Guten Tag Sarah Weinberger,
am Freitag, 25. Oktober 2019 um 17:14 schrieben Sie:
> ./
testserver.pl script still fails with being able to read padlock.png.
Then your setup most likely still isn't correct:
> TEST-OK Webserver is running under group id in $webservergroup.
> TEST-OK Got padlock picture.
> TEST-OK Webserver is executing CGIs via mod_cgi.
> TEST-OK Webserver is preventing fetch of http://[...]/localconfig.
> TEST-OK GD version 2.53, libgd version 2.1.1; Major versions match.
> TEST-OK GD library generated a good PNG image.
> TEST-OK Chart library generated a good PNG image.
> TEST-OK Template::Plugin::GD is installed.
> There is no "theme" support. The gray is drab.
There is and you might even adopt the one used by Mozilla itself, it's
published at GitHub:
https://bugzilla.readthedocs.io/en/5.0/integrating/skins.html
https://wiki.mozilla.org/Bugzilla:Addons#Skins
https://github.com/mozilla-bteam/bmo/tree/master/skins
> Also, upgrades
> should be simpler. I can imagine either an automatic update or a
> button that when pressed updates the software, much like Plesk.
Pulling using GIT and running
checksetup.pl is pretty simple.
Everything else requires permissions Bugzilla itself simply shouldn't
have, additional daemons or complex stuff like that.
> There is a misunderstanding on how things went down and even if I
> followed the official Bugzilla docs originally, which I later did,
> the docs was still incomplete and not applicable to my environment.
One can't expect to get docs for every possible environment out there.
> Also the local configuration file, ./localconfig, is missing a field
> for the user, not just the group to use.
It's not, the owning user of the files of Bugzilla should be different
from the user executing the web server for security purposes, because
the owning user is root or some admin. Bugzilla simply assumes that
the owner to use is the one executing
checksetup.pl and that makes a
lot of sense.
https://github.com/bugzilla/bugzilla/blob/release-5.0-stable/Bugzilla/Install/Filesystem.pm#L912
> The HTTPD configuration file, /etc/httpd/httpd.conf, showed that
> the user and group for HTTPD are both "apache". That is what the
> Bugzilla documents said to use in the ./localconfig file too! Sadly,
> that is wrong. The correct answer is "psacln" for the group.
That's a pretty weird system setup then and doesn't make much sense to
me. You might want to have a look a the group membership of "psacln"
or "apache", one of both might be a member of the other.
> I had to manually change the user from "root" to "jmr-admin" after I reran ./
checksetup.pl.
You should have better ran
checksetup.pl as "jmr-admin" instead,
that's what the user seems to be for. If it's only used for
web-admin-stuff, the setup of your system sounds a bit weird again in
my opinion.
> There are NO direct changes to /etc/httpd/httpd.conf. Nobody on any
> platform should make changes there, as that file gets overridden. If
> anything create a custom configuration file and place in the
> /etc/httpd/conf.d/ directory.
If "httpd.conf" get overridden at all and if so which of its
statements, is totally system-dependent. My Ubuntu doesn't even
provide "conf.d" and instead documents another directory layout in
"httpd.conf", so mentioned that file as a starting point to look at
totally makes sense.
> 1) (best way): Add a .htaccess file and set the contents to:
That's not the best way, because if ".htaccess" is recognized at all
and which statements in there are accepted is highly setup specific.
Additionally, reeading ".htaccess" is slow and Bugzilla maintains one
in its own root directory already, which one doesn't want to
customize.
> * Handlers: Enter custom values
> cgi-script .cgi
> cgi-script .pl
There's a reason why the official docs only assign .cgi to be executed
by the web server, .pl-files are nto designed to be. So don't
configure both file extensions, only .cgi instead. .pl-files are
helpers for the shell only and most likely won't work if requested by
a browser.
> Note: Using this leaves out the "Options +ExecCGI", though that does not seem necessary.
It is, it might simply come from other parts of your config already.
> I then copied the files from the downloaded compressed file to the
> subdomain. You might have to set permissions to 755 on extra key files.
Instead of copying manually one should use GIT and no, changing
permissions manually shouldn't be necessary in a correct setup.
Especially not execute permissions on image files.
> I had to run that extra script to get SMTP working, so that I do
> not get that annoying lack of a quit method.
Which means that either your package manager doesn't provide all
depoendencies or those are incompatible old for some reason. Besides
that, mixing CPAN and package manager is a very bad idea, things will
most likely break if your package manager upgrades Perl and makes it
binary incompatible with currently installed packages by CPAN and
stuff.
If CPAN is really needed, you should prefer using
install-module.pl,
because that puts everything in the lib-folde rof Bugzilla. That
doesn't affect your system and can easily be wiped out in case of
problems.
> I did look at the original Bugzilla docs and at first thought that
> Chinese would be easier to read.
You simply need to do what's said there and I guarantee you you would
have run into fewer problems.
> At least I once saw the mini series
> Shogun on TV, though that was Japanese. I contacted my web host
> provider, who gave me the link to the Bugzilla CentOS 7 guide.
Which wasn't the best idea, because preferring WGET and TAR makes your
upgrades PITA.
> That was incomplete as that did not discuss permissions or Plesk or
> any of the changes that I said need doing.
Which is pretty often the case with unofficial, outdated "I installed
Bugzilla ones"-blogs.
> The Bugzilla docs, which
> now is less Chinese like and more English like after days of
> suffering would still not have gotten the job done.
You can't tell that because you didn't try. You would need to get the
reason why you need to upgrade Net::SMTP::SSL using CPAN manually,
which shouldn't be the case normally.
> Letting my web host provider initially make changes was maybe good,
It wasn't.
> so that I saw
> that the site could come up, but with a lack of explaining and the
> lack of my current knowledge everything was bound to quickly not
> work the next time that I ran the ./
checksetup.pl script.
Because you didn't follow the official docs, which explicitly say that
you need to care about localconfig and that Bugzilla resets
permissions.