From bf8ac7551058df22dd5eb712631d9e383fc587a5 Mon Sep 17 00:00:00 2001 From: "barnboy%trilobyte.net" <> Date: Wed, 22 Aug 2001 10:44:14 +0000 Subject: Big checkin of docs to resolve every known outstanding doc bug! Yay release. Still many things to fix. Aren't there always? --- docs/sgml/installation.sgml | 957 ++++++++++++++++++++++---------------------- 1 file changed, 486 insertions(+), 471 deletions(-) (limited to 'docs/sgml/installation.sgml') diff --git a/docs/sgml/installation.sgml b/docs/sgml/installation.sgml index dfbc35071..547d466ba 100644 --- a/docs/sgml/installation.sgml +++ b/docs/sgml/installation.sgml @@ -1,6 +1,6 @@ - + Installation These installation instructions are presented assuming you are @@ -50,6 +50,7 @@ refer to these documents when installing, configuring, and maintaining your Bugzilla installation. + @@ -108,8 +109,7 @@ the CPAN dependencies listed below, and are running the very most recent version of Perl and MySQL (both the executables and development libraries) on your system, check out - Bundle::Bugzilla in + Bundle::Bugzilla in The software packages necessary for the proper running of bugzilla are: @@ -185,39 +185,64 @@ attack. + + Linux-Mandrake 8.0, the author's test system, includes + every required and optional library for Bugzilla. The + easiest way to install them is by using the + urpmi utility. If you follow these + commands, you should have everything you need for + Bugzilla, and checksetup.pl should + not complain about any missing libraries. You may already + have some of these installed. + + bash# urpmi + perl-mysql + bash# urpmi + perl-chart + bash# urpmi + perl-gd + bash# urpmi + perl-MailTools (for Bugzilla email + integration) + bash# urpmi + apache-modules + +
Installing MySQL Database - Visit MySQL homepage at http://www.mysql.com/ and grab the - latest stable release of the server. Both binaries and source - are available and which you get shouldn't matter. Be aware - that many of the binary versions of MySQL store their data - files in /var which on many installations (particularly common - with linux installations) is part of a smaller root partition. - If you decide to build from sources you can easily set the - dataDir as an option to configure. + Visit MySQL homepage at www.mysql.com and grab the latest stable release of the server. Many of the binary versions of MySQL store their data files in /var which is often part of a smaller root partition. If you decide to build from sources you can easily set the dataDir as an option to configure. - If you've installed from source or non-package (RPM, deb, - etc.) binaries you'll want to make sure to add mysqld to your + If you install from source or non-package (RPM, deb, etc.) + binaries you need to add + mysqld to your init scripts so the server daemon will come back up whenever - your machine reboots. You also may want to edit those init - scripts, to make sure that mysqld will accept large packets. - By default, mysqld is set up to only accept packets up to 64K - long. This limits the size of attachments you may put on - bugs. If you add something like "-O max_allowed_packet=1M" to - the command that starts mysqld (or safe_mysqld), then you will - be able to have attachments up to about 1 megabyte. + your machine reboots. Further discussion of UNIX init + sequences are beyond the scope of this guide. + + You should have your init script start + mysqld with the ability to accept + large packets. By default, mysqld + only accepts packets up to 64K long. This limits the size + of attachments you may put on bugs. If you add to the command that starts + mysqld (or + safe_mysqld), then you will be able + to have attachments up to about 1 megabyte. + + If you plan on running Bugzilla and MySQL on the same - machine, consider using the "--skip-networking" option in - the init script. This enhances security by preventing - network access to MySQL. + machine, consider using the + option in the init script. This enhances security by + preventing network access to MySQL.
@@ -260,9 +285,10 @@ You can skip the following Perl module installation steps by - installing "Bundle::Bugzilla" from CPAN, which includes - them. All Perl module installation steps require you have an - active Internet connection. If you wish to use + installing Bundle::Bugzilla from + CPAN, which + includes them. All Perl module installation steps require + you have an active Internet connection. If you wish to use Bundle::Bugzilla, however, you must be using the latest version of Perl (at this writing, version &perl-ver;) @@ -293,7 +319,7 @@ Like almost all Perl modules DBI can be found on the Comprehensive Perl Archive Network (CPAN) at http://www.cpan.org. The CPAN servers have a real tendency to bog down, so please use mirrors. The current location - at the time of this writing (02/17/99) can be found in Appendix A. + at the time of this writing can be found in . Quality, general Perl module installation instructions can be found on @@ -370,9 +396,11 @@ hurt anything. - Data::Dumper is used by the MySQL-related Perl modules. It can be - found on CPAN (link in Appendix A) and can be installed by following - the same four step make sequence used for the DBI module. + Data::Dumper is used by the MySQL-related Perl modules. It + can be found on CPAN (see ) and + can be + installed by following the same four step make sequence used + for the DBI module. @@ -414,37 +442,42 @@
TimeDate Perl Module Collection - Many of the more common date/time/calendar related Perl modules have - been grouped into a bundle similar to the MySQL modules bundle. This - bundle is stored on the CPAN under the name TimeDate. A link - link may be found in Appendix B, Software Download Links. - The component module we're - most interested in is the Date::Format module, but installing all of them - is probably a good idea anyway. The standard Perl module installation - instructions should work perfectly for this simple package. + Many of the more common date/time/calendar related Perl + modules have been grouped into a bundle similar to the MySQL + modules bundle. This bundle is stored on the CPAN under the + name TimeDate (see link: ). The + component module we're most interested in is the Date::Format + module, but installing all of them is probably a good idea + anyway. The standard Perl module installation instructions + should work perfectly for this simple package.
GD Perl Module (1.8.3) - The GD library was written by Thomas Boutell a long while ago to - programatically generate images in C. Since then it's become almost a - defacto standard for programatic image construction. The Perl bindings - to it found in the GD library are used on a million web pages to generate - graphs on the fly. That's what bugzilla will be using it for so you'd - better install it if you want any of the graphing to work. + The GD library was written by Thomas Boutell a long while + ago to programatically generate images in C. Since then it's + become the defacto standard for programatic image + construction. The Perl bindings to it found in the GD library + are used on millions of web pages to generate graphs on the + fly. That's what bugzilla will be using it for so you must + install it if you want any of the graphing to work. - Actually bugzilla uses the Graph module which relies on GD itself, - but isn't that always the way with OOP. At any rate, you can find the - GD library on CPAN (link in Appendix B, Software Download Links). + Actually bugzilla uses the Graph module which relies on GD + itself. Isn't that always the way with object-oriented + programming? At any rate, you can find the GD library on CPAN + in . - The Perl GD library requires some other libraries that may or may not be - installed on your system, including "libpng" and "libgd". The full requirements - are listed in the Perl GD library README. Just realize that if compiling GD fails, - it's probably because you're missing a required library. + The Perl GD library requires some other libraries that may + or may not be installed on your system, including + libpng and + libgd. The full requirements are + listed in the Perl GD library README. Just realize that if + compiling GD fails, it's probably because you're missing a + required library.
@@ -453,62 +486,78 @@ Chart::Base Perl Module (0.99c) The Chart module provides bugzilla with on-the-fly charting - abilities. It can be installed in the usual fashion after it has been - fetched from CPAN where it is found as the Chart-x.x... tarball in a - directory to be listed in Appendix B, "Software Download Links". - Note that as with the GD perl - module, only the version listed above, or newer, will work. - Earlier - versions used GIF's, which are no longer supported by the latest - versions of GD. + abilities. It can be installed in the usual fashion after it + has been fetched from CPAN where it is found as the + Chart-x.x... tarball, linked in . Note that + as with the GD perl module, only the version listed above, or + newer, will work. Earlier versions used GIF's, which are no + longer supported by the latest versions of GD.
DB_File Perl Module - DB_File is a module which allows Perl programs to make use of the facilities provided by - Berkeley DB version 1.x. This module is required by collectstats.pl which is used for - bug charting. If you plan to make use of bug charting, you must install this module. + DB_File is a module which allows Perl programs to make use + of the facilities provided by Berkeley DB version 1.x. This + module is required by collectstats.pl which is used for bug + charting. If you plan to make use of bug charting, you must + install this module.
HTTP Server - You have a freedom of choice here - Apache, Netscape or any other - server on UNIX would do. You can easily run the web server on a different - machine than MySQL, but need to adjust the MySQL "bugs" user permissions - accordingly. + You have a freedom of choice here - Apache, Netscape or any + other server on UNIX would do. You can easily run the web + server on a different machine than MySQL, but need to adjust + the MySQL bugs user permissions accordingly. + + I strongly recommend Apache as the web server to use. + The Bugzilla Guide installation instructions, in general, + assume you are using Apache. As more users use different + webservers and send me information on the peculiarities of + installing using their favorite webserver, I will provide + notes for them. + - You'll want to make sure that your web server will run any file - with the .cgi extension as a cgi and not just display it. If you're using - apache that means uncommenting the following line in the srm.conf file: - AddHandler cgi-script .cgi + You'll want to make sure that your web server will run any + file with the .cgi extension as a cgi and not just display it. + If you're using apache that means uncommenting the following + line in the srm.conf file: + +AddHandler cgi-script .cgi + - With apache you'll also want to make sure that within the access.conf - file the line: - - Options ExecCGI - - is in the stanza that covers the directories you intend to put the bugzilla - .html and .cgi files into. + With apache you'll also want to make sure that within the + access.conf file the line: + +Options ExecCGI + + is in the stanza that covers the directories into which + you intend to put the bugzilla .html and .cgi files. + - If you are using a newer version of Apache, both of the above lines will be - (or will need to be) in the httpd.conf file, rather than srm.conf or - access.conf. + Users of newer versions of Apache will generally find both + of the above lines will be in the httpd.conf file, rather + than srm.conf or access.conf. + - There are two critical directories and a file that should not be a served by - the HTTP server. These are the data and shadow - directories and the - localconfig file. You should configure your HTTP server to not serve - content from these files. Failure to do so will expose critical passwords - and other data. Please see for details. + There are important files and directories that should not + be a served by the HTTP server. These are most files in the + data and shadow directories + and the localconfig file. You should + configure your HTTP server to not serve content from these + files. Failure to do so will expose critical passwords and + other data. Please see for details + on how to do this for Apache. I appreciate notes on how to + get this same functionality using other webservers.
@@ -516,59 +565,65 @@
Installing the Bugzilla Files - You should untar the Bugzilla files into a directory that you're - willing to make writable by the default web server user (probably - nobody). You may decide to put the files off of the main web space - for your web server or perhaps off of /usr/local with a symbolic link - in the web space that points to the bugzilla directory. At any rate, - just dump all the files in the same place (optionally omitting the CVS - directories if they were accidentally tarred up with the rest of Bugzilla) - and make sure you can access the files in that directory through your - web server. + You should untar the Bugzilla files into a directory that + you're willing to make writable by the default web server user + (probably nobody). You may decide to put the + files off of the main web space for your web server or perhaps + off of /usr/local with a symbolic link in + the web space that points to the Bugzilla directory. At any + rate, just dump all the files in the same place, and make sure + you can access the files in that directory through your web + server. If you symlink the bugzilla directory into your Apache's - HTML heirarchy, you may receive "Forbidden" errors unless you - add the "FollowSymLinks" directive to the <Directory> entry - for the HTML root. + HTML heirarchy, you may receive + Forbidden errors unless you add the + FollowSymLinks directive to the + <Directory> entry for the HTML root. - Once all the files are in a web accessible directory, make that - directory writable by your webserver's user (which may require just - making it world writable). This is a temporary step until you run - the post-install checksetup.pl script, which locks down your - installation. - - - Lastly, you'll need to set up a symbolic link to /usr/bonsaitools/bin/perl - for the correct location of your perl executable (probably /usr/bin/perl). - Otherwise you must hack all the .cgi files to change where they look - for perl. To make future upgrades easier, you should use the symlink - approach. - - Setting up bonsaitools symlink - - Here's how you set up the Perl symlink on Linux to make Bugzilla work. - Your mileage may vary; if you are running on Solaris, you probably need to subsitute - /usr/local/bin/perl for /usr/bin/perl - below; if on certain other UNIX systems, - Perl may live in weird places like /opt/perl. As root, run these commands: - -bash# mkdir /usr/bonsaitools -bash# mkdir /usr/bonsaitools/bin + Once all the files are in a web accessible directory, make + that directory writable by your webserver's user. This is a + temporary step until you run the post-install + checksetup.pl script, which locks down your + installation. + + + Lastly, you'll need to set up a symbolic link to + /usr/bonsaitools/bin/perl for the correct + location of your perl executable (probably + /usr/bin/perl). Otherwise you must hack + all the .cgi files to change where they look for perl, or use + , found in + . I suggest using the symlink + approach for future release compatability. + + Setting up bonsaitools symlink + + Here's how you set up the Perl symlink on Linux to make + Bugzilla work. Your mileage may vary. For some UNIX + operating systems, you probably need to subsitute + /usr/local/bin/perl for + /usr/bin/perl below; if on certain other + UNIX systems, Perl may live in weird places like + /opt/perl. As root, run these commands: + +bash# mkdir /usr/bonsaitools +bash# mkdir /usr/bonsaitools/bin bash# ln -s /usr/bin/perl /usr/bosaitools/bin/perl - - - - - - If you don't have root access to set this symlink up, + + + + + + If you don't have root access to set this symlink up, check out the - , listed in . - It will change the path to perl in all your Bugzilla files for you. - + , listed in . It will change the path to perl in all your Bugzilla files for you. +
@@ -581,10 +636,11 @@ bash# ln -s /usr/bin/perl /usr/bosaitools/bin/perl quality bug tracker. - First, you'll want to fix MySQL permissions to allow access from - Bugzilla. For the purpose of this Installation section, the Bugzilla username - will be "bugs", and will have minimal permissions. - + First, you'll want to fix MySQL permissions to allow access + from Bugzilla. For the purpose of this Installation section, + the Bugzilla username will be bugs, and will + have minimal permissions. + Bugzilla has not undergone a thorough security audit. It @@ -594,199 +650,190 @@ bash# ln -s /usr/bin/perl /usr/bosaitools/bin/perl That would be bad. - - - - Give the MySQL root user a password. MySQL passwords are - limited to 16 characters. - - - - bash# - mysql -u root mysql - - - - - mysql> - - UPDATE user SET Password=PASSWORD ('new_password') - WHERE user='root'; - - - - - - mysql> - FLUSH PRIVILEGES; - - - - From this point on, if you need to access MySQL as the - MySQL root user, you will need to use "mysql -u root -p" and - enter your new_password. Remember that MySQL user names have - nothing to do with Unix user names (login names). - - - Next, we create the "bugs" user, and grant sufficient - permissions for checksetup.pl, which we'll use later, to work - its magic. This also restricts the "bugs" user to operations - within a database called "bugs", and only allows the account - to connect from "localhost". Modify it to reflect your setup - if you will be connecting from another machine or as a different - user. - - - Remember to set bugs_password to some unique password. - - - - mysql> - GRANT SELECT,INSERT,UPDATE,DELETE,INDEX, - ALTER,CREATE,DROP,REFERENCES - ON bugs.* TO bugs@localhost - IDENTIFIED BY 'bugs_password'; - - - - - - mysql> - - - FLUSH PRIVILEGES; - - - - - - - Next, run the magic checksetup.pl script. (Many thanks to Holger - Schurig <holgerschurig@nikocity.de> for writing this script!) - It will make sure Bugzilla files and directories have reasonable - permissions, set up the "data" directory, and create all the MySQL - tables. - - - - bash# - ./checksetup.pl - - - - The first time you run it, it will create a file called "localconfig". - - - -
- Tweaking "localconfig" - - This file contains a variety of settings you may need to tweak including - how Bugzilla should connect to the MySQL database. - - - The connection settings include: - - - - server's host: just use "localhost" if the MySQL server is - local - - - - - database name: "bugs" if you're following these directions - - - - - MySQL username: "bugs" if you're following these directions - - - - - Password for the "bugs" MySQL account above - - - - - - You may also install .htaccess files that the Apache webserver will use - to restrict access to Bugzilla data files. See . - - - Once you are happy with the settings, re-run checksetup.pl. On this - second run, it will create the database and an administrator account - for which you will be prompted to provide information. - - - When logged into an administrator account once Bugzilla is running, - if you go to the query page (off of the bugzilla main menu), you'll - find an 'edit parameters' option that is filled with editable treats. - - - Should everything work, you should have a nearly empty copy of the bug - tracking setup. - - - The second time around, checksetup.pl will stall if it is on a - filesystem that does not fully support file locking via flock(), such as - NFS mounts. This support is required for Bugzilla to operate safely with - multiple instances. If flock() is not fully supported, it will stall at: - Now regenerating the shadow database for all bugs. - + + + + Give the MySQL root user a password. MySQL passwords are + limited to 16 characters. + + + bash# mysql + -u root mysql + + + mysql> + UPDATE user SET Password=PASSWORD ('new_password') + WHERE user='root'; + + + mysql> FLUSH + PRIVILEGES; + + From this point on, if you need to access + MySQL as the MySQL root user, you will need to use + mysql -u root -p and enter your + new_password. Remember that MySQL user names have nothing to + do with Unix user names (login names). + + + Next, we create the bugs user, and grant + sufficient permissions for checksetup.pl, which we'll use + later, to work its magic. This also restricts the + bugs user to operations within a database + called bugs, and only allows the account to + connect from localhost. Modify it to reflect + your setup if you will be connecting from another machine or + as a different user. + + + Remember to set bugs_password to some unique password. + + + + mysql> + GRANT SELECT,INSERT,UPDATE,DELETE,INDEX, + ALTER,CREATE,DROP,REFERENCES + ON bugs.* TO bugs@localhost + IDENTIFIED BY 'bugs_password'; + + + + + + mysql> + + + FLUSH PRIVILEGES; + + + + + + + Next, run the magic checksetup.pl script. (Many thanks to + Holger Schurig <holgerschurig@nikocity.de> for writing + this script!) It will make sure Bugzilla files and directories + have reasonable permissions, set up the + data directory, and create all the MySQL + tables. + + + bash# + ./checksetup.pl + + The first time you run it, it will create a + file called localconfig. + +
+ +
+ Tweaking <filename>localconfig</filename> + + This file contains a variety of settings you may need to tweak including + how Bugzilla should connect to the MySQL database. + + + The connection settings include: + + - The second time you run checksetup.pl, you should become the - user your web server runs as, and that you ensure that you set the - "webservergroup" parameter in localconfig to match the web - server's group - name, if any. I believe, for the next release of Bugzilla, - this will - be fixed so that Bugzilla supports a "webserveruser" parameter - in localconfig - as well. - - Running checksetup.pl as the web user - - Assuming your web server runs as user "apache", - and Bugzilla is installed in - "/usr/local/bugzilla", here's one way to run checksetup.pl - as the web server user. - As root, for the second run - of checksetup.pl, do this: - -bash# chown -R apache:apache /usr/local/bugzilla -bash# su - apache -bash# cd /usr/local/bugzilla -bash# ./checksetup.pl - - - + server's host: just use localhost if the + MySQL server is local - - + + + + database name: bugs if you're following + these directions + + + + + MySQL username: bugs if you're following + these directions + + + + + Password for the bugs MySQL account above + + + + + + You should also install .htaccess files that the Apache + webserver will use to restrict access to Bugzilla data files. + See . + + + Once you are happy with the settings, re-run + checksetup.pl. On this second run, it will + create the database and an administrator account for which + you will be prompted to provide information. + + + When logged into an administrator account once Bugzilla is + running, if you go to the query page (off of the Bugzilla main + menu), you'll find an edit parameters option + that is filled with editable treats. + + + Should everything work, you will have a nearly empty Bugzilla + database and a newly-created localconfig + file in your Bugzilla root directory. + + - The checksetup.pl script is designed so that you can run - it at any time without causing harm. You should run it - after any upgrade to Bugzilla. + The second time you run checksetup.pl, you should become + the user your web server runs as, and that you ensure that + you set the webservergroup parameter in localconfig to + match the web server's group name, if any. I believe, + for the next release of Bugzilla, this will be fixed so + that Bugzilla supports a webserveruser parameter in + localconfig as well. + + Running checksetup.pl as the web user + + Assuming your web server runs as user "apache", and + Bugzilla is installed in "/usr/local/bugzilla", here's + one way to run checksetup.pl as the web server user. + As root, for the second run of + checksetup.pl, do this: + +bash# chown -R apache:apache /usr/local/bugzilla +bash# su - apache +bash# cd /usr/local/bugzilla +bash# ./checksetup.pl + + + -
- -
- Setting Up Maintainers Manually (Optional) + + - If you want to add someone else to every group by hand, you + The checksetup.pl script is designed so that you can run + it at any time without causing harm. You should run it + after any upgrade to Bugzilla. + + +
+ +
+ Setting Up Maintainers Manually (Optional) + + If you want to add someone else to every group by hand, you can do it by typing the appropriate MySQL commands. Run - ' mysql -u root -p bugs' You + mysql -u root -p bugs You may need different parameters, depending on your security settings. Then: mysql> update profiles set groupset=0x7fffffffffffffff where - login_name = 'XXX'; + login_name = 'XXX'; (yes, that's fifteenf's. replacing XXX with the Bugzilla email address. @@ -1156,33 +1203,74 @@ bash# ./checksetup.pl 0.
+ +
+ <filename>mod_throttle</filename> and Security + + It is possible for a user, by mistake or on purpose, to access + the database many times in a row which can result in very slow + access speeds for other users. If your Bugzilla installation + is experiencing this problem , you may install the Apache + module mod_throttle which can limit + connections by ip-address. You may download this module at + http://www.snert.com/Software/Throttle/. Follow the instructions to install into your Apache install. This module only functions with the Apache web server!. You may use the ThrottleClientIP command provided by this module to accomplish this goal. See the Module Instructions for more information. +
+ +
+ Preventing untrusted Bugzilla content from executing malicious Javascript code + It is possible for a Bugzilla to execute malicious + Javascript code. Due to internationalization concerns, we are + unable to incorporate the code changes necessary to fulfill + the CERT advisory requirements mentioned in http://www.cet.org/tech_tips/malicious_code_mitigation.html/#3. Executing the following code snippet from a UNIX command shell will rectify the problem if your Bugzilla installation is intended for an English-speaking audience. As always, be sure your Bugzilla installation has a good backup before making changes, and I recommend you understand what the script is doing before executing it. + +bash# cd $BUGZILLA_HOME; for i in `ls *.cgi`; \ + do cat $i | sed 's/Content-type\: text\/html/Content-Type: text\/html\; charset=ISO-8859-1/' >$i.tmp; \ + mv $i.tmp $i; done + + + All this one-liner command does is search for all instances of + Content-type: text/html and replaces it with + Content-Type: text/html; charset=ISO-8859-1. + This specification prevents possible Javascript attacks on the + browser, and is suggested for all English-speaking sites. For + non-english-speaking Bugzilla sites, I suggest changing + ISO-8859-1, above, to UTF-8. + +
+
UNIX Installation Instructions History - This document was originally adapted from the Bonsai installation - instructions by Terry Weissman <terry@mozilla.org>. + This document was originally adapted from the Bonsai + installation instructions by Terry Weissman + <terry@mozilla.org>. - The February 25, 1999 re-write of this page was done by Ry4an Brase - <ry4an@ry4an.org>, with some edits by Terry Weissman, Bryce Nesbitt, - Martin Pool, & Dan Mosedale (But don't send bug reports to them; - report them using bugzilla, at http://bugzilla.mozilla.org/enter_bug.cgi , - project Webtools, component Bugzilla). + The February 25, 1999 re-write of this page was done by Ry4an + Brase <ry4an@ry4an.org>, with some edits by Terry + Weissman, Bryce Nesbitt, Martin Pool, & Dan Mosedale (But + don't send bug reports to them; report them using bugzilla, at + http://bugzilla.mozilla.org/enter_bug.cgi , project Webtools, + component Bugzilla). - This document was heavily modified again Wednesday, March 07 2001 to - reflect changes for Bugzilla 2.12 release by Matthew P. Barnson. The - securing MySQL section should be changed to become standard procedure - for Bugzilla installations. + This document was heavily modified again Wednesday, March 07 + 2001 to reflect changes for Bugzilla 2.12 release by Matthew + P. Barnson. The securing MySQL section should be changed to + become standard procedure for Bugzilla installations. - Finally, the README in its entirety was marked up in SGML and included into - the Guide on April 24, 2001 by Matt Barnson. Since that time, it's undergone - extensive modification as Bugzilla grew. + Finally, the README in its entirety was marked up in SGML and + included into the Guide on April 24, 2001 by Matt Barnson. + Since that time, it's undergone extensive modification as + Bugzilla grew. - Comments from people using this Guide for the first time are particularly welcome. + Comments from people using this Guide for the first time are + particularly welcome.
@@ -1217,27 +1305,33 @@ bash# ./checksetup.pl picnic. Support for Win32 has improved dramatically in the last few releases, but, if you choose to proceed, you should be a very skilled Windows Systems - Administrator with both strong troubleshooting abilities and - a high tolerance for pain. Bugzilla on NT requires hacking - source code and implementing some advanced utilities. What - follows is the recommended installation procedure for Win32; - additional suggestions are provided in . + Administrator with strong troubleshooting abilities, a high + tolerance for pain, and moderate perl skills. Bugzilla on NT + requires hacking source code and implementing some advanced + utilities. What follows is the recommended installation + procedure for Win32; additional suggestions are provided in + . - Install Apache Web Server - for Windows. + Install Apache Web + Server for Windows, and copy the Bugzilla files + somewhere Apache can serve them. Please follow all the + instructions referenced in + regarding your Apache configuration, particularly + instructions regarding the AddHandler + parameter and ExecCGI. - You may also use Internet Information Server or Personal Web - Server for this purpose. However, setup is slightly more - difficult. If ActivePerl doesn't seem to handle your file - associations correctly (for .cgi and .pl files), please - consult . + You may also use Internet Information Server or Personal + Web Server for this purpose. However, setup is quite + different. If ActivePerl doesn't seem to handle your + file associations correctly (for .cgi and .pl files), + please consult . If you are going to use IIS, if on Windows NT you must @@ -1299,8 +1393,7 @@ bash# ./checksetup.pl Install MySQL for NT. - You can download MySQL for Windows NT from MySQL.com. Some find it helpful to use the WinMySqlAdmin utility, included with the download, to set up the database. + You can download MySQL for Windows NT from MySQL.com. Some find it helpful to use the WinMySqlAdmin utility, included with the download, to set up the database. @@ -1393,13 +1486,21 @@ bash# ./checksetup.pl this line: - "my $webservergid = getgrnam($my_webservergroup); " + +my $webservergid = getgrnam($my_webservergroup); + to - "my $webservergid = $my_webservergroup; " + +my $webservergid = $my_webservergroup; + +or the name of the group you wish to own the files explicitly: + +my $webservergid = 'Administrators' + @@ -1412,8 +1513,7 @@ bash# ./checksetup.pl Edit localconfig to suit your requirements. Set $db_pass to your - bugs_password from , and $webservergroup to 8. + bugs_password from , and $webservergroup to 8. Not sure on the 8 for $webservergroup above. If it's @@ -1455,8 +1555,7 @@ bash# ./checksetup.pl - Download NTsendmail, available from www.ntsendmail.com. You must have a "real" mail server which allows you to relay off it in your $ENV{"NTsendmail"} (which you should probably place in globals.pl) + Download NTsendmail, available from www.ntsendmail.com. You must have a "real" mail server which allows you to relay off it in your $ENV{"NTsendmail"} (which you should probably place in globals.pl) @@ -1503,7 +1602,15 @@ $mail->send($from,$to,$subject,$msg); - The code above needs testing as well to make sure it is correct. + + Some have found success using the commercial product, + Windmail. + You could try replacing your sendmail calls with: + +open SENDMAIL, "|\"C:/General/Web/tools/Windmail 4.0 Beta/windmail\" -t > mail.log"; + + or something to that effect. + @@ -1568,9 +1675,9 @@ exit; - This step is completely optional if you are using IIS or - another web server which only decides on an interpreter - based upon the file extension (.pl), rather than the + This step is optional if you are using IIS or another + web server which only decides on an interpreter based + upon the file extension (.pl), rather than the shebang line (#/usr/bonsaitools/bin/perl) @@ -1583,8 +1690,7 @@ exit; utility to speed part of this procedure, available in the section of The Bugzilla Guide. However, it requires the Cygwin GNU-compatible environment - for Win32 be set up in order to work. See http://www.cygwin.com/ for details on obtaining Cygwin. + for Win32 be set up in order to work. See http://www.cygwin.com/ for details on obtaining Cygwin. @@ -1604,10 +1710,11 @@ system ("perl processmail.pl",@ARGLIST); - If you are using IIS 5.0 or higher, you must add cgi + If you are using IIS or Personal Web Server, you must add cgi relationships to Properties -> Home directory (tab) -> Application Settings (section) -> Configuration (button), - such as: + such as: + .cgi to: <perl install directory>\perl.exe %s %s .pl to: <perl install directory>\perl.exe %s %s GET,HEAD,POST @@ -1625,11 +1732,10 @@ GET,HEAD,POST From Andrew Pearson:
- "You can make Bugzilla work with Personal Web Server for - Windows 98 and higher, as well as for IIS 4.0. Microsoft has - information available at - - http://support.microsoft.com/support/kb/articles/Q231/9/98.ASP + You can make Bugzilla work with Personal Web Server for + Windows 98 and higher, as well as for IIS 4.0. + Microsoft has information available at http://support.microsoft.com/support/kb/articles/Q231/9/98.ASP Basically you need to add two String Keys in the @@ -1651,119 +1757,28 @@ GET,HEAD,POST - "Brian" had this to add, about upgrading to Bugzilla 2.12 from previous versions: -
- - Hi - I am updating bugzilla to 2.12 so I can tell you what I did (after I - deleted the current dir and copied the files in). - - - In checksetup.pl, I did the following... - - - - -my $webservergid = getgrnam($my_webservergroup); + + If attempting to run Bugzilla 2.12 or older, you will need + to remove encrypt() calls from the Perl source. This is + not necessary for Bugzilla 2.13 and + later. + + Removing encrypt() for Windows NT Bugzilla version + 2.12 or earlier + + Replace this: + +SendSQL("SELECT encrypt(" . SqlQuote($enteredpwd) . ", " . SqlQuote(substr($realcryptpwd, 0, 2)) . ")"); +my $enteredcryptpwd = FetchOneColumn(); - to - -my $webservergid = 'Administrators' + with this: + +my $enteredcryptpwd = $enteredpwd - - - - I then ran checksetup.pl - - - - - I removed all the encrypt() - - Removing encrypt() for Windows NT installations - - Replace this: - -SendSQL("SELECT encrypt(" . SqlQuote($enteredpwd) . ", " . - SqlQuote(substr($realcryptpwd, 0, 2)) . ")"); -my $enteredcryptpwd = FetchOneColumn(); - - with this: - -my $enteredcryptpwd = $enteredpwd - - in cgi.pl. - - - - - - - I renamed processmail to processmail.pl - - - - - I altered the sendmail statements to windmail: - -open SENDMAIL, "|\"C:/General/Web/tools/Windmail 4.0 Beta/windmail\" -t > mail.log"; - - - - The quotes around the dir is for the spaces. mail.log is for the output - - - -
- - - - This was some late breaking information from Jan Evert. Sorry for the lack of formatting. + in cgi.pl. + + - -I'm busy installing bugzilla on a WinNT machine and I thought I'd notify you -at this moment of the commments I have to section 2.2.1 of the bugzilla -guide (at http://www.trilobyte.net/barnsons/html/). - -Step 1: -I've used apache, installation is really straightforward. -After reading the Unix installation instructions, I found that it is -necessary to add the ExecCGI option to the bugzilla directory. Also the -'AddHandler' line for .cgi is by default commented out. - -Step 3: although just a detail, 'ppm install <module%gt;' will also work -(without .ppd). And, it can also download these automatically from -ActiveState. - -Step 4: although I have cygwin installed, it seems that it is not necessary. -On my machine cygwin is not in the PATH and everything seems to work as -expected. -However, I've not used everything yet. - -Step 6: the 'bugs_password' given in SQL command d needs to be edited into -localconfig later on (Step 7) if the password is not empty. I've also edited -it into globals.pl, but I'm not sure that is needed. In both places, the -variable is named db_pass. - -Step 8: all the sendmail replacements mentioned are not as simple as -described there. Since I am not familiar (yet) with perl, I don't have any -mail working yet. - -Step 9: in globals.pl the encrypt() call can be replaced by just the -unencrypted password. In CGI.pl, the complete SQL command can be removed. - -Step 11: I've only changed the #! lines in *.cgi. I haven't noticed problems -with the system() call yet. -There seem to be only four system() called programs: processmail.pl (handled -by step 10), syncshadowdb (which should probably get the same treatment as -processmail.pl), diff and mysqldump. The last one is only needed with the -shadowdb feature (which I don't use). - -There seems to be one step missing: copying the bugzilla files somehwere -that apache can serve them. - -Just noticed the updated guide... Brian's comment is new. His first comment -will work, but opens up a huge security hole. - -- cgit v1.2.3-24-g4f1b