Using LunpaCMS and SuExec? You will need to patch your installation of Apache.
LunpaCMS has a significant feature where a single copy of the central code can reside on a server yet power all the sites on the server. This design allows us to patch servers which a very quick svn update and permissions change.
If you use suexec on your server, you may need to run a patched copy of suexec in order to accommodate a shared user having ownership of the files.
For example, this patch for Apache 2.2 and 2.4 will allow user ID 101 to be shared with suexec:
http://www.peregrinehw.com/downloads/apache/current/perlcms-suexec-apache2.patch
And for Apache 1.X (not recommended): http://www.peregrinehw.com/downloads/apache/current/old/perlcms-suexec.patch
Specifically, this allows one single copy of LunpaCMS to be executed by multiple suexec target users by changing rule 18 at http://httpd.apache.org/docs/2.2/suexec.html by modifying suexec to run programs where the user/group is the same as the target user OR the user/group ID is 101.
Also, a good idea to block these files in your Apache httpd.conf:
| In Apache 1.X: | In Apache 2.2: | In Apache 2.4: |
|---|---|---|
# Block SVN Files From being Accessed
|
# Block SVN Files From being Accessed
|
# Block SVN Files From being Accessed
|
LunpaCMS has a master installation script that is used to install codebase as well as the essential managers in order to have a basic working installation of LunpaCMS for your website. Through the master installation script, the master admin account(described in detail below) is either used or created, as well as creating an administrative account for your webpage.
Use:
To run the installation script, run perl master_install.pl <sitename> <dbname> <dbuser> <dbpasswd> with the proper information and it will then ask you for a master administrator if there isn't already one as well as an administrative account for the website.
Example: perl master_install.pl lunpacms.org lunpacms lunpacms elderberries
LunpaCMS comes with a handy script that can be used before or after LunpaCMS is installed to check any dependencies (e.g. perl modules or binaries) for LunpaCMS are installed on the server. When used after, it checks all those dependencies as well as LunpaCMS modules to check if they are installed
Use:
To run the validator, LunpaCMS_validator.pl, run perl LunpaCMS_validator.pl and it will tell you what modules are missing or whether they are under the required version.
LunpaCMS comes with a script that verifies various things on all LunpaCMS sites installed on the server. For instance, it can check to make sure that there are no null values in newsmanager or check versions for LunpaCMS modules to make sure they are current. It can easily be extended by writing more functions to make other verifications.
Use:
To run the verifier, just change to the directory that contains the verifier file, master_verify.pl, and run perl master_verify.pl and it will output the results of the verification
LunpaCMS comes with its base directory hard coded in many places throughout the code. In order to change this, lunpacms_directory_change.pl was written in order to change this to another directory in order to make the CMS more flexible. Note that it will display errors as it encounters concerning inability to edit are normal.
Use:
To use the directory changer, have your svn checkout or copy of lunpacms saved in the directory you plan on it staying in and run perl lunpacms_directory_change.pl where
Example:
Changing from "/htdocs/local" to "/htdocs/new_directory/lunpacms" perl lunpacms_directory_change.pl /htdocs/local /htdocs/new_directory/lunpacms
LunpaCMS has a master admin account that is set during installation, either using master_install.pl or installing usermanager seperately. The account is stored as a user named "lunpacms" in the database for each site under the users table, and will be hidden in the list of users in usermanager. The admin account is stored in an sql file in the main directory for the LunpaCMS managers (with a hashed password). It will be created by one of the install procedures if it does not exist already, and will then be used on every site that is installed on the server from there on out. The master admin can also be created by running the master_admin.sql file in mySQL. Likewise, it can be removed through mySQL by simply deleting the lunpacms user from the users table in the database.
The LunpaCMS Validator will check for the module Authen::Captcha to see if it is installed and is an appropriate version. While LunpaCMS will run on Authen::Captcha of version 1.023 or higher, it is highly recommended that you use 1.023-KAM, which is a fork that includes patches for many known bugs which currently aren't included in other versions of the module. In order to download the module, follow the link below:
Download Authen-Captcha-1.023-KAM.tar.gz
In order to send and receive emails as a part of a default website configuration, you must configure sendmail with the following email addresses for your domain:
Non-default managers may require additional email addresses. You must check the documentation of each manager for a list of email addresses that are required.
Accounts like do-not-reply are recommended to be configured with an automatic response like the following .procmailrc example:
SHELL=/bin/sh :0 Whc: vacation.lock * !^X-Spam-Status: Yes # Don't reply to daemons and mailinglists * !^FROM_DAEMON # Mail loops are evil * !^X-Loop: do-not-reply@your-website.com | formail -rD 1024 vacation.cache :0 ehc # if the name was not in the cache | (formail -rI"Precedence: junk" -A"X-Loop: do-not-reply@your-website.com" ; \ echo "This is an automated system and replies are not monitored. If you need a response from a human, please email support@your-website.com" ; \ echo "" ; \ echo "Thank You!" ; \ ) | $SENDMAIL -oi -t -f do-not-reply@your-website.com
After installing LunpaCMS, it is recommended to remove "sess" from the map LOCAL_CARRYOVER_VAR_LIST. It is included by default to assist administrators in accessing websites by IP address before a domain is registered, but can be a security issue.
To decrease instantiations from fcgid, base.cgim is the default homepage. This can be changed to index.cgim if the homepage needs different formatting than the rest of your site.
|
Copyright © 2024 Peregrine Computer Consultants Corp. All rights reserved.
About Lunpa, our mascot. Her mother was a hamster and her father was an ill-tempered Chilean M00se. Oddly, neither smelt of elderberries. The artist is Jennifer Lomax. |
|
Add Your Comment