New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adapt to debian 7 #356

Merged
merged 8 commits into from Jan 12, 2018

Conversation

Projects
None yet
4 participants
@matsduf
Contributor

matsduf commented Jan 10, 2018

Binary package libmodule-build-tiny-perl is no longer available for Debian 7. Removed that from list of packages to install, and instead added Module::Build::Tiny to be installed by cpan. Missing dependency added, JSON::RPC::Dispatch. Default version of PostgreSQL in Debian 7 is to old. Installation instructions have been updated to fetch a newer version.

matsduf added some commits Jan 10, 2018

Removed binary package libmodule-build-tiny-perl not available for De…
…bian 7. Added to be installed by cpan as Module::Build::Tiny instead. Added installation of JSON::RPC::Dispatch, missing as dependency.

@matsduf matsduf requested review from mattias-p and sandoche2k Jan 10, 2018

@sandoche2k

I was able to install the backend without installing "Module::Build::Tiny"

@matsduf

This comment has been minimized.

Show comment
Hide comment
@matsduf

matsduf Jan 10, 2018

Contributor

@sandoche2k, Module::Build::Tiny is installed anyway by cpan as a dependency to Plack::Middleware::Debug. It makes no difference if we explicitly state it or not.

Contributor

matsduf commented Jan 10, 2018

@sandoche2k, Module::Build::Tiny is installed anyway by cpan as a dependency to Plack::Middleware::Debug. It makes no difference if we explicitly state it or not.

@sandoche2k

This comment has been minimized.

Show comment
Hide comment
@sandoche2k

sandoche2k Jan 10, 2018

Contributor
Contributor

sandoche2k commented Jan 10, 2018

Show outdated Hide outdated Makefile.PL Outdated
Show outdated Hide outdated docs/Installation.md Outdated
Show outdated Hide outdated docs/Installation.md Outdated
Update Installation.md
Updated adaptations to Debian 7 for PostgreSQL.
@matsduf

This comment has been minimized.

Show comment
Hide comment
@matsduf

matsduf Jan 10, 2018

Contributor

@sandoche2k, I incorporated your updated instructions for PostgreSQL and Debian 7 in this PR. It affects the same file.

Contributor

matsduf commented Jan 10, 2018

@sandoche2k, I incorporated your updated instructions for PostgreSQL and Debian 7 in this PR. It affects the same file.

@matsduf matsduf added this to the 2017.4 milestone Jan 10, 2018

Updated Makefile.PL
Updated minimum version of JSON::RPC.
Show outdated Hide outdated Makefile.PL Outdated

matsduf added some commits Jan 10, 2018

@matsduf

This comment has been minimized.

Show comment
Hide comment
@matsduf

matsduf Jan 11, 2018

Contributor

@sandoche2k, please review.

Contributor

matsduf commented Jan 11, 2018

@sandoche2k, please review.

@sandoche2k

This comment has been minimized.

Show comment
Hide comment
@sandoche2k

sandoche2k Jan 11, 2018

Contributor
Contributor

sandoche2k commented Jan 11, 2018

@matsduf

This comment has been minimized.

Show comment
Hide comment
@matsduf

matsduf Jan 11, 2018

Contributor

@sandoche2k, can you please repeat your review? What do you want to have changed? "Module::Build::Tiny" is not listed explicitly. Instead it will be installed as a dependency to "Plack::Middleware::Debug" which is explicitly listed (now and before).

Contributor

matsduf commented Jan 11, 2018

@sandoche2k, can you please repeat your review? What do you want to have changed? "Module::Build::Tiny" is not listed explicitly. Instead it will be installed as a dependency to "Plack::Middleware::Debug" which is explicitly listed (now and before).

@sandoche2k

This comment has been minimized.

Show comment
Hide comment
@sandoche2k

sandoche2k Jan 11, 2018

Contributor

In the subsection 1.2.1 Instructions for MySQL (CentOS):

Put the below lines :

Install, configure and start database engine (and Perl bindings):

sudo yum install wget 
wget http://repo.mysql.com/mysql-community-release-el7-5.noarch.rpm 
sudo rpm -ivh mysql-community-release-el7-5.noarch.rpm 
sudo yum install mysql-server perl-DBD-mysql 
sudo systemctl start mysqld 
Verify that MySQL has started:

service mysqld status

Before

Install files to their proper locations:
cd `perl -MFile::ShareDir -le 'print File::ShareDir::dist_dir("Zonemaster-Backend")'`
sudo install -d /etc/zonemaster
sudo install --mode=755 ./backend_config.ini-mysql /etc/zonemaster/backend_config.ini
sudo install --mode=755 ./zm-centos.sh-mysql /etc/init.d/zm-centos.sh
mkdir "$HOME/logs"

Reason : once you are in the zonemaster-backend directory, you need to use 'sudo' for 'wget'

Contributor

sandoche2k commented Jan 11, 2018

In the subsection 1.2.1 Instructions for MySQL (CentOS):

Put the below lines :

Install, configure and start database engine (and Perl bindings):

sudo yum install wget 
wget http://repo.mysql.com/mysql-community-release-el7-5.noarch.rpm 
sudo rpm -ivh mysql-community-release-el7-5.noarch.rpm 
sudo yum install mysql-server perl-DBD-mysql 
sudo systemctl start mysqld 
Verify that MySQL has started:

service mysqld status

Before

Install files to their proper locations:
cd `perl -MFile::ShareDir -le 'print File::ShareDir::dist_dir("Zonemaster-Backend")'`
sudo install -d /etc/zonemaster
sudo install --mode=755 ./backend_config.ini-mysql /etc/zonemaster/backend_config.ini
sudo install --mode=755 ./zm-centos.sh-mysql /etc/init.d/zm-centos.sh
mkdir "$HOME/logs"

Reason : once you are in the zonemaster-backend directory, you need to use 'sudo' for 'wget'

Update Installation.md
Updated instructions for CentOS/MySQL so that RPM file is saved in /tmp.
@matsduf

This comment has been minimized.

Show comment
Hide comment
@matsduf

matsduf Jan 11, 2018

Contributor

@sandoche2k, I had not seen that review before.

I solved the problem in a more generic way. I let the file be saved to /tmp (just as I did with a key file in the Debian 7 instruction). In that way the instructions are not dependent on what the working directory is.

Is that OK? I try to keep the same order in all installation sections. It makes it easier when updating.

Contributor

matsduf commented Jan 11, 2018

@sandoche2k, I had not seen that review before.

I solved the problem in a more generic way. I let the file be saved to /tmp (just as I did with a key file in the Debian 7 instruction). In that way the instructions are not dependent on what the working directory is.

Is that OK? I try to keep the same order in all installation sections. It makes it easier when updating.

```sh
sudo bash -c 'echo -e "\ndeb http://apt.postgresql.org/pub/repos/apt/ wheezy-pgdg main" >> /etc/apt/sources.list.d/pgdg.list'
wget https://www.postgresql.org/media/keys/ACCC4CF8.asc -O /tmp/ACCC4CF8.asc

This comment has been minimized.

@pawal

pawal Jan 11, 2018

Contributor

A hardcoded tmp filename like this is a security concern, especially when running as root.

@pawal

pawal Jan 11, 2018

Contributor

A hardcoded tmp filename like this is a security concern, especially when running as root.

This comment has been minimized.

@mattias-p

mattias-p Jan 11, 2018

Contributor

@pawal I think it would be appropriate to state the reason for the security concern. Are your referring to the opportunity for an attacker to tamper with the file between the calls to wget and apt-key?

@mattias-p

mattias-p Jan 11, 2018

Contributor

@pawal I think it would be appropriate to state the reason for the security concern. Are your referring to the opportunity for an attacker to tamper with the file between the calls to wget and apt-key?

This comment has been minimized.

@pawal

pawal Jan 12, 2018

Contributor

No. Somebody can prepare a symlink for that tmp file and prepare an attack (now as root) for another file.
https://wiki.sei.cmu.edu/confluence/display/c/FIO21-C.+Do+not+create+temporary+files+in+shared+directories

@pawal

pawal Jan 12, 2018

Contributor

No. Somebody can prepare a symlink for that tmp file and prepare an attack (now as root) for another file.
https://wiki.sei.cmu.edu/confluence/display/c/FIO21-C.+Do+not+create+temporary+files+in+shared+directories

@sandoche2k

This comment has been minimized.

Show comment
Hide comment
@sandoche2k

sandoche2k Jan 12, 2018

Contributor

@matsduf Ok for me.

Contributor

sandoche2k commented Jan 12, 2018

@matsduf Ok for me.

@matsduf

This comment has been minimized.

Show comment
Hide comment
@matsduf

matsduf Jan 12, 2018

Contributor

Merge since it is approved by @sandoche2k and @mattias-p.

Contributor

matsduf commented Jan 12, 2018

Merge since it is approved by @sandoche2k and @mattias-p.

@matsduf matsduf merged commit 3b62684 into zonemaster:develop Jan 12, 2018

1 check passed

continuous-integration/travis-ci/pr The Travis CI build passed
Details

@matsduf matsduf deleted the matsduf:adapt-to-debian-7 branch Jan 12, 2018

@mattias-p

This comment has been minimized.

Show comment
Hide comment
@mattias-p

mattias-p Jan 12, 2018

Contributor

@matsduf Did I approve this?

Contributor

mattias-p commented Jan 12, 2018

@matsduf Did I approve this?

@@ -86,8 +86,8 @@ Install, configure and start database engine (and Perl bindings):
```sh
sudo yum install wget
wget http://repo.mysql.com/mysql-community-release-el7-5.noarch.rpm
sudo rpm -ivh mysql-community-release-el7-5.noarch.rpm
wget http://repo.mysql.com/mysql-community-release-el7-5.noarch.rpm -O /tmp/mysql-community-release-el7-5.noarch.rpm

This comment has been minimized.

@pawal

pawal Jan 12, 2018

Contributor

Same /tmp problem here.

@pawal

pawal Jan 12, 2018

Contributor

Same /tmp problem here.

@matsduf

This comment has been minimized.

Show comment
Hide comment
@matsduf

matsduf Jan 12, 2018

Contributor

@mattias-p, yes you approved the solution.

Contributor

matsduf commented Jan 12, 2018

@mattias-p, yes you approved the solution.

@mattias-p

This comment has been minimized.

Show comment
Hide comment
@mattias-p

mattias-p Jan 12, 2018

Contributor

@matsduf, I don't recall that.

Contributor

mattias-p commented Jan 12, 2018

@matsduf, I don't recall that.

@matsduf

This comment has been minimized.

Show comment
Hide comment
@matsduf

matsduf Jan 12, 2018

Contributor

@mattias-p, please suggest changes to the files in a new PR.

Contributor

matsduf commented Jan 12, 2018

@mattias-p, please suggest changes to the files in a new PR.

@mattias-p

This comment has been minimized.

Show comment
Hide comment
@mattias-p

mattias-p Jan 12, 2018

Contributor

@matsduf Here: #359

Contributor

mattias-p commented Jan 12, 2018

@matsduf Here: #359

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment