From 6c709dd097e65025038a0dc9c17fad6a88e99b6b Mon Sep 17 00:00:00 2001
From: "gerv%gerv.net" <>
Date: Sun, 25 Jan 2004 02:30:57 +0000
Subject: Massive rearrangement of the installation section. Hopefully it makes
sense now.
---
docs/xml/Bugzilla-Guide.xml | 22 +-
docs/xml/about.xml | 43 +-
docs/xml/customization.xml | 20 +-
docs/xml/faq.xml | 13 +
docs/xml/gfdl.xml | 22 +-
docs/xml/installation.xml | 2046 +++++++++++++++++++------------------------
docs/xml/modules.xml | 145 +++
7 files changed, 1137 insertions(+), 1174 deletions(-)
create mode 100644 docs/xml/modules.xml
(limited to 'docs/xml')
diff --git a/docs/xml/Bugzilla-Guide.xml b/docs/xml/Bugzilla-Guide.xml
index 1ed018678..0175caec1 100644
--- a/docs/xml/Bugzilla-Guide.xml
+++ b/docs/xml/Bugzilla-Guide.xml
@@ -11,13 +11,11 @@
-
-
-
+
-
+
-
+
@@ -54,7 +52,7 @@
-
+
@@ -136,12 +134,6 @@
&about;
-
-&introduction;
-
-
-&using;
-
&installation;
@@ -151,12 +143,18 @@
&customization;
+
+&using;
+
&faq;
&patches;
+
+&modules;
+
&gfdl;
diff --git a/docs/xml/about.xml b/docs/xml/about.xml
index 1d48fde19..b594ce163 100644
--- a/docs/xml/about.xml
+++ b/docs/xml/about.xml
@@ -6,8 +6,11 @@
Copyright Information
+
+ This document is copyright (c) 2000-2004 by the various
+ Bugzilla contributors who wrote it.
+
- Copyright (c) 2000-2004 The Bugzilla Team
Permission is granted to copy, distribute and/or modify this
document under the terms of the GNU Free Documentation
@@ -45,10 +48,10 @@
Although the Bugzilla development team has taken great care to
- ensure that all exploitable bugs or options have been
- fixed, security holes surely exist. Great care should be taken both in
+ ensure that all exploitable bugs have been fixed, security holes surely
+ exist in any piece of code. Great care should be taken both in
the installation and usage of this software. The Bugzilla development
- team members assume no liability for your use of this software. You have
+ team members assume no liability for your use of Bugzilla. You have
the source code, and are responsible for auditing it yourself to ensure
your security needs are met.
@@ -68,16 +71,36 @@
The latest version of this guide can always be found at , or checked out via CVS.
- (Please follow the Mozilla
+ url="http://www.bugzilla.org"/>, or checked out via CVS by
+ following the Mozilla
CVS instructions and check out the
mozilla/webtools/bugzilla/docs/
- subtree.) However, you should read the version
+ subtree. However, you should read the version
which came with the Bugzilla release you are using.
- The Bugzilla Guide is currently only available in English.
- If you would like to volunteer to translate it, please contact
+ The Bugzilla Guide, or a section of it, is also available in
+ the following languages:
+ German.
+
+
+
+ In addition, there are Bugzilla template localisation projects in
+ the following languages. They may have translated documentation
+ available:
+ Belarusian,
+ Brazilian Portuguese,
+ Chinese,
+ French,
+ German,
+ Korean,
+ Russian and
+ Spanish.
+
+
+
+ If you would like to volunteer to translate the Guide into additional
+ languages, please contact
Dave Miller.
@@ -113,7 +136,7 @@
- Last but not least, all the members of the
+ Also, thanks are due to the members of the
netscape.public.mozilla.webtools
newsgroup. Without your discussions, insight, suggestions, and patches,
diff --git a/docs/xml/customization.xml b/docs/xml/customization.xml
index 1bc2b97ee..67877f9ca 100644
--- a/docs/xml/customization.xml
+++ b/docs/xml/customization.xml
@@ -295,7 +295,7 @@
After untarring the localizations (or creating your own) in the
- BUGZILLA_ROOT/template directory,
+ BUGZILLA_ROOT/template directory,
you must update the parameter to contain any
localizations you'd like to permit. You may also wish to set the
parameter to something other than
@@ -345,12 +345,12 @@
tool (e.g. grep) to search the standard templates
for occurrences of Hook.process or browse
the directory tree in
- BUGZILLA_ROOT/template/en/extension/hook/,
+ BUGZILLA_ROOT/template/en/extension/hook/,
which contains a directory for each hook in the following location:
- BUGZILLA_ROOT/template/en/extension/hook/PATH_TO_STANDARD_TEMPLATE/STANDARD_TEMPLATE_NAME/HOOK_NAME/
+ BUGZILLA_ROOT/template/en/extension/hook/PATH_TO_STANDARD_TEMPLATE/STANDARD_TEMPLATE_NAME/HOOK_NAME/
@@ -375,7 +375,7 @@
The Bugzilla reviewers will promptly review each hook request,
name the hook, add it to the template, check the new version
of the template into CVS, and create the corresponding directory in
- BUGZILLA_ROOT/template/en/extension/hook/.
+ BUGZILLA_ROOT/template/en/extension/hook/.
@@ -415,7 +415,7 @@
useful-links.html.tmpl, which is located in
the global/ subdirectory on the standard Bugzilla
template path
- BUGZILLA_ROOT/template/en/default/.
+ BUGZILLA_ROOT/template/en/default/.
Looking in useful-links.html.tmpl, you find
the following hook at the end of the list of standard Bugzilla
administration links:
@@ -429,7 +429,7 @@
The corresponding directory for this hook is
- BUGZILLA_ROOT/template/en/extension/hook/global/useful-links.html.tmpl/edit/.
+ BUGZILLA_ROOT/template/en/extension/hook/global/useful-links.html.tmpl/edit/.
@@ -454,7 +454,7 @@
You may want to prefix your extension template names
with the name of your extension, e.g.
- projman-foo.html.tmpl,
+ projman-foo.html.tmpl,
so they do not conflict with the names of templates installed by
other extensions.
@@ -465,7 +465,7 @@
If your extension includes entirely new templates in addition to
extensions of standard templates, it should install those new
templates into an extension-specific subdirectory of the
- BUGZILLA_ROOT/template/en/extension/
+ BUGZILLA_ROOT/template/en/extension/
directory. The extension/ directory, like the
default/ and custom/
directories, is part of the template search path, so putting templates
@@ -494,9 +494,9 @@
Installation customizers can also take advantage of hooks when adding
code to a Bugzilla template. To do so, create directories in
- BUGZILLA_ROOT/template/en/custom/hook/
+ BUGZILLA_ROOT/template/en/custom/hook/
equivalent to the directories in
- BUGZILLA_ROOT/template/en/extension/hook/
+ BUGZILLA_ROOT/template/en/extension/hook/
for the hooks you want to use, then place your customization templates
into those directories.
diff --git a/docs/xml/faq.xml b/docs/xml/faq.xml
index a89112f1d..2eba96a18 100644
--- a/docs/xml/faq.xml
+++ b/docs/xml/faq.xml
@@ -217,6 +217,19 @@ perl -pi -e 's@#\!/usr/bin/perl@#\!/usr/local/bin/perl@' *cgi *pl
+
+
+
+ Does bugzilla run under mod_perl?
+
+
+
+
+ At present, no. This is being worked on.
+
+
+
+
diff --git a/docs/xml/gfdl.xml b/docs/xml/gfdl.xml
index 93987caf6..1d84d1255 100644
--- a/docs/xml/gfdl.xml
+++ b/docs/xml/gfdl.xml
@@ -16,7 +16,7 @@
- PREAMBLE
+ PreambleThe purpose of this License is to make a manual, textbook, or other
written document "free" in the sense of freedom: to assure everyone the
@@ -41,7 +41,7 @@
- APPLICABILITY AND DEFINITIONS
+ Applicability and DefinitionThis License applies to any manual or other work that contains a
notice placed by the copyright holder saying it can be distributed under
@@ -101,7 +101,7 @@
- VERBATIM COPYING
+ Verbatim CopyingYou may copy and distribute the Document in any medium, either
commercially or noncommercially, provided that this License, the
@@ -118,7 +118,7 @@
- COPYING IN QUANTITY
+ Copying in QuantityIf you publish printed copies of the Document numbering more than
100, and the Document's license notice requires Cover Texts, you must
@@ -157,7 +157,7 @@
- MODIFICATIONS
+ ModificationsYou may copy and distribute a Modified Version of the Document
under the conditions of sections 2 and 3 above, provided that you release
@@ -287,7 +287,7 @@
- COMBINING DOCUMENTS
+ Combining DocumentsYou may combine the Document with other documents released under
this License, under the terms defined in section 4 above for modified
@@ -313,7 +313,7 @@
- COLLECTIONS OF DOCUMENTS
+ Collections of DocumentsYou may make a collection consisting of the Document and other
documents released under this License, and replace the individual copies
@@ -329,7 +329,7 @@
- AGGREGATION WITH INDEPENDENT WORKS
+ Aggregation with Independent WorksA compilation of the Document or its derivatives with other
separate and independent documents or works, in or on a volume of a
@@ -348,7 +348,7 @@
- TRANSLATION
+ TranslationTranslation is considered a kind of modification, so you may
distribute translations of the Document under the terms of section 4.
@@ -363,7 +363,7 @@
- TERMINATION
+ TerminationYou may not copy, modify, sublicense, or distribute the Document
except as expressly provided for under this License. Any other attempt to
@@ -375,7 +375,7 @@
- FUTURE REVISIONS OF THIS LICENSE
+ Future Revisions of this LicenseThe Free Software Foundation may publish new, revised versions of
the GNU Free Documentation License from time to time. Such new versions
diff --git a/docs/xml/installation.xml b/docs/xml/installation.xml
index b3dd2a420..fd7bacbf5 100644
--- a/docs/xml/installation.xml
+++ b/docs/xml/installation.xml
@@ -1,106 +1,107 @@
-
-
- Installation
-
-
- Step-by-step Install
-
- Bugzilla has been successfully installed under many different
- operating systems including almost all Unix clones and
- Microsoft Windows. Many
- operating systems have utilities that make installation easier or quirks
- that make it harder. We have tried to collect that information in
- , so unless you are on Linux,
- be sure to check out that section before
- you start your installation.
-
+
+
+ Installing Bugzilla
+
+
+ Installation
+
+
+ If you just want to use Bugzilla,
+ you do not need to install it. None of this chapter is relevant to
+ you. Ask your Bugzilla administrator
+ for the URL to access it over the web.
+
+
+
+ The Bugzilla server software is usually installed on Linux or
+ Solaris.
+ If you are installing on another OS, check
+ before you start your installation to see if there are any special
+ instructions.
+
-
- Windows is one of those operating systems that has many quirks
- and is not yet officially supported by the Bugzilla team. If you wish
- to install Bugzilla on Windows, be sure to see
- .
-
-
+
+ As an alternative to following these instructions, you may wish to
+ try Arne Schirmacher's unofficial and unsupported
+ Bugzilla
+ Installer, which installs Bugzilla and all its prerequisites
+ on Linux or Solaris systems.
+
-
- While installing Bugzilla, it is a good idea to ensure that there
- is some kind of configurable firewall between you and the rest of the
- Internet
- as your machine may be insecure for periods during the install. Many
- installation steps require an active Internet connection to complete,
- but you must take care to ensure that at no point is your machine
- vulnerable to an attack.
-
-
- This guide assumes that you already have your operating system
- installed, network configured, and have administrative access to the
- machine onto which you are installing Bugzilla. It is possible to
- install and run Bugzilla itself without administrative access, but you
- have to
- either make sure all the required software is installed or get somebody
- with administrative access to install it for you.
-
+ This guide assumes that you have administrative access to the
+ Bugzilla machine. It not possible to
+ install and run Bugzilla itself without administrative access except
+ in the very unlikely event that every single prerequisite is
+ already installed.
+
-
- You are strongly recommended to make a backup of your system
- before installing Bugzilla (and at regular intervals thereafter :-).
-
-
- Here's a basic step-by-step list:
+
+ The installation process may make your machine insecure for
+ short periods of time. Make sure there is a firewall between you
+ and the Internet.
+
-
-
- Install Perl
- (&min-perl-ver; or above)
-
-
-
- Install MySQL
- (&min-mysql-ver; or above)
-
-
-
- Install a Webserver
-
-
-
- Put Bugzilla in the Webspace
-
-
-
- Install Perl Modules
-
-
-
- Setup the MySQL Database
-
-
-
+
+ You are strongly recommended to make a backup of your system
+ before installing Bugzilla (and at regular intervals thereafter :-).
+
+
+ In outline, the installation proceeds as follows:
+
+
+
+
+ Install Perl
+ (&min-perl-ver; or above)
+
+
+
+ Install MySQL
+ (&min-mysql-ver; or above)
+
+
+
+ Install a Webserver
+
+
+
+ Install Bugzilla
+
+
+
+ Install Perl modules
+
+
+
+ Configure all of the above.
+
+
+ Perl
+ Installed Version Test: perl -v
+
Any machine that doesn't have Perl on it is a sad machine indeed.
- If your OS doesn't come with it, Perl can be got in source form
- from .
- There are also binary versions available for many platforms, most of which
- are linked to from perl.com.
- Although Bugzilla runs with perl &min-perl-ver;,
- it's a good idea to be up to the very latest version
- if you can when running Bugzilla. As of this writing, that is Perl
- version &newest-perl-ver;.
+ If you don't have it and your OS doesn't provide official packages,
+ visit .
+ Although Bugzilla runs with Perl &min-perl-ver;,
+ it's a good idea to be using the latest stable version.
+ As of this writing, that is Perl &newest-perl-ver;.MySQL
- If your OS doesn't come with it or provide official packages,
- visit the MySQL homepage at
-
- to grab and install the latest stable release of the server.
+ Installed Version Test: mysql -V
+
+
+ If you don't have it and your OS doesn't provide official packages,
+ visit . You need MySQL version
+ &min-mysql-ver; or higher.
@@ -108,278 +109,126 @@
versions of MySQL store their data files in
/var.
On some Unix systems, this is part of a smaller root partition,
- and may not have room for your bug database. You can set the data
- directory as an option to configure
- if you build MySQL from source yourself.
-
-
+ and may not have room for your bug database. To change the data
+ directory, you have to build MySQL from source yourself, and
+ set it as an option to configure.
+
+
If you install from something other than a packaging/installation
- system (such as .rpm, .dep, .exe, or .msi) you will need to configure
- your system so the MySQL server daemon will come back up whenever
- your machine reboots.
-
-
- If you wish to have attachments larger than 64K, you will have to
- configure MySQL to accept large packets. This is done by adding the text
- in to your
- my.conf file. There is also a parameter in Bugzilla
- for setting the maximum allowable attachment size.
-
- You should set this value to be slightly larger than that parameter.
-
+ system (such as .rpm, .dep, .exe, or .msi) make sure the MySQL server
+ is started when the machine boots.
+
-
- Set Max Packet Size in MySQL
-
-
-[mysqld]
-# Allow packets up to 1M
-set-variable = max_allowed_packet=1M
-
-
-
- If you are running Bugzilla and MySQL on the same machine, you may
- also wish to utilize the option as
- mentioned in for the added security.
-
-
-
- Adding a user to MySQL
-
- This first thing you'll want to do is make sure you've given the
- root user a password as suggested in
- . Then, you need to add a user for
- Bugzilla to use. For clarity, these instructions will
- assume that your MySQL user for Bugzilla will be bugs_user,
- the database will be called bugs_db and the password for
- the bugs_user user is bugs_password. You
- should, of course, substitute the values you intend to use for your site.
-
-
-
- Most people use bugs for both the user and
- database name. Don't use it for the password, though...
-
-
-
- We use an SQL GRANT command to create a
- bugs_user
- user. This also restricts the
- bugs_user
- user to operations within a database called
- bugs_db, and only allows the account to connect from
- localhost.
- Modify it to reflect your setup if you will be connecting from
- another machine or as a different user.
-
-
- mysql> GRANT SELECT,INSERT,UPDATE,DELETE,INDEX,ALTER,CREATE,
- DROP,REFERENCES ON bugs_db.* TO bugs_user@localhost
- IDENTIFIED BY 'bugs_password';
- mysql> FLUSH PRIVILEGES;
-
-
-
- If you are using MySQL 4, the bugs user also needs to be granted
- the LOCK TABLES and
- CREATE TEMPORARY TABLES permissions,
- so add them to the list in the
- GRANT command.
-
-
-
-
+
- HTTP Server
+ Web Server
+ Installed Version Test: view the default welcome page at
+ http://<your-machine>/
+
You have freedom of choice here, pretty much any web server that
is capable of running CGI
- scripts will work. has more information about
- configuring web servers to work with Bugzilla.
-
-
-
- We strongly recommend Apache as the web server to use. The
- Bugzilla Guide installation instructions, in general, assume you are
- using Apache. If you have got Bugzilla working using another webserver,
+ scripts will work.
+ However, we strongly recommend using the Apache web server
+ (either 1.3.x or 2.x), and
+ the installation instructions usually assume you are
+ using it. If you have got Bugzilla working using another webserver,
please share your experiences with us by filing a bug in &bzg-bugs;.
-
-
+
+
+
+ If you don't have Apache and your OS doesn't provide official packages,
+ visit .
+ Bugzilla
- You should untar the Bugzilla files into a directory that you're
- willing to make writable by the default web server user (probably
- nobody).
- You may decide to put the files in the main web space for your
- web server or perhaps in
- /usr/local
- with a symbolic link in the web space that points to the Bugzilla
- directory.
-
-
- If you symlink the bugzilla directory into your Apache's
- html
- hierarchy, you may receive
- Forbidden
- errors unless you add the
- FollowSymLinks
- directive to the <Directory> entry for
- the HTML root directory in httpd.conf.
-
+
+ Download a Bugzilla tarball (or check it out from CVS) and place
+ it in a suitable directory, writable by the default web server user
+ (probably nobody).
+ Good locations are either directly in the main web space for your
+ web server or perhaps in
+ /usr/local
+ with a symbolic link from the web space.
+ The default Bugzilla distribution is not designed to be placed
- in a cgi-bin directory (this
+ in a cgi-bin directory. This
includes any directory which is configured using the
- directive of Apache).
+ directive of Apache.
Once all the files are in a web accessible directory, make that
directory writable by your webserver's user. This is a temporary step
- until you run the post-install
+ until you run the
checksetup.pl
script, which locks down your installation.
-
-
-
- <filename>checksetup.pl</filename>
-
-
- Next, run the magic checksetup.pl script.
- This is designed to check whether you have all of the right
- Perl modules in the correct
- versions, and that Bugzilla is generally set up correctly.
+
+ Perl Modules
+
+ Bugzilla's installation process is based
+ on a script called checksetup.pl.
+ The first thing it checks is whether you have appropriate
+ versions of all the required
+ Perl modules. The aim of this section is to pass this check.
+ When it passes,
+ do not run it again,
+ but proceed to .
- Eventually,
- it will make sure Bugzilla files and directories have reasonable
- permissions, set up the
- data
- directory, and create all the MySQL tables. But the first time you
- run it, it's highly likely to tell you that you are missing a few
- Perl modules. Make a note of which ones they are, and then proceed to
- the next section to install them.
+ At this point, you need to su to root. You should
+ remain as root until the end of the install. Then run:
-
-
-bash# ./checksetup.pl
-
-
-
- The first time you run it with all the correct modules installed,
- it will create a file called
- localconfig.
- This file contains a variety of settings you may need to tweak
- including how Bugzilla should connect to the MySQL database.
-
- The connection settings include:
-
-
- server's host: just use
- localhost
- if the MySQL server is local
-
-
-
- database name:
- bugs_db
- if you're following these directions
-
-
-
- MySQL username:
- bugs_user
- if you're following these directions
-
+ bash# ./checksetup.pl
-
- Password for the
- bugs_user
- MySQL account; (bugs_password above)
-
-
+
+
+
+
+ checksetup.pl will print out a list of the
+ required and optional Perl modules, together with the versions
+ (if any) installed on your machine.
+ The list of required modules is reasonably long; however, you
+ may already have several of them installed.
-
- Edit the file to change these. Once you are happy with the
- settings, su to the user
- your web server runs as, and re-run
- checksetup.pl. (Note: on some security-conscious
- systems, you may need to change the login shell for the webserver
- account before you can do this.)
- On this second run, it will create the database and an administrator
- account for which you will be prompted to provide information.
-
-
- The checksetup.pl script is designed so that you can run it at
- any time without causing harm. You should run it after any upgrade to
- Bugzilla.
-
-
-
-
- Perl Modules
- Don't be intimidated by this long list of modules. See
- for a way of
- installing all the ones you need with a single command.
+
+ There is a meta-module called Bundle::Bugzilla,
+ which installs all the other
+ modules with a single command. You should use this if you are running
+ Perl 5.6.1 or above.
- Perl modules can be found using
- CPAN on Unix based systems or
- PPM on Win32.
-
-
- Good instuctions can be found for using each of these services on
- their respective websites. The basics can be found in
- for CPAN and
- for PPM.
-
-
-
- Installing perl modules with CPAN
-
- The easy way:
-
-bash# perl -MCPAN -e 'install "<modulename>"'
-
-
-
- Or the hard way:
-
-bash# tar xzvf <module>.tar.gz
-bash# cd <module>
-bash# perl Makefile.PL
-bash# make
-bash# make test
-bash# make install
-
-
-
- This assumes that you've already downloaded the
- <module>.tar.gz to the current working
- directory.
-
-
-
- The process of untarring the module as defined in
- will create the
- <module> directory.
-
-
-
-
-
+
+ The preferred way of installing Perl modules is via CPAN on Unix,
+ or PPM on Windows (see ). These
+ instructions assume you are using CPAN; if for some reason you need
+ to install the Perl modules manually, see
+ .
+
+
+ bash# perl -MCPAN -e 'install "<modulename>"'
+
+ If you using Bundle::Bugzilla, invoke the magic CPAN command on it.
+ Otherwise, you need to work down the
+ list of modules that checksetup.pl says are
+ required, in the order given, invoking the command on each.
+
+
Many people complain that Perl modules will not install for
them. Most times, the error messages complain that they are missing a
@@ -395,35 +244,41 @@ set-variable = max_allowed_packet=1M
for further assistance or hire someone to help you out.
+
+ Here is a complete list of modules and their minimum versions.
+ Some modules have special installation notes, which follow.
+
- Perl Modules (minimum version):
+ Required Perl modules:
- Bundle::Bugzilla
- (Will allow you to skip the rest)
+ AppConfig (&min-appconfig-ver;)
- CGI
- (&min-cgi-ver;)
+ CGI (&min-cgi-ver;)
- Date::Format
- (&min-date-format-ver;)
+ Data::Dumper (&min-data-dumper-ver;)
+
+
+
+
+
+ Date::Format (&min-date-format-ver;)
- DBI
- (&min-dbi-ver;)
+ DBI (&min-dbi-ver;)
@@ -436,34 +291,31 @@ set-variable = max_allowed_packet=1M
- File::Spec
- (&min-file-spec-ver;)
+ File::Spec (&min-file-spec-ver;)
- File::Temp
- (&min-file-temp-ver;)
+ File::Temp (&min-file-temp-ver;)
- Template Toolkit
+ Template
(&min-template-ver;)
- Text::Wrap
- (&min-text-wrap-ver;)
+ Text::Wrap (&min-text-wrap-ver;)
- and, optionally:
+ Optional Perl modules:
@@ -479,13 +331,6 @@ set-variable = max_allowed_packet=1M
-
-
- XML::Parser
- (&min-xml-parser-ver;) for the XML interface
-
-
-
GD::Graph
@@ -502,8 +347,8 @@ set-variable = max_allowed_packet=1M
- MIME::Parser
- (&min-mime-parser-ver;) for the email interface
+ XML::Parser
+ (&min-xml-parser-ver;) for the XML interface
@@ -513,472 +358,669 @@ set-variable = max_allowed_packet=1M
(&min-patchreader-ver;) for pretty HTML view of patches
+
+
+
+ MIME::Parser
+ (&min-mime-parser-ver;) for the optional email interface
+
+
+
+ DBD::mysql
-
- Bundle::Bugzilla
-
- If you are running at least perl 5.6.1, you can save yourself a lot
- of time by using Bundle::Bugzilla. This bundle contains every module
- required to get Bugzilla running. It does not include GD and friends, but
- these are not required for a base install and can always be added later
- if the need arises.
-
-
- Assuming your perl was installed with CPAN (most unix installations
- are), using Bundle::Bugzilla is really easy. Simply follow along with the
- commands below.
-
+ The installation process will ask you a few questions about the
+ desired compilation target and your MySQL installation. For most of the
+ questions the provided default will be adequate, but when asked if your
+ desired target is the MySQL or mSQL packages, you should
+ select the MySQL-related ones. Later you will be asked if you wish to
+ provide backwards compatibility with the older MySQL packages; you
+ should answer YES to this question. The default is NO.
+ A host of 'localhost' should be fine. A testing user of 'test',
+ with a null password, should have sufficient access to run
+ tests on the 'test' database which MySQL creates upon installation.
+
+
-
-bash#perl -MCPAN -eshell
-cpan shell -- CPAN exploration and modules installation (v1.63)
-ReadLine support enabled
+
+ Template Toolkit (&min-template-ver;)
-cpan>
+ When you install Template Toolkit, you'll get asked various
+ questions about features to enable. The defaults are fine, except
+ that it is recommended you use the high speed XS Stash of the Template
+ Toolkit, in order to achieve best performance.
+
+
-
+
+ GD (&min-gd-ver;)
-
-
- At this point, unless you've used CPAN on this machine before,
- you'll have to go through a series of configuration steps.
-
-
-
-
-
-
- CGI (&min-cgi-ver;)
+ The GD module is only required if you want graphical reports.
+
- The CGI module parses form elements and cookies and does many
- other usefule things. It come as a part of recent perl distributions, but
- Bugzilla needs a fairly new version.
-
+
+ The Perl GD module requires some other libraries that may or
+ may not be installed on your system, including
+ libpng
+ and
+ libgd.
+ The full requirements are listed in the Perl GD module README.
+ If compiling GD fails, it's probably because you're
+ missing a required library.
+
-
- CPAN Download Page:
- PPM Download Link:
- Documentation:
-
-
+
+ The version of the GD module you need is very closely tied
+ to the libgd version installed on your system.
+ If you have a version 1.x of libgd the 2.x
+ versions of the GD module won't work for you.
+
+
+
-
- TimeDate modules (&min-date-format-ver;)
+
+ Chart::Base (&min-chart-base-ver;)
- Many of the more common date/time/calendar related Perl modules
- have been grouped into a bundle similar to the MySQL modules bundle.
- This bundle is stored on the CPAN under the name TimeDate.
- The component module we're most interested in is the Date::Format
- module, but installing all of them is probably a good idea anyway.
-
+ The Chart::Base module is only required if you want graphical
+ reports.
+ Note that earlier versions that 0.99c used GIFs, which are no longer
+ supported by the latest versions of GD.
+
-
- CPAN Download Page:
- PPM Download Link:
- Documentation:
-
-
+
+ GD::Graph (&min-gd-graph-ver;)
-
- DBI (&min-dbi-ver;)
-
- The DBI module is a generic Perl module used the
- MySQL-related modules. As long as your Perl installation was done
- correctly the DBI module should be a breeze. It's a mixed Perl/C
- module, but Perl's MakeMaker system simplifies the C compilation
- greatly.
-
-
- CPAN Download Page:
- PPM Download Link:
- Documentation:
-
-
+ The GD::Graph module is only required if you want graphical
+ reports.
+
+
-
- MySQL-related modules
+
+ GD::Text::Align (&min-gd-text-align-ver;)
- The Perl/MySQL interface requires a few mutually-dependent Perl
- modules. These modules are grouped together into the the
- Msql-Mysql-modules package.
+ The GD::Text::Align module is only required if you want graphical
+ reports.
+
+
- The MakeMaker process will ask you a few questions about the
- desired compilation target and your MySQL installation. For most of the
- questions the provided default will be adequate, but when asked if your
- desired target is the MySQL or mSQL packages, you should
- select the MySQL related ones. Later you will be asked if you wish to
- provide backwards compatibility with the older MySQL packages; you
- should answer YES to this question. The default is NO.
+
+ XML::Parser (&min-xml-parser-ver;)
- A host of 'localhost' should be fine and a testing user of 'test'
- with a null password should find itself with sufficient access to run
- tests on the 'test' database which MySQL created upon installation.
-
+ The XML::Parser module is only required if you want to import
+ XML bugs using the importxml.pl
+ script. This is required to use Bugzilla's "move bugs" feature;
+ you may also want to use it for migrating from another bug database.
+ XML::Parser requires that the
+ expat library is already installed on your machine.
+
+
-
- CPAN Download Page:
- PPM Download Link:
- Documentation:
-
-
+
+ MIME::Parser (&min-mime-parser-ver;)
-
- File::Spec (&min-file-spec-ver;)
+ The MIME::Parser module is only required if you want to use the
+ email interface
+ located in the contrib directory.
+
+
- File::Spec is a perl module that allows file operations, such as
- generating full path names, to work cross platform.
-
+
+ PatchReader (&min-patchreader-ver;)
-
- CPAN Download Page:
- PPM Download Page:
- Documentation:
-
-
+ The PatchReader module is only required if you want to use
+ Patch Viewer, a
+ Bugzilla feature to show code patches in your web browser in a more
+ readable form.
+
+
+
+
+
+
+
+ Configuration
-
- File::Temp (&min-file-temp-ver;)
+
+ Poorly-configured MySQL and Bugzilla installations have
+ given attackers full access to systems in the past. Please take the
+ security parts of these guidelines seriously, even for Bugzilla
+ machines hidden away behind your firewall.
+
- File::Temp is used to generate a temporary filename that is
- guaranteed to be unique. It comes as a standard part of perl
+
+ localconfig
+
+
+ Once you run checksetup.pl with all the correct
+ modules installed, it displays a message about, and write out a
+ file called,
+ localconfig. This file contains the default
+ settings for a number of Bugzilla parameters.
-
-
- CPAN Download Page:
- PPM Download Link:
- Documentation:
-
-
-
-
- Template Toolkit (&min-template-ver;)
-
- When you install Template Toolkit, you'll get asked various
- questions about features to enable. The defaults are fine, except
- that it is recommended you use the high speed XS Stash of the Template
- Toolkit, in order to achieve best performance.
+
+ Load this file in your editor. The only value you
+ need to change is $db_pass, the password for
+ the user you will create for your database.
+ Pick a strong password (for simplicity, it should not contain
+ single quote characters) and put it here.
-
-
- CPAN Download Page:
- PPM Download Link:
- Documentation:
-
-
-
-
- Text::Wrap (&min-text-wrap-ver;)
-
- Text::Wrap is designed to proved intelligent text wrapping.
+
+
+ The other options in the localconfig file
+ are documented by their accompanying comments. If you have a slightly
+ non-standard MySQL setup, you may wish to change one or more of
+ the other "$db_*" parameters.
-
-
-
- CPAN Download Page:
- Documentation:
-
-
-
-
-
- GD (&min-gd-ver;) [optional]
-
- You need the GD library if you want any of the graphing to work.
+
+
+ You may also wish to change the names of
+ the priorities, severities, operating systems and platforms for your
+ installation. However, you can always change these after installation
+ has finished; if you then re-run
+ checksetup.pl, the changes will get picked up.
-
-
- The Perl GD library requires some other libraries that may or
- may not be installed on your system, including
- libpng
- and
- libgd.
- The full requirements are listed in the Perl GD library README.
- If compiling GD fails, it's probably because you're
- missing a required library.
-
-
-
- The version of the GD perl module you need is very closely tied
- to the libgd version installed on your system.
- If you have a version 1.x of libgd the 2.x
- versions of the GD perl module won't work for you.
-
-
-
-
- CPAN Download Page:
- PPM Download Link:
- Documentation:
-
-
-
-
- Chart::Base (&min-chart-base-ver;) [optional]
-
- The Chart module provides Bugzilla with on-the-fly charting
- abilities. It can be installed in the usual fashion after it has been
- fetched from CPAN.
- Note that earlier versions that 0.99c used GIFs, which are no longer
- supported by the latest versions of GD.
-
-
-
- CPAN Download Page:
- PPM Download Link:
-
+
+
+ MySQL
-
- XML::Parser (&min-xml-parser-ver;) [optional]
+
+ Security
- XML::Parser is used by the importxml.pl
- script. You only need it if you are going to be importing bugs (such as
- for bug moving). XML::Parser requires that the
- expat library is already installed on your machine.
-
+ MySQL ships as insecure by default.
+ It allows anybody to on the local machine full administrative
+ capabilities without requiring a password; the special
+ MySQL root account (note: this is not the same as
+ the system root) also has no password.
+ Also, many installations default to running
+ mysqld as the system root.
+
-
-
- CPAN Download Page:
- Documentation:
-
-
+
+
+ To disable the anonymous user account
+ and set a password for the root user, execute the following. The
+ root user password should be different to the bugs user password
+ you set in
+ localconfig in the previous section,
+ and also different to
+ the password for the system root account on your machine.
+
+ bash$ mysql mysql
+ mysql> DELETE FROM user WHERE user = '';
+ mysql> UPDATE user SET password = password('new_password') WHERE user = 'root';
+ mysql> FLUSH PRIVILEGES;
+
+ From this point forward, to run the
+ mysql command-line client,
+ you will need to type
+ mysql -u root -p and enter
+ new_password when prompted.
+
+
-
- GD::Graph (&min-gd-graph-ver;) [optional]
+
+ If you run MySQL on the same machine as your web server, you
+ should disable remote access to MySQL by adding
+ the following to your /etc/my.conf:
+
+ [myslqd]
+ # Prevent network access to MySQL.
+ skip-networking
+
- In addition to GD listed above, the reporting interface of Bugzilla
- needs to have the GD::Graph module installed.
-
+
+ Consult the documentation that came with your system for
+ information on making mysqld run as an
+ unprivileged user.
+
+
-
- CPAN Download Page:
- PPM Download Link:
- Documentation:
-
-
+
+ For added security, you could also run MySQL, or even all
+ of Bugzilla
+ in a chroot jail; however, instructions for doing that are beyond
+ the scope of this document.
+
+
-
- GD::Text::Align (&min-gd-text-align-ver;) [optional]
+
- GD::Text::Align, as the name implies, is used to draw aligned
- strings of text. It is needed by the reporting interface.
-
+
+
+
+ Allow large attachments
+
+ You need to configure MySQL to accept large packets, if you
+ want to have attachments larger than 64K. Add the text
+ below to your
+ /etc/my.conf.
+ There is also a parameter in Bugzilla
+ for setting the maximum allowable attachment size, (default 1MB).
+ Bugzilla will only accept attachments up to the lower of these two
+ sizes.
+
-
- CPAN Download Page:
- PPM Download Page:
- Documentation:
-
-
+ [mysqld]
+ # Allow packets up to 1M
+ set-variable = max_allowed_packet=1M
+
+
+
+ Add a user to MySQL
+
+ You need to add a new MySQL user for
+ Bugzilla to use. (It's not safe to have Bugzilla use the MySQL root
+ account.) The following instructions assume the defaults in
+ localconfig;
+ if you changed those, you need to modify the
+ SQL command appropriately. You will need the
+ $db_pass password you set in
+ localconfig in
+ .
+
-
- MIME::Parser (&min-mime-parser-ver;) [optional]
+ We use an SQL GRANT command to create a
+ bugs
+ user. This also restricts the
+ bugs
+ user to operations within a database called
+ bugs, and only allows the account to connect from
+ localhost.
+ Modify it to reflect your setup if you will be connecting from
+ another machine or as a different user.
+
+ Run the mysql command-line client and
+ enter:
- MIME::Parser is only needed if you want to use the e-mail interface
- located in the contrib directory.
-
+ mysql> GRANT SELECT,INSERT,UPDATE,DELETE,INDEX,ALTER,CREATE,
+ DROP,REFERENCES ON bugs.* TO bugs@localhost
+ IDENTIFIED BY '$db_pass';
+ mysql> FLUSH PRIVILEGES
-
- CPAN Download Page:
- PPM Download Link:
- Documentation:
-
+
+ If you are using MySQL 4, you need to add
+ the LOCK TABLES and
+ CREATE TEMPORARY TABLES permissions
+ to the list.
+
+
+
-
- PatchReader (&min-patchreader-ver;) [optional]
-
- PatchReader is only needed if you want to use Patch Viewer, a
- Bugzilla feature to format patches in a pretty HTML fashion. There are a
- number of optional parameters you can configure Patch Viewer with as well,
- including cvsroot, cvsroot_get, lxr_root, bonsai_url, lxr_url, and
- lxr_root. Patch Viewer also optionally will use cvs, diff and interdiff
- utilities if they exist on the system (interdiff can be found in the
- patchutils package at .
- These programs' locations can be configured in localconfig.
-
+
+ checksetup.pl
-
- CPAN Download Page:
- Documentation:
-
-
-
-
+
+ Next, rerun checksetup.pl. It reconfirms
+ that all the modules are present, and notices the altered
+ localconfig file, which it assumes you have edited to your
+ satisfaction. It compiles the UI templates,
+ connects to the database using the 'bugs'
+ user you created and the password you defined, and creates the
+ 'bugs' database and the tables therein.
+
-
- Configuring Bugzilla
- Once checksetup.pl has run successfully, Bugzilla should start up.
- Proceed to the correct URL and log in with the administrator account
- you defined in the last checksetup.pl run.
+ After that, it asks for details of an administrator account. Bugzilla
+ can have multiple administrators - you can create more later - but
+ it needs one to start off with.
+ Enter the email address of an administrator, his or her full name,
+ and a suitable Bugzilla password.
- You should run through the parameters on the Edit Parameters page
- (link in the footer) and set them all to appropriate values.
- They key parameters are documented in .
+ checksetup.pl will then finish. You may rerun
+ checksetup.pl at any time if you wish.
-
-
-
- HTTP Server Configuration
-
- The Bugzilla Team recommends Apache when using Bugzilla, however, any web server
- that can be configured to run CGI scripts
- should be able to handle Bugzilla. No matter what web server you choose, but
- especially if you choose something other than Apache, you should be sure to read
- .
-
-
- The plan for this section is to eventually document the specifics of how to lock
- down permissions on individual web servers.
-
-
- Apache <productname>httpd</productname>
- You will have to make sure that Apache is properly
- configured to run the Bugzilla CGI scripts. You also need to make sure
- that the .htaccess files created by
- ./checksetup.pl are allowed to override Apache's normal access
- permissions or else important password information may be exposed to the
- Internet.
+
+ Web server
+ Configure your web server according to the instructions in the
+ appropriate section. The Bugzilla Team recommends Apache.
- You need to configure Apache to run .cgi files outside the
- cgi-bin directory.
- Open your
- httpd.conf file and make sure the
- following line exists and is uncommented:
-
-AddHandler cgi-script .cgi
-
+
+ Apache <productname>httpd</productname>
+
+ Load httpd.conf in your editor.
+
+ Uncomment (or add) the following line.
+ This configures Apache to run .cgi files outside the
+ cgi-bin directory.
+
+
+ AddHandler cgi-script .cgi
+
+ Apache uses <Directory>
+ directives to permit fine-grained permission setting.
+ Add the following two lines to a
+ <Directory> directive that
+ applies either to the Bugzilla directory or one of its parents
+ (e.g. the <Directory /var/www/html>
+ directive).
+ This allows Bugzilla's .htaccess files to
+ override global permissions, and allows .cgi files to run in the
+ Bugzilla directory.
+
+
+ Options +ExecCGI +FollowSymLinks
+ AllowOverride Limit
+
+ Add index.cgi to the end
+ of the DirectoryIndex
+ line.
+
+ checksetup.pl can set tighter permissions
+ on Bugzilla's files and directories if it knows what user the
+ webserver runs as. Look for the User
+ line in httpd.conf, and place that value in
+ the $webservergroup variable in
+ localconfig. Then rerun
+ checksetup.pl.
+
+
+
+
+ Microsoft <productname>Internet Information Services</productname>
+
+ If you need, or for some reason even want, to use Microsoft's
+ Internet Information Services or
+ Personal Web Server you should be able
+ to. You will need to configure them to know how to run CGI scripts.
+ This is described in Microsoft Knowledge Base article
+ Q245225
+ for Internet Information Services and
+ Q231998
+ for Personal Web Server.
+
+
+ Also, and this can't be stressed enough, make sure that files such as
+ localconfig and your data
+ directory are secured as described in .
+
+
+
+
+
+ AOL Server
+
+ Ben FrantzDale reported success using AOL Server with Bugzilla. He
+ reported his experience and what appears below is based on that.
+
+
+ AOL Server will have to be configured to run
+ CGI scripts, please consult
+ the documentation that came with your server for more information on
+ how to do this.
+
- To allow .htaccess files to override
- permissions and .cgi files to run in the Bugzilla directory, make sure
- the following two lines are in a Directory
- directive that applies to the Bugzilla directory on your system
- (either the Bugzilla directory or one of its parents).
+ Because AOL Server doesn't support .htaccess
+ files, you'll have to create a TCL
+ script. You should create an aolserver/modules/tcl/filter.tcl
+ file (the filename shouldn't matter) with the following contents (change
+ /bugzilla/ to the web-based path to
+ your Bugzilla installation):
+
-Options +ExecCGI
-AllowOverride Limit
+ ns_register_filter preauth GET /bugzilla/localconfig filter_deny
+ ns_register_filter preauth GET /bugzilla/localconfig~ filter_deny
+ ns_register_filter preauth GET /bugzilla/\#localconfig\# filter_deny
+ ns_register_filter preauth GET /bugzilla/*.pl filter_deny
+ ns_register_filter preauth GET /bugzilla/syncshadowdb filter_deny
+ ns_register_filter preauth GET /bugzilla/runtests.sh filter_deny
+ ns_register_filter preauth GET /bugzilla/data/* filter_deny
+ ns_register_filter preauth GET /bugzilla/template/* filter_deny
+
+ proc filter_deny { why } {
+ ns_log Notice "filter_deny"
+ return "filter_return"
+ }
- You should modify the <DirectoryIndex> parameter for
- the Apache virtual host running your Bugzilla installation to
- allow index.cgi as the index page for a
- directory, as well as the usual index.html,
- index.htm, and so forth.
+
+ This probably doesn't account for all possible editor backup
+ files so you may wish to add some additional variations of
+ localconfig. For more information, see
+
+ bug 186383 or Bugtraq ID 6501.
+
+
- For more information on Apache and its directives, see the
- glossary entry on .
+ If you are using webdot from research.att.com (the default
+ configuration for the paramater), you
+ will need to allow access to data/webdot/*.dot
+ for the reasearch.att.com machine.
+
+ If you are using a local installation of GraphViz, you will need to allow
+ everybody to access *.png,
+ *.gif, *.jpg, and
+ *.map in the
+ data/webdot directory.
-
+
+
+
+ Web Server Access Controls
-
- Microsoft <productname>Internet Information Services</productname>
-
- If you need, or for some reason even want, to use Microsoft's
- Internet Information Services or
- Personal Web Server you should be able
- to. You will need to configure them to know how to run CGI scripts,
- however. This is described in Microsoft Knowledge Base article
- Q245225
- for Internet Information Services and
- Q231998
- for Personal Web Server.
-
+ Users of Apache can skip this section because
+ Bugzilla ships with .htaccess files which
+ restrict access in the manner required.
+ Users of other webservers, read on.
+
- Also, and this can't be stressed enough, make sure that files such as
- localconfig and your data
- directory are secured as described in .
-
+ There are several files in the Bugzilla directory
+ that should not be accessible from the web. You need to configure
+ your webserver so they they aren't. Not doing this may reveal
+ sensitive information such as database passwords.
+
-
+
+
+ In the main Bugzilla directory, you should:
+
+
+ Block:
+
+ *.pl
+ *localconfig*
+ runtests.sh
+
+
+
+
+ But allow:
+
+ localconfig.js
+ localconfig.rdf
+
+
+
+
+
-
- AOL Server
+
+ In data:
+
+
+ Block everything
+
+
+ But allow:
+
+ duplicates.rdf
+
+
+
+
+
- Ben FrantzDale reported success using AOL Server with Bugzilla. He
- reported his experience and what appears below is based on that.
-
+
+ In data/webdot:
+
+
+ If you use a remote webdot server:
+
+
+ Block everything
+
+
+ But allow
+
+ *.dot
+
+ only for the remote webdot server
+
+
+
+
+ Otherwise, if you use a local GraphViz:
+
+
+ Block everything
+
+
+ But allow:
+
+ *.png
+ *.gif
+ *.jpg
+ *.map
+
+
+
+
+
+
+ And if you don't use any dot:
+
+
+ Block everything
+
+
+
+
+
- AOL Server will have to be configured to run
- CGI scripts, please consult
- the documentation that came with your server for more information on
- how to do this.
-
+
+ In Bugzilla:
+
+
+ Block everything
+
+
+
- Because AOL Server doesn't support .htaccess
- files, you'll have to create a TCL
- script. You should create an aolserver/modules/tcl/filter.tcl
- file (the filename shouldn't matter) with the following contents (change
- /bugzilla/ to the web-based path to
- your Bugzilla installation):
+
+ In template:
+
+
+ Block everything
+
+
+
+
+
+ You should test to make sure that the files mentioned above are
+ not accessible from the Internet, especially your
+ localconfig file which contains your database
+ password. To test, simply point your web browser at the file; for
+ example, to test mozilla.org's installation, we'd try to access
+ . You should
+ get a 403Forbidden
+ error.
+
+
+
+
+
+
+ Bugzilla
+
+
+ Your Bugzilla should now be working. Access
+ http://<your-bugzilla-server>/ -
+ you should see the Bugzilla
+ front page. If not, consult the Troubleshooting section,
+ .
+
+
+
+ Log in with the administrator account you defined in the last
+ checksetup.pl run. You should go through
+ the parameters on the Edit Parameters page
+ (see link in the footer) and see if there are any you wish to
+ change.
+ They key parameters are documented in ;
+ you should certainly alter
+ maintainer and urlbase;
+ you may also want to alter
+ cookiepath or requirelogin.
-
-ns_register_filter preauth GET /bugzilla/localconfig filter_deny
-ns_register_filter preauth GET /bugzilla/localconfig~ filter_deny
-ns_register_filter preauth GET /bugzilla/\#localconfig\# filter_deny
-ns_register_filter preauth GET /bugzilla/*.pl filter_deny
-ns_register_filter preauth GET /bugzilla/syncshadowdb filter_deny
-ns_register_filter preauth GET /bugzilla/runtests.sh filter_deny
-ns_register_filter preauth GET /bugzilla/data/* filter_deny
-ns_register_filter preauth GET /bugzilla/template/* filter_deny
-
-proc filter_deny { why } {
- ns_log Notice "filter_deny"
- return "filter_return"
-}
-
-
-
- This probably doesn't account for all possible editor backup
- files so you may wish to add some additional variations of
- localconfig. For more information, see
-
- bug 186383 or Bugtraq ID 6501.
-
-
+
+ This would also be a good time to revisit the
+ localconfig file and make sure that the
+ names of the priorities, severities, platforms and operating systems
+ are those you wish to use when you start creating bugs. Remember
+ to rerun checksetup.pl if you change it.
+
-
- If you are using webdot from research.att.com (the default
- configuration for the paramater), you
- will need to allow access to data/webdot/*.dot
- for the reasearch.att.com machine.
-
- If you are using a local installation of GraphViz, you will need to allow
- everybody to access *.png,
- *.gif, *.jpg, and
- *.map in the
- data/webdot directory.
-
-
-
+
+ Bugzilla has several optional features which require extra
+ configuration. You can read about those in
+ .
+
+
+
Optional Additional Configuration
+
+ Bugzilla has a number of optional features. This section describes how
+ to configure or enable them.
+
+
+
+ Bug Graphs
+
+ If you have installed the necessary Perl modules you
+ can start collecting statistics for the nifty Bugzilla
+ graphs.
+
+ bash#crontab -e
+
+
+ This should bring up the crontab file in your editor.
+ Add a cron entry like this to run
+ collectstats.pl
+ daily at 5 after midnight:
+
+
+ 5 0 * * * cd <your-bugzilla-directory> ; ./collectstats.pl
+
+ After two days have passed you'll be able to view bug graphs from
+ the Reports page.
+
+
Dependency Charts
- As well as the text-based dependency graphs, Bugzilla also
- supports dependency graphing, using a package called 'dot'.
+ As well as the text-based dependency trees, Bugzilla also
+ supports a graphical view of dependency relationships, using a
+ package called 'dot'.
Exactly how this works is controlled by the 'webdotbase' parameter,
which can have one of three values:
@@ -1006,80 +1048,66 @@ proc filter_deny { why } {
- So, to get this working, install
+ The easiest way to get this working is to install
GraphViz. If you
do that, you need to
enable
server-side image maps in Apache.
Alternatively, you could set up a webdot server, or use the AT&T
- public webdot server (the
- default for the webdotbase param). Note that AT&T's server won't work
- if Bugzilla is only accessible using HARTS.
+ public webdot server. This is the default for the webdotbase param,
+ but it's often overloaded and slow. Note that AT&T's server
+ won't work
+ if Bugzilla is only accessible using HARTS.
+ Editor's note: What the heck is HARTS? Google doesn't know...
+
-
- Bug Graphs
-
- As long as you installed the GD and Graph::Base Perl modules you
- might as well turn on the nifty Bugzilla bug reporting graphs.
-
- Add a cron entry like this to run
- collectstats.pl
- daily at 5 after midnight:
-
-
-
- bash#
-
- crontab -e
-
-
-
-
- 5 0 * * * cd <your-bugzilla-directory> ;
- ./collectstats.pl
-
-
-
-
- After two days have passed you'll be able to view bug graphs from
- the Bug Reports page.
-
-
The Whining Cron
- By now you have a fully functional Bugzilla, but what good are
- bugs if they're not annoying? To help make those bugs more annoying you
+ What good are
+ bugs if they're not annoying? To help make them more so you
can set up Bugzilla's automatic whining system to complain at engineers
which leave their bugs in the NEW or REOPENED state without triaging them.
+
This can be done by
- adding the following command as a daily crontab entry (for help on that
- see that crontab man page):
-
-
-
- cd <your-bugzilla-directory> ;
- ./whineatnews.pl
-
-
-
+ adding the following command as a daily crontab entry, in the same manner
+ as explained above for bug graphs. This example runs it at 12.55am.
-
- Depending on your system, crontab may have several manpages.
- The following command should lead you to the most useful page for
- this purpose:
-
-man 5 crontab
-
-
-
+ 55 0 * * * cd <your-bugzilla-directory> ; ./whineatnews.pl
+
+
+ Patch Viewer
+
+
+ Patch Viewer is the engine behind Bugzilla's graphical display of
+ code patches. You can integrate this with copies of the
+ cvs, lxr and
+ bonsai tools if you have them, by giving
+ the locations of your installation of these tools in
+ editparams.cgi.
+
+
+
+ Patch Viewer also optionally will use the
+ cvs, diff and
+ interdiff
+ command-line utilities if they exist on the system.
+ Interdiff can be obtained from
+ .
+ If these programs are not in the system path, you can configure
+ their locations in localconfig.
+
+
+
+
+
LDAP Authentication
@@ -1166,7 +1194,7 @@ man 5 crontab
LDAPBaseDNThe LDAPBaseDN parameter should be set to the location in
- your LDAP tree that you would like to search for e-mail addresses.
+ your LDAP tree that you would like to search for email addresses.
Your uids should be unique under the DN specified here.
Ex. ou=People,o=Company
@@ -1189,7 +1217,7 @@ man 5 crontab
LDAPmailattributeThe LDAPmailattribute parameter should be the name of the
- attribute which contains the e-mail address your users will enter
+ attribute which contains the email address your users will enter
into the Bugzilla login boxes.
Ex. mail
@@ -1201,75 +1229,78 @@ man 5 crontab
- Preventing untrusted Bugzilla content from executing malicious
- Javascript code
+ Prevent users injecting malicious
+ Javascript
- It is possible for a Bugzilla attachment to contain malicious
- Javascript
- code, which would be executed in the domain of your Bugzilla, thereby
- making it possible for the attacker to e.g. steal your login cookies.
+ It is possible for a Bugzilla user to take advantage of character
+ set encoding ambiguities to inject HTML into Bugzilla comments. This
+ could include malicious scripts.
Due to internationalization concerns, we are unable to
- incorporate by default the code changes necessary to fulfill the CERT
- advisory requirements mentioned in
+ incorporate by default the code changes suggested by
.
+ url="http://www.cert.org/tech_tips/malicious_code_mitigation.html#3">
+ the CERT advisory on this issue.
If your installation is for an English speaking audience only, making the
change below will prevent this problem.
Simply locate the following line in
Bugzilla/CGI.pm:
-
- $self->charset('');
-
+ $self->charset('');
and change it to:
-
- $self->charset('ISO-8859-1');
-
+ $self->charset('ISO-8859-1');
-
-
- Bugzilla and <filename>mod_perl</filename>
-
- Bugzilla is unsupported under mod_perl. Effort is underway
- to make it work cleanly in a mod_perl environment, but it is
- slow going.
-
-
-
- <filename>mod_throttle</filename>
-
- and Security
+ mod_throttleIt is possible for a user, by mistake or on purpose, to access
the database many times in a row which can result in very slow access
speeds for other users. If your Bugzilla installation is experiencing
- this problem , you may install the Apache module
+ this problem, you may install the Apache module
mod_throttle
-
- which can limit connections by ip-address. You may download this module
+ which can limit connections by IP address. You may download this module
at
.
Follow the instructions to install into your Apache install.
This module only functions with the Apache web
server!
- You may use the
- ThrottleClientIP
-
- command provided by this module to accomplish this goal. See the
- Module
- Instructions
+ The command you need is
+ ThrottleClientIP. See the
+ documentation
for more information.
+
+
+ TCP/IP Ports
+
+ A single-box Bugzilla only requires port 80, plus port 25 if
+ you are using the optional email interface. You should firewall all
+ other ports and/or disable services listening on them.
+
+
+
+
+ Daemon Accounts
+
+ Many daemons, such as Apache's httpd and MySQL's mysqld default to
+ running as either root or nobody. Running
+ as root introduces obvious security problems, but the
+ problems introduced by running everything as nobody may
+ not be so obvious. Basically, if you're running every daemon as
+ nobody and one of them gets compromised, they all get
+ compromised. For this reason it is recommended that you create a user
+ account for each daemon.
+
+
+
- OS Specific Installation Notes
+ OS-Specific Installation NotesMany aspects of the Bugzilla installation can be affected by the
the operating system you choose to install it on. Sometimes it can be made
@@ -1285,7 +1316,7 @@ man 5 crontab
Microsoft Windows
- Making Bugzilla work on windows is still a painful processes.
+ Making Bugzilla work on Windows is still a painful processes.
The Bugzilla Team is working to make it easier, but that goal is not
considered a top priority. If you wish to run Bugzilla, we still
recommend doing so on a Unix based system such as GNU/Linux. As of this
@@ -1297,9 +1328,9 @@ man 5 crontab
installing Bugzilla on Win32, here are some pointers.
@@ -1334,20 +1365,14 @@ C:\perl> ppm <module name>
url="http://openinteract.sourceforge.net/">OpenInteract's website.
-
-
- A complete list of modules that can be installed using ppm can
- be found at .
-
- Code changes required to run on win32As Bugzilla still doesn't run "out of the box" on
- Windows, code has to be modified. This section is an attempt to
- list the required changes.
+ Windows, code has to be modified. This section lists the required
+ changes.
@@ -1377,7 +1402,7 @@ my $webservergid = '8'
Changes to <filename>BugMail.pm</filename>
- To make bug e-mail work on Win32 (until
+ To make bug email work on Win32 (until
bug
84876 lands), the
simplest way is to have the Net::SMTP Perl module installed and
@@ -1409,7 +1434,7 @@ $smtp->quit;
Don't forget to change the name of your SMTP server and the
- domain of the sending e-mail address (after the '@') in the above
+ domain of the sending email address (after the '@') in the above
lines of code.
@@ -1430,7 +1455,7 @@ $smtp->quit;
If using Apache on windows, you can set the ScriptInterpreterSource
- directive in your Apache config, if you don't do this, you'll have
+ directive in your Apache config to avoid having
to modify the first line of every script to contain your path to
perl instead of /usr/bin/perl.
@@ -1443,24 +1468,22 @@ $smtp->quit;
<productname>Mac OS X</productname>
- There are a lot of common libraries and utilities out there that
- Apple did not include with Mac OS X, but which run perfectly well on it.
- The GD library, which Bugzilla needs to do bug graphs, is one of
- these.
+ Apple did not include the GD library with Mac OS X. Bugzilla
+ needs this for bug graphs.
- The easiest way to get a lot of these is with a program called
+ You can install it using a program called
Fink, which is similar in nature to the CPAN installer, but installs
common GNU utilities. Fink is available from
.Follow the instructions for setting up Fink. Once it's installed,
- you'll want to use it to install the gd2 package.
+ you'll want to use it to install the gd2 package.
It will prompt you for a number of dependencies, type 'y' and hit
enter to install all of the dependencies and then watch it work. You will
then be able to use CPAN to
- install the GD perl module.
+ install the GD Perl module.
@@ -1477,7 +1500,7 @@ $smtp->quit;
- Also available via Fink is expat. Once running using fink to
+ Also available via Fink is expat. After using fink to
install the expat package you will be able to install
XML::Parser using CPAN. There is one caveat. Unlike recent versions of
the GD module, XML::Parser doesn't prompt for the location of the
@@ -1527,7 +1550,7 @@ $smtp->quit;
- for Bugzilla e-mail integration
+ for Bugzilla email integration
@@ -1535,278 +1558,52 @@ $smtp->quit;
-
- Bugzilla Security
-
-
- Poorly-configured MySQL and Bugzilla installations have
- given attackers full access to systems in the past. Please take these
- guidelines seriously, even for Bugzilla machines hidden away behind
- your firewall. 80% of all computer trespassers are insiders, not
- anonymous crackers.
-
- This is not meant to be a comprehensive list of every possible
- security issue pertaining to the software mentioned in this section.
- There is
- no subsitute for reading the information written by the authors of any
- software running on your system.
-
-
-
-
- TCP/IP Ports
-
-
- TCP/IP defines 65,000 some ports for trafic. Of those, Bugzilla
- only needs 1, or 2 if you need to use features that require e-mail such
- as bug moving or the e-mail interface from contrib. You should audit
- your server and make sure that you aren't listening on any ports you
- don't need to be. You may also wish to use some kind of firewall
- software to be sure that trafic can only be recieved on ports you
- specify.
-
-
-
-
- MySQL
- MySQL ships by default with many settings that should be changed.
- By defaults it allows anybody to connect from localhost without a
- password and have full administrative capabilities. It also defaults to
- not have a root password (this is not the same as
- the system root). Also, many installations default to running
- mysqld as the system root.
+
+ Troubleshooting
+
+ This section gives solutions to common Bugzilla installation
+ problems. If none of the section headings seems to match your
+ problem, read the general advice.
+
+
+
+ General Advice
+
+ If you can't get checksetup.pl to run to
+ completion, it normally explains what's wrong and how to fix it.
+ If you can't work it out, or if it's being uncommunicative, post
+ the errors in the
+ netscape.public.mozilla.webtools
+ newsgroup.
-
-
- Consult the documentation that came with your system for
- information on making mysqld run as an
- unprivleged user.
-
-
-
-
- You should also be sure to disable the anonymous user account
- and set a password for the root user. This is accomplished using the
- following commands:
-
-
-bash$ mysql mysql
-mysql> DELETE FROM user WHERE user = '';
-mysql> UPDATE user SET password = password('new_password') WHERE user = 'root';
-mysql> FLUSH PRIVILEGES;
-
- From this point forward you will need to use
- mysql -u root -p and enter
- new_password when prompted when using the
- mysql client.
-
-
-
-
- If you run MySQL on the same machine as your httpd server, you
- should consider disabling networking from within MySQL by adding
- the following to your /etc/my.conf:
-
-
-[myslqd]
-# Prevent network access to MySQL.
-skip-networking
-
-
-
-
- You may also consider running MySQL, or even all of Bugzilla
- in a chroot jail; however, instructions for doing that are beyond
- the scope of this document.
-
-
-
-
-
-
-
-
- Daemon Accounts
-
- Many daemons, such as Apache's httpd and MySQL's mysqld default to
- running as either root or nobody. Running
- as root introduces obvious security problems, but the
- problems introduced by running everything as nobody may
- not be so obvious. Basically, if you're running every daemon as
- nobody and one of them gets compromised, they all get
- compromised. For this reason it is recommended that you create a user
- account for each daemon.
+
+ If you have made it all the way through
+ (Installation) and
+ (Configuration) but
+ accessing the Bugzilla URL doesn't work,
+ the first thing to do is to check your webserver error log. For
+ Apache, this is often located at
+ /etc/logs/httpd/error_log. The error messages
+ you see may be self-explanatory enough to enable you to diagnose and
+ fix the problem. If not, see below for some commonly-encountered
+ errors. If that doesn't help, post the errors to the newsgroup.
-
-
- You will need to set the webservergroup to
- the group you created for your webserver to run as in
- localconfig. This will allow
- ./checksetup.pl to better adjust the file
- permissions on your Bugzilla install so as to not require making
- anything world-writable.
-
-
-
-
-
- Web Server Access Controls
-
- There are many files that are placed in the Bugzilla directory
- area that should not be accessable from the web. Because of the way
- Bugzilla is currently laid out, the list of what should and should
- not be accessible is rather complicated.
-
+
+
+ I installed a Perl module, but
+ <filename>checksetup.pl</filename> claims it's not installed!
- Users of Apache don't need to worry about this, however, because
- Bugzilla ships with .htaccess files which restrict access to all the
- sensitive files in this section. Users of other webservers, read on.
-
-
-
-
- In the main Bugzilla directory, you should:
-
-
- Block:
-
- *.pl
- *localconfig*
- runtests.sh
-
-
-
-
- But allow:
-
- localconfig.js
- localconfig.rdf
-
-
-
-
-
-
-
- In data:
-
-
- Block everything
-
-
- But allow:
-
- duplicates.rdf
-
-
-
-
-
-
-
- In data/webdot:
-
-
- If you use a remote webdot server:
-
-
- Block everything
-
-
- But allow
-
- *.dot
-
- only for the remote webdot server
-
-
-
-
- Otherwise, if you use a local GraphViz:
-
-
- Block everything
-
-
- But allow:
-
- *.png
- *.gif
- *.jpg
- *.map
-
-
-
-
-
-
- And if you don't use any dot:
-
-
- Block everything
-
-
-
-
-
-
-
- In Bugzilla:
-
-
- Block everything
-
-
-
-
-
- In template:
-
-
- Block everything
-
-
-
-
-
- You should test to make sure that the files mentioned above are
- not accessible from the Internet, especially your
- localconfig file which contains your database
- password. To test, simply point your web browser at the file; for
- example, to test mozilla.org's installation, we'd try to access
- . You should
- get a 403Forbidden
- error.
+
+ You have two versions of Perl on your machine. You are installing
+ modules into one, and Bugzilla is using the other. Rerun the CPAN
+ commands (or manual compile) using the full path to Perl from the
+ top of checksetup.pl. This will make sure you
+ are installing the modules in the right place.
-
-
- Not following the instructions in this section, including
- testing, may result in sensitive information being globally
- accessible.
-
-
-
-
- You should check to see if instructions
- have been included for your web server. You should also compare those
- instructions with this list to make sure everything is properly
- accounted for.
-
-
-
-
-
-
-
- Troubleshooting
-
- This section gives solutions to common Bugzilla installation
- problems.
- Bundle::Bugzilla makes me upgrade to Perl 5.6.1
@@ -1900,36 +1697,25 @@ skip-networking
This is caused by a bug in the version of
File::Temp that is distributed with perl
- 5.6.0. Many minor variations of this error have been reported. Examples
- can be found in .
+ 5.6.0. Many minor variations of this error have been reported:
-
- Other File::Temp error messages
-
-
-Your vendor has not defined Fcntl macro O_NOINHERIT, used
+ Your vendor has not defined Fcntl macro O_NOINHERIT, used
at /usr/lib/perl5/site_perl/5.6.0/File/Temp.pm line 208.
Your vendor has not defined Fcntl macro O_EXLOCK, used
at /usr/lib/perl5/site_perl/5.6.0/File/Temp.pm line 210.
Your vendor has not defined Fcntl macro O_TEMPORARY, used
-at /usr/lib/perl5/site_perl/5.6.0/File/Temp.pm line 233.
-
-
+at /usr/lib/perl5/site_perl/5.6.0/File/Temp.pm line 233.
Numerous people have reported that upgrading to version 5.6.1
or higher solved the problem for them. A less involved fix is to apply
- the patch in . The patch is also
+ the following patch, which is also
available as a patch file.
-
- Patch for File::Temp in Perl 5.6.0
-
-
-
+ };]]>
diff --git a/docs/xml/modules.xml b/docs/xml/modules.xml
new file mode 100644
index 000000000..c7624d639
--- /dev/null
+++ b/docs/xml/modules.xml
@@ -0,0 +1,145 @@
+
+
+ Manual Installation of Perl Modules
+
+
+ Instructions
+ If you need to install Perl modules manually, here's how it's done.
+ Download the module using the link given in the next section, and then
+ apply this magic incantation, as root:
+
+
+
+ bash# tar -xzvf <module>.tar.gz
+bash# cd <module>
+bash# perl Makefile.PL
+bash# make
+bash# make test
+bash# make install
+
+
+
+
+ Download Locations
+
+ Note: some modules are in the core distribution of
+ ActiveState Perl for Windows. Others are not available.
+ No PPM links have been provided in either of these two cases.
+
+
+ CGI:
+
+ CPAN Download Page:
+ PPM Download Link:
+ Documentation:
+
+
+
+ TimeDate:
+
+ CPAN Download Page:
+ PPM Download Link:
+ Documentation:
+
+
+
+ DBI:
+
+ CPAN Download Page:
+ PPM Download Link:
+ Documentation:
+
+
+
+ DBD::mysql:
+
+ CPAN Download Page:
+ PPM Download Link:
+ Documentation:
+
+
+
+ File::Spec:
+
+ CPAN Download Page:
+ PPM Download Page:
+ Documentation:
+
+
+
+ File::Temp:
+
+ CPAN Download Page:
+ Documentation:
+
+
+
+ Template Toolkit:
+
+ CPAN Download Page:
+ PPM Download Link:
+ Documentation:
+
+
+
+ Text::Wrap:
+
+ CPAN Download Page:
+ Documentation:
+
+
+
+ GD:
+
+ CPAN Download Page:
+ PPM Download Link:
+ Documentation:
+
+
+
+ Chart::Base:
+
+
+ CPAN Download Page:
+
+
+
+ GD::Graph:
+
+ CPAN Download Page:
+ PPM Download Link:
+ Documentation:
+
+
+
+ GD::Text::Align:
+
+ CPAN Download Page:
+ PPM Download Page:
+ Documentation:
+
+
+
+ MIME::Parser:
+
+ CPAN Download Page:
+ PPM Download Link:
+ Documentation:
+
+
+
+ XML::Parser:
+
+ CPAN Download Page:
+ Documentation:
+
+
+
+ PatchReader:
+
+ CPAN Download Page:
+ Documentation:
+
+
+
+
--
cgit v1.2.3-24-g4f1b