jgemmill's blog

Issues found in PHP4 to PHP5 upgrades:

PHP Faqts page on PHP5

PHP4 to PHP5 Migration Manual

Specific issues identified in PHP5 manual

trac-admin /opt/tracdb/NAME initenv

starting phpwebsite:

mysqladmin -u root -p create itacwebdb

mysql -u root -p
mysql> GRANT ALL PRIVILEGES ON itacwebdb.* TO itacwebdba@localhost
IDENTIFIED BY 'somedecentpassword';
mysql> SET PASSWORD FOR admin@localhost=OLD_PASSWORD('thepassword');
mysql> exit

[the database administrator password must be stored in hash format for V3 mysql libraries -- may need to use this if accessed by PHP4 libraries. ]

As of this week, gridsphere V 2.1.4 and gridportlets are running. Tomcat version is 5.0.X. Apache version is 2.2.2

• gridportlet as SP must be apache protected ->
  
  
  
  • install and configure mod_jk 4.1.30 (as ajp1.3)
    
    
    • 
      Description of Connector Protocol
      
    • be sure mod_jk.so is installed (via RPM)
      
    • create mod_jk.conf in /etc/apache2 and Include in httpd.conf
      
      NOTE: skipped steps to secure WEB-INF Directory

  • Reconfigure gridsphere so that tomcat connector is used (5/10/06)

IMPORTANT SimpleCA Storage LOCATIONS

The private key of the CA is stored in /root/.globus/simpleCA//private/cakey.pem
The public CA certificate is stored in /root/.globus/simpleCA//cacert.pem

The distribution package built for this CA is stored in

/root/.globus/simpleCA//globus_simple_ca_74f9a25f_setup-0.18.tar.gz

This file must be distributed to any host wishing to request
certificates from this CA.

Creating a User Credential Inside MyProxy

myproxy-admin-adduser -c "Jill Gemmill" -l jgemmill-n -a


Retrieved using myproxy-logon and BlazerID password

A private key and a certificate request has been generated with the subject:

/O=Grid/OU=GlobusTest/OU=simpleCA-juster.lab.ac.uab.edu/OU=lab.ac.uab.edu/CN=Jill Gemmill

Need a server cert that has no password. Commands are:

(1) change directory into the grid-security directory: cd /etc/grid-security

(2) Generate the server key (with password): openssl genrsa -des3 -out server.key 1024

(3) Generate certificate *without a password*: openssl rsa -in server.key -out server.pem

(4) Create CSR (Certificate Signing Request) to affirm that the server key is valid. The server.pem is used in place of server.key as we don’t require a password:
openssl req -new -key server.pem -out server.csr

The information you are about to be asked to enter information will be incorporated into your certificate request as the Distinguished Name or a DN of the signed cert. [ If you enter ‘.’, the field will be left blank ]

The administrator subdirectory of mambo distribution contains 3 files named index?.php . All files required this change. administrator/includes/auth.php



inside each file, immediately following the line:
session_name( 'mosadmin' );

insert:
ini_set('session.save_handler', 'files');



must be prior to line:
session_start();



otherwise there are "failure to initiate properly" issues.

BACKGROUND INFO:

Directive session.save_handler defines session management handler. php.ini default value = 'user', which if I've read

ha. since my first drupal msg. with administrator account went to /dev/null I had no way to log in. I deleted the record (for user 1) and created a new account - but no administrative permissions because I was now user 2. I now seem to recall having selected some unique key autoincrement thingy. Wound up exporting the table to a file, editing file by hand to force myself back to user 1, dropped all records in the table, then edited the file to leave only "INSERT" instructions behind, then imported the file which is done under the SQL tab.

In MySQL manual: http://dev.mysql.com/doc/mysql/en/resetting-permissions.html

1. stop mysql server; they recommend locating the .pid file for the process and using 'kill' command.

2. create text file and save:

   SET PASSWORD FOR 'root'@'localhost' = PASSWORD('MyNewPassword');

   command all on one line.

3. restart msql server as follows:
   mysqld_safe --init-file=~/path/fname &

   where fname is the file you just created & enough path info for the server to locate this.

4. this time, write the password down :0

5. delete the file fname