIGN="top" -><A -HREF="index.html" -ACCESSKEY="H" ->Home</A -></TD -><TD -WIDTH="33%" -ALIGN="right" -VALIGN="top" -><A -HREF="win32.html" -ACCESSKEY="N" ->Next</A -></TD -></TR -><TR -><TD -WIDTH="33%" -ALIGN="left" -VALIGN="top" ->BSD Installation Notes</TD -><TD -WIDTH="34%" -ALIGN="center" -VALIGN="top" -><A -HREF="installation.html" -ACCESSKEY="U" ->Up</A -></TD -><TD -WIDTH="33%" -ALIGN="right" -VALIGN="top" ->Win32 Installation Notes</TD -></TR -></TABLE -></DIV -></BODY -></HTML ->
\ No newline at end of file |