4. configure the perms.sh file if neccessary -- IMPORTANT! READ THIS!
- We provide a script that sets all files' and direcories' permissions to
- a quite reasonable state. This script gets automagically called by
- ant after compilationl. The most important thing you have to do after
- compiling Mir is to ensure that the log files -- especially
- dbentity.log -- are not readable by users that could compromise
- system security, because all passwords and the like will be logged here.
+We provide a script that sets all files' and direcories' permissions to
+a quite reasonable state. This script gets automagically called by
+ant after compilationl. The most important thing you have to do after
+compiling Mir is to ensure that the log files -- especially
+dbentity.log -- are not readable by users that could compromise
+system security, because all passwords and the like will be logged here.
cp perms.sh-dist perms.sh
- # Now, change the install directory and group in perms.sh
+
+Now, change the install directory and group in perms.sh
+
edit perms.sh
5. copy the mir/templates-dist-directory to mir/templates
-6. compile (do this as root so the permissions script is able to set
-the permissions and owners correctly).
+6. compile
+Do this as root so the permissions script is able to set
+the permissions and owners correctly.
ant
"native" acceleration for image manipulation
-9. create a new database
-the database name should be the same as in config.properties
-as user postgres:
- createdb dbname
+9a. create a new database
+The database name should be the same as in config.properties. Please look at
+the section "Database.*" to look up the names or change them to your needs.
+It is wise in terms of system seurity to use an unprivileged user for this
+task instead of the superuser. This is because if Mir uses the superuser to
+connect to the database and anybody manages to find out the password Mir
+uses to connect, the attacker can take over the complete database. So, in
+the following examples, we assume that the database name is "Mir", the
+database user will be "mir" and the password is "joshua". Please note that
+this particular password is far from being a good one. Watch "Wargames" for
+details. =B)
-10. create base table
- psql -Upostgres dbname < dbscripts/create_pg.sql
- cat dbscripts/help*.sql | psql -Upostgres dbname
- cat dbscripts/populate*.sql | psql -Upostgres dbname
+To access the database as the database superuser, you either have to log in
+as postgres on Unix level (which we don't recommend because you will need
+another user to have a login shell and a password which makes system
+penetration more likely) or you have to tell PostgreSQL with each
+application call that you want to connect as a specific user. If you access
+the database from any other user's account, use the -U flag to connect to
+PostgreSQL as the database superuser ("postgres"):
+ createdb -U postgres Mir
-11. Add the dupe prevention trigger to the database:
- cd dbscripts/dupetrigger
-
- There, read INSTALL and follow the instructions.
-
+Please note that if you create the database from inside the psql application,
+the database name will likely be converted to lowercase letters.
-12. restart tomcat
-13. configure mod_jk
+9b. create an unprivileged database user for Mir
+First, connect to the database as the database's superuser.
-insert the following patch into /etc/apache/httpd.conf. Edit the directories
-to suit your needs.
+ psql -U postgres Mir
-<IfModule mod_jk.c>
-JkWorkersFile /usr/share/tomcat/conf/workers.properties
-Include /usr/share/tomcat/conf/mod_jk.conf-auto
-</IfModule>
+Now we create the actual user. Please choose a password that is hard to
+guess instead of "joshua". Good passwords have characters and numerals in
+it, have no link to its owner (like being her birthday, age, name of her
+husband, dog, child, car, favourite beer brand). A good password looks like
+this: "8ncx4un".
+
+ CREATE USER Mir WITH PASSWORD 'joshua' NOCREATEDB NOCREATEUSER;
-Do not put any JkMount lines into your httpd.conf!
-If mod_jk.conf-auto doesn't get written or is 0 bytes in size, check your
-system for file ownership/permissions problems.
+9c. create base table
+Please note that we use the superuser "postgres" to connect to the "Mir"
+database, /not/ the user "mir".
+ psql -Upostgres -f dbscripts/create_pg.sql Mir
+ for i in dbscripts/help*.sql ; do psql -Upostgres -f $i Mir ; done
+ for i in dbscripts/populate*.sql ; do psql -Upostgres -f $i Mir ; done
-14. Add a password to your PostgreSQL user and link it to Mir (optional)
-Add a hard to guess password to the PostgreSQL user database:
+9d. Apply neccessary changes to config.properties
-# psql -U postgres Mir
-alter user postgres with password 'yourpassword';
+Please open config.properties and look for the lines that begin with
+"Database.". The interesting properties are "Username", "Password", "Host"
+and "Name". Change these properties so that they reflect the settings you
+used to create the database and the user.
+
+You should make sure that no copy of config.properties (neither in mir nor
+in Mir/src nor in Mir/WEB-INF/classes nor in the directory tree you compiled
+Mir from) is world-readable. Else you wouldn't have to install a password,
+anyway.
-Then, in /etc/postgresql/pg_hba.conf you should make sure that nobody can
+9e. Setup PostgreSQL so that all connections have to pass a password
+
+In /etc/postgresql/pg_hba.conf you should make sure that nobody can
use the database without a password:
local all password
host all 127.0.0.1 255.0.0.0 password
host all 0.0.0.0 0.0.0.0 reject
-
-Then, change the database password line in config.properties:
-
-Database.Username=postgres
-Database.Password=yourpassword
-
-You should make sure that no copy of config.properties (neither in mir nor
-in Mir/src nor in Mir/WEB-INF/classes nor in the directory tree you compiled
-Mir from) is world-readable. Else you wouldn't have to install a password,
-anyway.
+This means: All local connections (i.e. psql without "-h hostname" option)
+have to authenticate themselves with a password. All connections from
+localhost (127.0.0.1) have to supply a password, too. All other connections
+are rejected. This line doen't have to be there if you have a properly
+configured firewall but even if you do have one, it adds to the security in
+case an attacker penetrates the firewall by some hack.
If you can't access PostgreSQL after this for any reason, try and change
"password" in /etc/postgresql/pg_hba.conf to "trust". This should disable
database takeover harder. Rememer: Security is a process.
+
+10. Add the dupe prevention trigger to the database:
+ cd dbscripts/dupetrigger
+
+ There, read INSTALL and follow the instructions.
+
+
+11. restart tomcat
+
+12. configure mod_jk
+
+insert the following patch into /etc/apache/httpd.conf. Edit the directories
+to suit your needs.
+
+<IfModule mod_jk.c>
+JkWorkersFile /usr/share/tomcat/conf/workers.properties
+Include /usr/share/tomcat/conf/mod_jk.conf-auto
+</IfModule>
+
+Do not put any JkMount lines into your httpd.conf!
+
+If mod_jk.conf-auto doesn't get written or is 0 bytes in size, check your
+system for file ownership/permissions problems.
+
+
+
that's it :)
now the admin-application is accesable via: