How to install dotProject 2.1.2 on FreeBSD 7.2 with Apache 2.2, PHP5, and MySQL 5.1 Server?

How to install dotProject 2.1.2 on FreeBSD 7.2 with Apache 2.2, PHP5, and MySQL 5.1 Server?

The basic overview.

  1. Install FreeBSD.
    How do I install FreeBSD?
  2. Update FreeBSD and download the ports tree.
    What are the first commands I run after installing FreeBSD
  3. Then install Apache + SSL.
    Installing an Apache + SSL on FreeBSD using the ports tree
  4. Then install MySQL.
    How to install MySQL on FreeBSD 7.2 or on Red Hat 5.4?
  5. Configure MySQL to be Unicode.
    How to create a UTF-8 Unicode Database on MySQL and make UTF-8 Unicode the default?Note:
  6. Secure MySQL. I don’t have a post on this, but you can follow these MySQL pages.
    Securing the Initial MySQL Accounts
    General Security Guidelines

    Note: If you know what you are doing, you can go with any database that dotProject supports, such as Postgresql.

  7. Install PHP5and PHP5-Extensions and make sure to include the MySQL extensions and the LDAP extension.
  8. How to install PHP5 and PHP5 Extensions on FreeBSD?

  9. Then install DotProject

I have previous documents about installing each of the steps above installing dotProject. Once you have gone though the above documents, you will be ready for this document. This document will only cover dotProject.

Installing dotProject 2.1.2 from Ports

  1. Install dotProject from ports using one of the following commands (I use the first one when doing virtual hosts and the second one when just using sub directories of the web root).
    #
    #
    cd /usr/ports/www/dotproject
    make install

    Note: If you Apache directory is /usr/local/www/apache22/data you may want to use this make command:

    #
    #
    cd /usr/ports/www/dotproject
    make DOTPROJECTDIR=/usr/local/www/apache22/data/dotproject install

  2. Create a database in MySQL for dotProject. Name it whatever you want. For this example, I am going to name the database dotProjDB. If you have read the articles about MySQL that I referenced above, you should know how to log into to MySQL, but just in case you forgot, I will show you again.There are lots of ways to create a database in MySQL, and I am going to give you one example using the shell and the MySQL client.
    #mysql -u root -p

    Enter your password and you should be taken to a mysql prompt.

    mysql>create database dotprojdb

    Yes it is that simple. And at the same time no it is not that simple. There is a lot more to know such as where to put the database files and how fast of drives you need, whether you need faster read speed or faster write speed or both, but this will suffice for now.

  3. Create a mysql user account for this database. We don’t want to user the root account.
    See this page in the MySQL documentation for more information on this: Adding User Accounts

    mysql>CREATE USER ‘dpuser’@’localhost’ IDENTIFIED BY ‘P@sswd!’;
    Query OK, 0 rows affected (0.01 sec)
    mysql>GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP ON dotprojdb.* TO ‘dpuser’@’localhost’;
    Query OK, 0 rows affected (0.01 sec)

  4. Now open a web browser to your server’s site: http://yourserver/dotprojectYou will see the following page.

    No need to do anything on this page because it should redirect you after 5 second to a dotProject configuration web page.

    Now some of the items in red need to be taken care of. Not all of them, just some of them.

    The first group of items are “Requirements” and anything not with a pretty green check mark under the “Requirements” section needs to be fixed.

    However, under the “Database Connectors” section, there are lots of red Xs. We don’t need to fix these. We just need one database, so as long as the database you want to use (in this example it’s MySQL) has a pretty green check mark, you don’t need to do add more “Database Connectors”.

  5. Fix the first error: Session Save Path writable? X Fatal: session.save_path is not setTo do this, follow these steps:
    1. Change to the directory that contains the php.ini file. On FreeBSD that directory is here: /usr/local/etc
      #cd /usr/local/etc

    2. Now by default the PHP5 port on FreeBSD doesn’t install a php.ini file, but instead provides two example php.ini files: php.ini-recommended and php.ini-dist. So copy one of them to php.ini.
      #cp php.ini-recommended php.ini

    3. Edit the php.ini file and remove the comment from this line:
      ;session.save_path = “/tmp”

      I use ee which is the command to open Easy Editor. But you can use vi or whatever.

    4. Save the file and exit.
  6. The other issue is this one: Session AutoStart = ON? X Failed Try setting to ON if you are experiencing a WhiteScreenOfDeathOk. So this issue is fixed is in that same php.ini file. So repeat the steps only this time we don’t remove a comment, we change a setting from 0 to 1. Find the following line and change it from 0 to 1, as shown.
    session.auto_start = 1
  7. Restart apache. This is required and must be done before these settings will take effect.
    #/usr/local/etc/rc.d/apache22 restart

  8. Now you are ready to click the “Start Installation” button. So go ahead and click it. The following page should appear.
  9. Enter the details as shown in the page. Hopefully you have your own database user and password to use.
  10. Should you click the “User persistent connection?” option? Well, read this. http://www.php.net/manual/en/features.persistent-connections.phpI am not going to check it.
  11. Click “Install db and write config”. It should succeed and you should see this new page.
  12. Now go back to the dotproject home page: http://yourserver/dotprojectLogin with the default user name and password and you are ready to go.

    UPDATE:
    Check out my new update to this:
    How to configure dotProject 2.1.2 to authenticate using Active Directory’s LDAP?


Copyright ® Rhyous.com – Linking to this article is allowed without permission and as many as ten lines of this article can be used along with this link. Any other use of this article is allowed only by permission of Rhyous.com.

How to configure Subversion to use Cyrus-SASL2 to authenticate to a MySQL database?

Ok, so I want to have Subversion authentication work from a MySQL database. I am going to try to use Cyrus SASL for this.

I already have instructions for installing the necessary parts:

  1. Install FreeBSD.
    How do I install FreeBSD?

  2. Update FreeBSD and download the ports tree.
    What are the first commands I run after installing FreeBSD

  3. Then install Subversion, however, one difference you need to make to the install instructions for subversion. You need to install with SASL2 support. When you run make install it is an option.
  4. How to install subversion 1.6.6 on FreeBSD 7.2

Ok, now that you have everything is installed, you are were I am and ready to try to get this configured.

Configuring Subversion to use SASL to Authenticate to a MySQL database

  1. Create a simple MySQL database. The following is a simple database creation script that creates a database with one table and two rows.
    CREATE DATABASE UserDB;
    USE UserDB;
    CREATE TABLE `users` ('username' varchar(255), 'password' varchar(255) )
    INSERT INTO users VALUES ('user1','pw1');
    INSERT INTO users VALUES ('user2@MyReal.com','pw2');
    INSERT INTO users VALUES ('user3@myemailaddress.com','pw3');
    

    Note: I use these accounts to show what works and what does not work because the idea of “realms” is confusing.

    You may be asking why I don’t have three rows, one for each item: User, Password, Realm.

    Well, if you really are creating a new database to handle SVN Users then that is how you should do it and here is it is.

    CREATE DATABASE UserDB;
    USE UserDB;
    CREATE TABLE `users` ('username' varchar(255), 'password' varchar(255) , 'realm' varchar(255))
    INSERT INTO users VALUES ('user1','pw1','realm');
    INSERT INTO users VALUES ('user2@MyReal.com','pw2','realm');
    INSERT INTO users VALUES ('user3@myemailaddress.com','pw3','realm');
    

    However, because I am assuming that you want to authenticate to users that are in an already existing database, realm won’t really exist. However, you may have usernames that are in email format, or not in email format an that makes a difference because Subversion splits the username at an @ symbol and the username is only what is before the @ symbol. See the troubleshooting realms section below.

  2. Edit the following file:
    /home/svn/repos/MyApp/conf/svnserve.conf

    # ee /home/svn/repos/MyApp/conf/svnserve.conf

    The following are the lines that should NOT be commented out.

    [general]
    anon-access = none
    auth-access = write
    realm = MyDomain.com

    [sasl]
    use-sasl = true

  3. Create and edit the following file:
    /usr/local/lib/sas2/svn.conf

    # ee /usr/local/lib/sas2/svn.conf

    The following are the lines that should NOT be commented out.

    [general]
    pwcheck_method: auxprop
    mech_list: plain
    auxprop_plugin: sql
    sql_hostnames: localhost
    sql_engine: mysql
    sql_user: root
    sql_passwd: pw
    sql_database: UserDB
    sql_select: SELECT password FROM users WHERE username='%u'

    Note: For debugging add log_level: 7 to this file and then watch the /var/log/debug file.

You should now be able to connect with a client such as TortoiseSVN and connect

Troubleshooting Realms

I found some issues with realms that were really confusing.

Change your /usr/local/lib/sas2/svn.conf file to look like this:

[general]
log_level: 7
pwcheck_method: auxprop
mech_list: plain
auxprop_plugin: sql
sql_hostnames: localhost
sql_engine: mysql
sql_user: root
sql_passwd: pw
sql_database: UserDB
sql_select: SELECT password FROM users WHERE username='%u' or username='%u@%r'

I added two changes:

  1. Turned on logging.
  2. Changes the sql statement to look for username='username' or username='username@realm'

I had to do this because if the user was using an email address, such as john@domain.tld, then it actually makes %u only equal John and seems to drop the @domain.tld and replace it with the name of the realm. However, if your username is John@domain.tld and your realm is domain.tld (so realm and domain are the same), then the code above works. If you domain and realm are not the same, I haven't been able to get this to work.

Go ahead and run this command:

# tail -f -n 30 /var/log/debug

And then try to authenticate using a client, such as TortoiseSVN. Test all three users. You will see the SQL Queries that are run. It should work to authenticate as user1 or User2, but it cannot authenticate user3 because it just doesn't work due to the way it handles realms. If you have users that don't have email address in your realm, then you need them to have username that are not email addresses.

Final Question
If the password is stored as an md5, sha1, sha256 hash in the database, how do I make this work?


Copyright ® Rhyous.com - Linking to this article is allowed without permission and as many as ten lines of this article can be used along with this link. Any other use of this article is allowed only by permission of Rhyous.com.