|
Jon Ciesla |
69c1ae9 |
Initially upon install, Drupal requires two additional installation steps:
|
|
Jon Ciesla |
69c1ae9 |
|
|
Jon Ciesla |
69c1ae9 |
1. DB setup
|
|
Jon Ciesla |
69c1ae9 |
|
|
Jon Ciesla |
69c1ae9 |
To begin with, install php-mysql or php-pgsql, depending on which db backend
|
|
Jon Ciesla |
69c1ae9 |
you intend to use.
|
|
Jon Ciesla |
69c1ae9 |
|
|
Jon Ciesla |
69c1ae9 |
Then, follow the installation instructions in INSTALL.*.txt to complete the
|
|
Jon Ciesla |
69c1ae9 |
setup of and connection of Drupal to the required database, including chmod
|
|
Jon Ciesla |
69c1ae9 |
666 on /etc/drupal7/default/settings.php, uncommenting the appropriate line in
|
|
Jon Ciesla |
69c1ae9 |
/etc/httpd/conf.d/drupal7.conf, and restarting httpd.
|
|
Jon Ciesla |
69c1ae9 |
|
|
Jon Ciesla |
69c1ae9 |
Once these steps have been completed, you should be ready to connect to http://yourhost/drupal7
|
|
Jon Ciesla |
69c1ae9 |
to complete the initial setup.
|
|
Jon Ciesla |
69c1ae9 |
|
|
Jon Ciesla |
69c1ae9 |
Remember to change the /etc/drupal7/default/settings.php permissions back to
|
|
Jon Ciesla |
69c1ae9 |
644 when you've finished the initial setup.
|
|
Jon Ciesla |
69c1ae9 |
|
|
Jon Ciesla |
69c1ae9 |
2. Enable remote access
|
|
Jon Ciesla |
69c1ae9 |
|
|
Jon Ciesla |
69c1ae9 |
Drupal ships in Fedora with all non-localhost access disabled. Comment and
|
|
Jon Ciesla |
69c1ae9 |
uncomment lines in /etc/httpd/conf.d/drupal7.conf as appropriate, and restart
|
|
Jon Ciesla |
69c1ae9 |
httpd.
|
|
Jon Ciesla |
69c1ae9 |
|
|
Jon Ciesla |
69c1ae9 |
Regarding the file layout:
|
|
Jon Ciesla |
69c1ae9 |
Pay careful attention to the placement of the directories as established by
|
|
Jon Ciesla |
69c1ae9 |
the package. If you need to relocate files due to size, for custom modules
|
|
Jon Ciesla |
69c1ae9 |
not included in Fedora, or for large custom site data, be careful to do so
|
|
Jon Ciesla |
69c1ae9 |
without altering any of the symlinks owned by the package. Most configurations
|
|
Jon Ciesla |
69c1ae9 |
should not run into problems, but if any symlinks are changed, they will be
|
|
Jon Ciesla |
69c1ae9 |
re-written when the package is upgraded, which could break the site until
|
|
Jon Ciesla |
69c1ae9 |
you re-change the symlink.
|
|
Jon Ciesla |
69c1ae9 |
|
|
Jon Ciesla |
69c1ae9 |
2a. SELinux configuration
|
|
Jon Ciesla |
69c1ae9 |
|
|
Jon Ciesla |
69c1ae9 |
If running with SELinux in Enforcing mode, you'll need run the following to allow drupal
|
|
Jon Ciesla |
69c1ae9 |
to send mail from httpd using sendmail:
|
|
Jon Ciesla |
69c1ae9 |
|
|
Jon Ciesla |
69c1ae9 |
/usr/sbin/setsebool -P httpd_can_sendmail 1
|
|
Jon Ciesla |
69c1ae9 |
|
|
Jon Ciesla |
69c1ae9 |
3. SSL/TLS usage.
|
|
Jon Ciesla |
69c1ae9 |
CVE-2008-3661 relates to the security of session cookies and SSL/TLS.
|
|
Jon Ciesla |
69c1ae9 |
|
|
Jon Ciesla |
69c1ae9 |
http://int21.de/cve/CVE-2008-3661-drupal.html
|
|
Jon Ciesla |
69c1ae9 |
http://www.securityfocus.com/bid/31285
|
|
Jon Ciesla |
69c1ae9 |
|
|
Jon Ciesla |
69c1ae9 |
To help mitigate this, uncomment the following line in /etc/httpd/conf.d/drupal7.conf:
|
|
Jon Ciesla |
69c1ae9 |
#php_flag session.cookie_secure on
|
|
Jon Ciesla |
69c1ae9 |
|
|
Jon Ciesla |
69c1ae9 |
|
|
Jon Ciesla |
69c1ae9 |
4. Upgrading
|
|
Jon Ciesla |
69c1ae9 |
|
|
Jon Ciesla |
69c1ae9 |
Prior to upgrading to a new version, log into each site with the first/admin user,
|
|
Jon Ciesla |
69c1ae9 |
upgrade the rpm, and then run the database upgrader by navigating to
|
|
Jon Ciesla |
69c1ae9 |
http://site/update.php.
|
|
Jon Ciesla |
69c1ae9 |
|
|
Jon Ciesla |
69c1ae9 |
If upgrading to version 6.9-2 or later, please note that
|
|
Jon Ciesla |
69c1ae9 |
the locations for the sites' files directories has changed, and that you'll need
|
|
Jon Ciesla |
69c1ae9 |
to move them and symlink accordingly. A script is included in the doc folder:
|
|
Jon Ciesla |
69c1ae9 |
/usr/share/drupal7-VERSION/drupal-files-migrator.sh. Please use this script as a
|
|
Jon Ciesla |
69c1ae9 |
guideline for the changes you'll need to make.
|
|
Jon Ciesla |
69c1ae9 |
|
|
Jon Ciesla |
69c1ae9 |
Essentially, the site folders will stay in /etc/drupal7, but from there the files folders
|
|
Jon Ciesla |
69c1ae9 |
will be moved to /var/lib/drupal7/files/SITENAME, and symlinked accordingly. This is done
|
|
Jon Ciesla |
69c1ae9 |
for SELinux reasons, see https://bugzilla.redhat.com/show_bug.cgi?id=472642.
|
|
Jon Ciesla |
69c1ae9 |
|
|
Jon Ciesla |
69c1ae9 |
Patches to the script are welcome!
|
|
Jon Ciesla |
69c1ae9 |
|
|
Jon Ciesla |
69c1ae9 |
5. Modules
|
|
Jon Ciesla |
69c1ae9 |
|
|
Jon Ciesla |
69c1ae9 |
There are some drupal modules in Fedora. These will install in
|
|
Jon Ciesla |
69c1ae9 |
/usr/share/drupal7/modules, and you should install your modules there as well.
|
|
Jon Ciesla |
69c1ae9 |
|
|
|
0e9819d |
6. Cron job
|
|
|
0e9819d |
|
|
|
0e9819d |
By default, the drupal cron job is not executed. The log shows
|
|
|
0e9819d |
'Cron could not run because an invalid key was used.'
|
|
|
0e9819d |
This happens because cron invocation is protected by a cron_key parameter.
|
|
|
0e9819d |
|
|
|
0e9819d |
The drupal7 rpm includes a /etc/cron.hourly/drupal7 file, which must be edited
|
|
|
0e9819d |
to include the cron_key parameter.
|