| <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> |
| <HTML |
| ><HEAD |
| ><TITLE |
| >Configuration</TITLE |
| ><META |
| NAME="GENERATOR" |
| CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK |
| REL="HOME" |
| TITLE="The Bugzilla Guide - 2.20.1 |
| Release" |
| HREF="index.html"><LINK |
| REL="UP" |
| TITLE="Installing Bugzilla" |
| HREF="installing-bugzilla.html"><LINK |
| REL="PREVIOUS" |
| TITLE="Installation" |
| HREF="installation.html"><LINK |
| REL="NEXT" |
| TITLE="Optional Additional Configuration" |
| HREF="extraconfig.html"></HEAD |
| ><BODY |
| CLASS="section" |
| BGCOLOR="#FFFFFF" |
| TEXT="#000000" |
| LINK="#0000FF" |
| VLINK="#840084" |
| ALINK="#0000FF" |
| ><DIV |
| CLASS="NAVHEADER" |
| ><TABLE |
| SUMMARY="Header navigation table" |
| WIDTH="100%" |
| BORDER="0" |
| CELLPADDING="0" |
| CELLSPACING="0" |
| ><TR |
| ><TH |
| COLSPAN="3" |
| ALIGN="center" |
| >The Bugzilla Guide - 2.20.1 |
| Release</TH |
| ></TR |
| ><TR |
| ><TD |
| WIDTH="10%" |
| ALIGN="left" |
| VALIGN="bottom" |
| ><A |
| HREF="installation.html" |
| ACCESSKEY="P" |
| >Prev</A |
| ></TD |
| ><TD |
| WIDTH="80%" |
| ALIGN="center" |
| VALIGN="bottom" |
| >Chapter 2. Installing Bugzilla</TD |
| ><TD |
| WIDTH="10%" |
| ALIGN="right" |
| VALIGN="bottom" |
| ><A |
| HREF="extraconfig.html" |
| ACCESSKEY="N" |
| >Next</A |
| ></TD |
| ></TR |
| ></TABLE |
| ><HR |
| ALIGN="LEFT" |
| WIDTH="100%"></DIV |
| ><DIV |
| CLASS="section" |
| ><H1 |
| CLASS="section" |
| ><A |
| NAME="configuration" |
| >2.2. Configuration</A |
| ></H1 |
| ><DIV |
| CLASS="warning" |
| ><P |
| ></P |
| ><TABLE |
| CLASS="warning" |
| WIDTH="100%" |
| BORDER="0" |
| ><TR |
| ><TD |
| WIDTH="25" |
| ALIGN="CENTER" |
| VALIGN="TOP" |
| ><IMG |
| SRC="../images/warning.gif" |
| HSPACE="5" |
| ALT="Warning"></TD |
| ><TD |
| ALIGN="LEFT" |
| VALIGN="TOP" |
| ><P |
| > Poorly-configured MySQL and Bugzilla installations have |
| given attackers full access to systems in the past. Please take the |
| security parts of these guidelines seriously, even for Bugzilla |
| machines hidden away behind your firewall. Be certain to read |
| <A |
| HREF="security.html" |
| >Chapter 4</A |
| > for some important security tips. |
| </P |
| ></TD |
| ></TR |
| ></TABLE |
| ></DIV |
| ><DIV |
| CLASS="section" |
| ><H2 |
| CLASS="section" |
| ><A |
| NAME="localconfig" |
| >2.2.1. localconfig</A |
| ></H2 |
| ><P |
| > You should now run <TT |
| CLASS="filename" |
| >checksetup.pl</TT |
| > again, this time |
| without the <VAR |
| CLASS="literal" |
| >--check-modules</VAR |
| > switch. |
| </P |
| ><TABLE |
| BORDER="0" |
| BGCOLOR="#E0E0E0" |
| WIDTH="100%" |
| ><TR |
| ><TD |
| ><FONT |
| COLOR="#000000" |
| ><PRE |
| CLASS="screen" |
| ><SAMP |
| CLASS="prompt" |
| >bash#</SAMP |
| > ./checksetup.pl</PRE |
| ></FONT |
| ></TD |
| ></TR |
| ></TABLE |
| ><P |
| > This time, <TT |
| CLASS="filename" |
| >checksetup.pl</TT |
| > should tell you that all |
| the correct modules are installed and will display a message about, and |
| write out a file called, <TT |
| CLASS="filename" |
| >localconfig</TT |
| >. This file |
| contains the default settings for a number of Bugzilla parameters. |
| </P |
| ><P |
| > Load this file in your editor. The only value you |
| <EM |
| >need</EM |
| > to change is $db_pass, the password for |
| the user you will create for your database. Pick a strong |
| password (for simplicity, it should not contain single quote |
| characters) and put it here. |
| </P |
| ><P |
| > You may need to change the value of |
| <EM |
| >webservergroup</EM |
| > if your web server does not |
| run in the "apache" group. On Debian, for example, Apache runs in |
| the "www-data" group. If you are going to run Bugzilla on a |
| machine where you do not have root access (such as on a shared web |
| hosting account), you will need to leave |
| <EM |
| >webservergroup</EM |
| > empty, ignoring the warnings |
| that <TT |
| CLASS="filename" |
| >checksetup.pl</TT |
| > will subsequently display |
| every time it in run. |
| </P |
| ><P |
| > The other options in the <TT |
| CLASS="filename" |
| >localconfig</TT |
| > file |
| are documented by their accompanying comments. If you have a slightly |
| non-standard MySQL setup, you may wish to change one or more of |
| the other "$db_*" parameters. |
| </P |
| ><P |
| > You may also wish to change the names of |
| the priorities, severities, operating systems and platforms for your |
| installation. However, you can always change these after installation |
| has finished; if you then re-run <TT |
| CLASS="filename" |
| >checksetup.pl</TT |
| >, |
| the changes will get picked up. |
| </P |
| ></DIV |
| ><DIV |
| CLASS="section" |
| ><H2 |
| CLASS="section" |
| ><A |
| NAME="database-engine" |
| >2.2.2. Database Server</A |
| ></H2 |
| ><P |
| >This section deals with configuring your database server for use |
| with Bugzilla. Currently <A |
| HREF="configuration.html#mysql" |
| >Section 2.2.2.1</A |
| > and |
| <A |
| HREF="configuration.html#postgresql" |
| >Section 2.2.2.2</A |
| > are available.</P |
| ><DIV |
| CLASS="section" |
| ><H3 |
| CLASS="section" |
| ><A |
| NAME="mysql" |
| >2.2.2.1. MySQL</A |
| ></H3 |
| ><DIV |
| CLASS="caution" |
| ><P |
| ></P |
| ><TABLE |
| CLASS="caution" |
| WIDTH="100%" |
| BORDER="0" |
| ><TR |
| ><TD |
| WIDTH="25" |
| ALIGN="CENTER" |
| VALIGN="TOP" |
| ><IMG |
| SRC="../images/caution.gif" |
| HSPACE="5" |
| ALT="Caution"></TD |
| ><TD |
| ALIGN="LEFT" |
| VALIGN="TOP" |
| ><P |
| > MySQL's default configuration is very insecure. |
| <A |
| HREF="security-mysql.html" |
| >Section 4.2</A |
| > has some good information for |
| improving your installation's security. |
| </P |
| ></TD |
| ></TR |
| ></TABLE |
| ></DIV |
| ><DIV |
| CLASS="section" |
| ><H4 |
| CLASS="section" |
| ><A |
| NAME="install-setupdatabase" |
| >2.2.2.1.1. Allow large attachments</A |
| ></H4 |
| ><P |
| > By default, MySQL will only accept packets up to 64Kb in size. |
| If you want to have attachments larger than this, you will need |
| to modify your <TT |
| CLASS="filename" |
| >/etc/my.cnf</TT |
| > as below. |
| </P |
| ><P |
| > If you are using MySQL 4.0 or newer, enter: |
| </P |
| ><TABLE |
| BORDER="0" |
| BGCOLOR="#E0E0E0" |
| WIDTH="100%" |
| ><TR |
| ><TD |
| ><FONT |
| COLOR="#000000" |
| ><PRE |
| CLASS="screen" |
| > [mysqld] |
| # Allow packets up to 1M |
| max_allowed_packet=1M</PRE |
| ></FONT |
| ></TD |
| ></TR |
| ></TABLE |
| ><P |
| > If you are using an older version of MySQL, enter: |
| </P |
| ><TABLE |
| BORDER="0" |
| BGCOLOR="#E0E0E0" |
| WIDTH="100%" |
| ><TR |
| ><TD |
| ><FONT |
| COLOR="#000000" |
| ><PRE |
| CLASS="screen" |
| > [mysqld] |
| # Allow packets up to 1M |
| set-variable = max_allowed_packet=1M</PRE |
| ></FONT |
| ></TD |
| ></TR |
| ></TABLE |
| ><P |
| > There is also a parameter in Bugzilla called 'maxattachmentsize' |
| (default = 1000 Kb) that controls the maximum allowable attachment |
| size. Attachments larger than <EM |
| >either</EM |
| > the |
| 'max_allowed_packet' or 'maxattachmentsize' value will not be |
| accepted by Bugzilla. |
| </P |
| ><DIV |
| CLASS="note" |
| ><P |
| ></P |
| ><TABLE |
| CLASS="note" |
| WIDTH="100%" |
| BORDER="0" |
| ><TR |
| ><TD |
| WIDTH="25" |
| ALIGN="CENTER" |
| VALIGN="TOP" |
| ><IMG |
| SRC="../images/note.gif" |
| HSPACE="5" |
| ALT="Note"></TD |
| ><TD |
| ALIGN="LEFT" |
| VALIGN="TOP" |
| ><P |
| > This does not affect Big Files, attachments that are stored directly |
| on disk instead of in the database. Their maximum size is |
| controlled using the 'maxlocalattachment' parameter. |
| </P |
| ></TD |
| ></TR |
| ></TABLE |
| ></DIV |
| ></DIV |
| ><DIV |
| CLASS="section" |
| ><H4 |
| CLASS="section" |
| ><A |
| NAME="AEN439" |
| >2.2.2.1.2. Allow small words in full-text indexes</A |
| ></H4 |
| ><P |
| >By default, words must be at least four characters in length |
| in order to be indexed by MySQL's full-text indexes. This causes |
| a lot of Bugzilla specific words to be missed, including "cc", |
| "ftp" and "uri".</P |
| ><P |
| >MySQL can be configured to index those words by setting the |
| ft_min_word_len param to the minimum size of the words to index. |
| This can be done by modifying the <TT |
| CLASS="filename" |
| >/etc/my.cnf</TT |
| > |
| according to the example below:</P |
| ><TABLE |
| BORDER="0" |
| BGCOLOR="#E0E0E0" |
| WIDTH="100%" |
| ><TR |
| ><TD |
| ><FONT |
| COLOR="#000000" |
| ><PRE |
| CLASS="screen" |
| > [mysqld] |
| # Allow small words in full-text indexes |
| ft_min_word_len=2</PRE |
| ></FONT |
| ></TD |
| ></TR |
| ></TABLE |
| ><P |
| >Rebuilding the indexes can be done based on documentation found at |
| <A |
| HREF="http://www.mysql.com/doc/en/Fulltext_Fine-tuning.html" |
| TARGET="_top" |
| >http://www.mysql.com/doc/en/Fulltext_Fine-tuning.html</A |
| >. |
| </P |
| ><DIV |
| CLASS="note" |
| ><P |
| ></P |
| ><TABLE |
| CLASS="note" |
| WIDTH="100%" |
| BORDER="0" |
| ><TR |
| ><TD |
| WIDTH="25" |
| ALIGN="CENTER" |
| VALIGN="TOP" |
| ><IMG |
| SRC="../images/note.gif" |
| HSPACE="5" |
| ALT="Note"></TD |
| ><TD |
| ALIGN="LEFT" |
| VALIGN="TOP" |
| ><P |
| > The ft_min_word_len parameter is only suported in MySQL v4 or higher. |
| </P |
| ></TD |
| ></TR |
| ></TABLE |
| ></DIV |
| ></DIV |
| ><DIV |
| CLASS="section" |
| ><H4 |
| CLASS="section" |
| ><A |
| NAME="AEN449" |
| >2.2.2.1.3. Permit attachments table to grow beyond 4GB</A |
| ></H4 |
| ><P |
| > By default, MySQL will limit the size of a table to 4GB. |
| This limit is present even if the underlying filesystem |
| has no such limit. To set a higher limit, follow these |
| instructions. |
| </P |
| ><P |
| > Run the <TT |
| CLASS="filename" |
| >MySQL</TT |
| > command-line client and |
| enter: |
| </P |
| ><TABLE |
| BORDER="0" |
| BGCOLOR="#E0E0E0" |
| WIDTH="100%" |
| ><TR |
| ><TD |
| ><FONT |
| COLOR="#000000" |
| ><PRE |
| CLASS="screen" |
| > <SAMP |
| CLASS="prompt" |
| >mysql></SAMP |
| > ALTER TABLE attachments |
| AVG_ROW_LENGTH=1000000, MAX_ROWS=20000; |
| </PRE |
| ></FONT |
| ></TD |
| ></TR |
| ></TABLE |
| ><P |
| > The above command will change the limit to 20GB. Mysql will have |
| to make a temporary copy of your entire table to do this. Ideally, |
| you should do this when your attachments table is still small. |
| </P |
| ><DIV |
| CLASS="note" |
| ><P |
| ></P |
| ><TABLE |
| CLASS="note" |
| WIDTH="100%" |
| BORDER="0" |
| ><TR |
| ><TD |
| WIDTH="25" |
| ALIGN="CENTER" |
| VALIGN="TOP" |
| ><IMG |
| SRC="../images/note.gif" |
| HSPACE="5" |
| ALT="Note"></TD |
| ><TD |
| ALIGN="LEFT" |
| VALIGN="TOP" |
| ><P |
| > This does not affect Big Files, attachments that are stored directly |
| on disk instead of in the database. |
| </P |
| ></TD |
| ></TR |
| ></TABLE |
| ></DIV |
| ></DIV |
| ><DIV |
| CLASS="section" |
| ><H4 |
| CLASS="section" |
| ><A |
| NAME="install-setupdatabase-adduser" |
| >2.2.2.1.4. Add a user to MySQL</A |
| ></H4 |
| ><P |
| > You need to add a new MySQL user for Bugzilla to use. |
| (It's not safe to have Bugzilla use the MySQL root account.) |
| The following instructions assume the defaults in |
| <TT |
| CLASS="filename" |
| >localconfig</TT |
| >; if you changed those, |
| you need to modify the SQL command appropriately. You will |
| need the <VAR |
| CLASS="replaceable" |
| >$db_pass</VAR |
| > password you |
| set in <TT |
| CLASS="filename" |
| >localconfig</TT |
| > in |
| <A |
| HREF="configuration.html#localconfig" |
| >Section 2.2.1</A |
| >. |
| </P |
| ><P |
| > We use an SQL <B |
| CLASS="command" |
| >GRANT</B |
| > command to create |
| a <SPAN |
| CLASS="QUOTE" |
| >"bugs"</SPAN |
| > user. This also restricts the |
| <SPAN |
| CLASS="QUOTE" |
| >"bugs"</SPAN |
| >user to operations within a database |
| called <SPAN |
| CLASS="QUOTE" |
| >"bugs"</SPAN |
| >, and only allows the account |
| to connect from <SPAN |
| CLASS="QUOTE" |
| >"localhost"</SPAN |
| >. Modify it to |
| reflect your setup if you will be connecting from another |
| machine or as a different user. |
| </P |
| ><P |
| > Run the <TT |
| CLASS="filename" |
| >mysql</TT |
| > command-line client. |
| </P |
| ><P |
| > If you are using MySQL 4.0 or newer, enter: |
| </P |
| ><TABLE |
| BORDER="0" |
| BGCOLOR="#E0E0E0" |
| WIDTH="100%" |
| ><TR |
| ><TD |
| ><FONT |
| COLOR="#000000" |
| ><PRE |
| CLASS="screen" |
| > <SAMP |
| CLASS="prompt" |
| >mysql></SAMP |
| > GRANT SELECT, INSERT, |
| UPDATE, DELETE, INDEX, ALTER, CREATE, LOCK TABLES, |
| CREATE TEMPORARY TABLES, DROP, REFERENCES ON bugs.* |
| TO bugs@localhost IDENTIFIED BY '<VAR |
| CLASS="replaceable" |
| >$db_pass</VAR |
| >'; |
| <SAMP |
| CLASS="prompt" |
| >mysql></SAMP |
| > FLUSH PRIVILEGES;</PRE |
| ></FONT |
| ></TD |
| ></TR |
| ></TABLE |
| ><P |
| > If you are using an older version of MySQL,the |
| <SAMP |
| CLASS="computeroutput" |
| >LOCK TABLES</SAMP |
| > and |
| <SAMP |
| CLASS="computeroutput" |
| >CREATE TEMPORARY TABLES</SAMP |
| > |
| permissions will be unavailable and should be removed from |
| the permissions list. In this case, the following command |
| line can be used: |
| </P |
| ><TABLE |
| BORDER="0" |
| BGCOLOR="#E0E0E0" |
| WIDTH="100%" |
| ><TR |
| ><TD |
| ><FONT |
| COLOR="#000000" |
| ><PRE |
| CLASS="screen" |
| > <SAMP |
| CLASS="prompt" |
| >mysql></SAMP |
| > GRANT SELECT, INSERT, |
| UPDATE, DELETE, INDEX, ALTER, CREATE, DROP, |
| REFERENCES ON bugs.* TO bugs@localhost IDENTIFIED BY |
| '<VAR |
| CLASS="replaceable" |
| >$db_pass</VAR |
| >'; |
| <SAMP |
| CLASS="prompt" |
| >mysql></SAMP |
| > FLUSH PRIVILEGES;</PRE |
| ></FONT |
| ></TD |
| ></TR |
| ></TABLE |
| ></DIV |
| ></DIV |
| ><DIV |
| CLASS="section" |
| ><H3 |
| CLASS="section" |
| ><A |
| NAME="postgresql" |
| >2.2.2.2. PostgreSQL</A |
| ></H3 |
| ><DIV |
| CLASS="note" |
| ><P |
| ></P |
| ><TABLE |
| CLASS="note" |
| WIDTH="100%" |
| BORDER="0" |
| ><TR |
| ><TD |
| WIDTH="25" |
| ALIGN="CENTER" |
| VALIGN="TOP" |
| ><IMG |
| SRC="../images/note.gif" |
| HSPACE="5" |
| ALT="Note"></TD |
| ><TD |
| ALIGN="LEFT" |
| VALIGN="TOP" |
| ><P |
| >Note if you are using PostgreSQL 8.0.1 or higher, then you |
| will require to use a version of DBD::Pg which is equal to or |
| greater than version 1.41 |
| </P |
| ></TD |
| ></TR |
| ></TABLE |
| ></DIV |
| ><DIV |
| CLASS="section" |
| ><H4 |
| CLASS="section" |
| ><A |
| NAME="AEN490" |
| >2.2.2.2.1. Add a User to PostgreSQL</A |
| ></H4 |
| ><P |
| >You need to add a new user to PostgreSQL for the Bugzilla |
| application to use when accessing the database. The following instructions |
| assume the defaults in <TT |
| CLASS="filename" |
| >localconfig</TT |
| >; if you |
| changed those, you need to modify the commands appropriately. You will |
| need the <VAR |
| CLASS="replaceable" |
| >$db_pass</VAR |
| > password you |
| set in <TT |
| CLASS="filename" |
| >localconfig</TT |
| > in |
| <A |
| HREF="configuration.html#localconfig" |
| >Section 2.2.1</A |
| >.</P |
| ><P |
| >On most systems, to create the user in PostgreSQL, you will need to |
| login as the root user, and then</P |
| ><TABLE |
| BORDER="0" |
| BGCOLOR="#E0E0E0" |
| WIDTH="100%" |
| ><TR |
| ><TD |
| ><FONT |
| COLOR="#000000" |
| ><PRE |
| CLASS="screen" |
| > <SAMP |
| CLASS="prompt" |
| >bash#</SAMP |
| > su - postgres</PRE |
| ></FONT |
| ></TD |
| ></TR |
| ></TABLE |
| ><P |
| >As the postgres user, you then need to create a new user: </P |
| ><TABLE |
| BORDER="0" |
| BGCOLOR="#E0E0E0" |
| WIDTH="100%" |
| ><TR |
| ><TD |
| ><FONT |
| COLOR="#000000" |
| ><PRE |
| CLASS="screen" |
| > <SAMP |
| CLASS="prompt" |
| >bash$</SAMP |
| > createuser -U postgres -dAP bugs</PRE |
| ></FONT |
| ></TD |
| ></TR |
| ></TABLE |
| ><P |
| >When asked for a password, provide the password which will be set as |
| <VAR |
| CLASS="replaceable" |
| >$db_pass</VAR |
| > in <TT |
| CLASS="filename" |
| >localconfig</TT |
| >. |
| The created user will have the ability to create databases and will not be |
| able to create new users.</P |
| ></DIV |
| ><DIV |
| CLASS="section" |
| ><H4 |
| CLASS="section" |
| ><A |
| NAME="AEN506" |
| >2.2.2.2.2. Configure PostgreSQL</A |
| ></H4 |
| ><P |
| >Now, you will need to edit <TT |
| CLASS="filename" |
| >pg_hba.conf</TT |
| > which is |
| usually located in <TT |
| CLASS="filename" |
| >/var/lib/pgsql/data/</TT |
| >. In this file, |
| you will need to add a new line to it as follows:</P |
| ><P |
| > <SAMP |
| CLASS="computeroutput" |
| >host all bugs 127.0.0.1 255.255.255.255 md5</SAMP |
| > |
| </P |
| ><P |
| >This means that for TCP/IP (host) connections, allow connections from |
| '127.0.0.1' to 'all' databases on this server from the 'bugs' user, and use |
| password authentication (md5) for that user.</P |
| ><P |
| >If you are using <EM |
| >versions of PostgreSQL |
| before version 8</EM |
| >, you may also need to edit <TT |
| CLASS="filename" |
| >postgresql.conf</TT |
| > |
| , also usually found in the <TT |
| CLASS="filename" |
| >/var/lib/pgsql/data/</TT |
| > folder. |
| You will need to make a single line change, changing</P |
| ><P |
| > <SAMP |
| CLASS="computeroutput" |
| ># tcpip_socket = false</SAMP |
| > |
| </P |
| ><P |
| >to</P |
| ><P |
| > <SAMP |
| CLASS="computeroutput" |
| >tcpip_socket = true</SAMP |
| > |
| </P |
| ><P |
| >Now, you will need to restart PostgreSQL, but you will need to fully |
| stop and start the server rather than just restarting due to the possibility |
| of a change to <TT |
| CLASS="filename" |
| >postgresql.conf</TT |
| >. After the server has |
| restarted, you will need to edit <TT |
| CLASS="filename" |
| >localconfig</TT |
| >, finding |
| the <VAR |
| CLASS="literal" |
| >$db_driver</VAR |
| > variable and setting it to |
| <VAR |
| CLASS="literal" |
| >Pg</VAR |
| > and changing the password in <VAR |
| CLASS="literal" |
| >$db_pass</VAR |
| > |
| to the one you picked previously, while setting up the account.</P |
| ></DIV |
| ></DIV |
| ></DIV |
| ><DIV |
| CLASS="section" |
| ><H2 |
| CLASS="section" |
| ><A |
| NAME="AEN529" |
| >2.2.3. checksetup.pl</A |
| ></H2 |
| ><P |
| > Next, rerun <TT |
| CLASS="filename" |
| >checksetup.pl</TT |
| >. It reconfirms |
| that all the modules are present, and notices the altered |
| localconfig file, which it assumes you have edited to your |
| satisfaction. It compiles the UI templates, |
| connects to the database using the 'bugs' |
| user you created and the password you defined, and creates the |
| 'bugs' database and the tables therein. |
| </P |
| ><P |
| > After that, it asks for details of an administrator account. Bugzilla |
| can have multiple administrators - you can create more later - but |
| it needs one to start off with. |
| Enter the email address of an administrator, his or her full name, |
| and a suitable Bugzilla password. |
| </P |
| ><P |
| > <TT |
| CLASS="filename" |
| >checksetup.pl</TT |
| > will then finish. You may rerun |
| <TT |
| CLASS="filename" |
| >checksetup.pl</TT |
| > at any time if you wish. |
| </P |
| ></DIV |
| ><DIV |
| CLASS="section" |
| ><H2 |
| CLASS="section" |
| ><A |
| NAME="http" |
| >2.2.4. Web server</A |
| ></H2 |
| ><P |
| > Configure your web server according to the instructions in the |
| appropriate section. (If it makes a difference in your choice, |
| the Bugzilla Team recommends Apache.) Regardless of which webserver |
| you are using, however, ensure that sensitive information is |
| not remotely available by properly applying the access controls in |
| <A |
| HREF="security-webserver.html#security-webserver-access" |
| >Section 4.3.1</A |
| >. |
| </P |
| ><DIV |
| CLASS="section" |
| ><H3 |
| CLASS="section" |
| ><A |
| NAME="http-apache" |
| >2.2.4.1. Apache <SPAN |
| CLASS="productname" |
| >httpd</SPAN |
| ></A |
| ></H3 |
| ><P |
| > To configure your Apache web server to work with Bugzilla, |
| do the following: |
| </P |
| ><DIV |
| CLASS="procedure" |
| ><OL |
| TYPE="1" |
| ><LI |
| ><P |
| > Load <TT |
| CLASS="filename" |
| >httpd.conf</TT |
| > in your editor. |
| In Fedora and Red Hat Linux, this file is found in |
| <TT |
| CLASS="filename" |
| >/etc/httpd/conf</TT |
| >. |
| </P |
| ></LI |
| ><LI |
| ><P |
| > Apache uses <SAMP |
| CLASS="computeroutput" |
| ><Directory></SAMP |
| > |
| directives to permit fine-grained permission setting. Add the |
| following lines to a directive that applies to the location |
| of your Bugzilla installation. (If such a section does not |
| exist, you'll want to add one.) In this example, Bugzilla has |
| been installed at |
| <TT |
| CLASS="filename" |
| >/var/www/html/bugzilla</TT |
| >. |
| </P |
| ><TABLE |
| BORDER="0" |
| BGCOLOR="#E0E0E0" |
| WIDTH="100%" |
| ><TR |
| ><TD |
| ><FONT |
| COLOR="#000000" |
| ><PRE |
| CLASS="programlisting" |
| > <Directory /var/www/html/bugzilla> |
| AddHandler cgi-script .cgi |
| Options +Indexes +ExecCGI |
| DirectoryIndex index.cgi |
| AllowOverride Limit |
| </Directory> |
| </PRE |
| ></FONT |
| ></TD |
| ></TR |
| ></TABLE |
| ><P |
| > These instructions: allow apache to run .cgi files found |
| within the bugzilla directory; instructs the server to look |
| for a file called <TT |
| CLASS="filename" |
| >index.cgi</TT |
| > if someone |
| only types the directory name into the browser; and allows |
| Bugzilla's <TT |
| CLASS="filename" |
| >.htaccess</TT |
| > files to override |
| global permissions. |
| </P |
| ><DIV |
| CLASS="note" |
| ><P |
| ></P |
| ><TABLE |
| CLASS="note" |
| WIDTH="100%" |
| BORDER="0" |
| ><TR |
| ><TD |
| WIDTH="25" |
| ALIGN="CENTER" |
| VALIGN="TOP" |
| ><IMG |
| SRC="../images/note.gif" |
| HSPACE="5" |
| ALT="Note"></TD |
| ><TD |
| ALIGN="LEFT" |
| VALIGN="TOP" |
| ><P |
| > It is possible to make these changes globally, or to the |
| directive controlling Bugzilla's parent directory (e.g. |
| <SAMP |
| CLASS="computeroutput" |
| ><Directory /var/www/html/></SAMP |
| >). |
| Such changes would also apply to the Bugzilla directory... |
| but they would also apply to many other places where they |
| may or may not be appropriate. In most cases, including |
| this one, it is better to be as restrictive as possible |
| when granting extra access. |
| </P |
| ></TD |
| ></TR |
| ></TABLE |
| ></DIV |
| ></LI |
| ><LI |
| ><P |
| > <TT |
| CLASS="filename" |
| >checksetup.pl</TT |
| > can set tighter permissions |
| on Bugzilla's files and directories if it knows what group the |
| webserver runs as. Find the <SAMP |
| CLASS="computeroutput" |
| >Group</SAMP |
| > |
| line in <TT |
| CLASS="filename" |
| >httpd.conf</TT |
| >, place the value found |
| there in the <VAR |
| CLASS="replaceable" |
| >$webservergroup</VAR |
| > variable |
| in <TT |
| CLASS="filename" |
| >localconfig</TT |
| >, then rerun |
| <TT |
| CLASS="filename" |
| >checksetup.pl</TT |
| >. |
| </P |
| ></LI |
| ><LI |
| ><P |
| > Optional: If Bugzilla does not actually reside in the webspace |
| directory, but instead has been symbolically linked there, you |
| will need to add the following to the |
| <SAMP |
| CLASS="computeroutput" |
| >Options</SAMP |
| > line of the Bugzilla |
| <SAMP |
| CLASS="computeroutput" |
| ><Directory></SAMP |
| > directive |
| (the same one as in the step above): |
| </P |
| ><TABLE |
| BORDER="0" |
| BGCOLOR="#E0E0E0" |
| WIDTH="100%" |
| ><TR |
| ><TD |
| ><FONT |
| COLOR="#000000" |
| ><PRE |
| CLASS="programlisting" |
| > +FollowSymLinks |
| </PRE |
| ></FONT |
| ></TD |
| ></TR |
| ></TABLE |
| ><P |
| > Without this directive, Apache will not follow symbolic links |
| to places outside its own directory structure, and you will be |
| unable to run Bugzilla. |
| </P |
| ></LI |
| ></OL |
| ></DIV |
| ></DIV |
| ><DIV |
| CLASS="section" |
| ><H3 |
| CLASS="section" |
| ><A |
| NAME="http-iis" |
| >2.2.4.2. Microsoft <SPAN |
| CLASS="productname" |
| >Internet Information Services</SPAN |
| ></A |
| ></H3 |
| ><P |
| > If you are running Bugzilla on Windows and choose to use |
| Microsoft's <SPAN |
| CLASS="productname" |
| >Internet Information Services</SPAN |
| > |
| or <SPAN |
| CLASS="productname" |
| >Personal Web Server</SPAN |
| > you will need |
| to perform a number of other configuration steps as explained below. |
| You may also want to refer to the following Microsoft Knowledge |
| Base articles: |
| <A |
| HREF="http://support.microsoft.com/default.aspx?scid=kb;en-us;245225" |
| TARGET="_top" |
| >245225</A |
| > |
| <SPAN |
| CLASS="QUOTE" |
| >"HOW TO: Configure and Test a PERL Script with IIS 4.0, |
| 5.0, and 5.1"</SPAN |
| > (for <SPAN |
| CLASS="productname" |
| >Internet Information |
| Services</SPAN |
| >) and |
| <A |
| HREF="http://support.microsoft.com/default.aspx?scid=kb;en-us;231998" |
| TARGET="_top" |
| >231998</A |
| > |
| <SPAN |
| CLASS="QUOTE" |
| >"HOW TO: FP2000: How to Use Perl with Microsoft Personal Web |
| Server on Windows 95/98"</SPAN |
| > (for <SPAN |
| CLASS="productname" |
| >Personal Web |
| Server</SPAN |
| >). |
| </P |
| ><P |
| > You will need to create a virtual directory for the Bugzilla |
| install. Put the Bugzilla files in a directory that is named |
| something <EM |
| >other</EM |
| > than what you want your |
| end-users accessing. That is, if you want your users to access |
| your Bugzilla installation through |
| <SPAN |
| CLASS="QUOTE" |
| >"http://<yourdomainname>/Bugzilla"</SPAN |
| >, then do |
| <EM |
| >not</EM |
| > put your Bugzilla files in a directory |
| named <SPAN |
| CLASS="QUOTE" |
| >"Bugzilla"</SPAN |
| >. Instead, place them in a different |
| location, and then use the IIS Administration tool to create a |
| Virtual Directory named "Bugzilla" that acts as an alias for the |
| actual location of the files. When creating that virtual directory, |
| make sure you add the <SPAN |
| CLASS="QUOTE" |
| >"Execute (such as ISAPI applications or |
| CGI)"</SPAN |
| > access permission. |
| </P |
| ><P |
| > You will also need to tell IIS how to handle Bugzilla's |
| .cgi files. Using the IIS Administration tool again, open up |
| the properties for the new virtual directory and select the |
| Configuration option to access the Script Mappings. Create an |
| entry mapping .cgi to: |
| </P |
| ><TABLE |
| BORDER="0" |
| BGCOLOR="#E0E0E0" |
| WIDTH="100%" |
| ><TR |
| ><TD |
| ><FONT |
| COLOR="#000000" |
| ><PRE |
| CLASS="programlisting" |
| > <full path to perl.exe >\perl.exe -x<full path to Bugzilla> -wT "%s" %s |
| </PRE |
| ></FONT |
| ></TD |
| ></TR |
| ></TABLE |
| ><P |
| > For example: |
| </P |
| ><TABLE |
| BORDER="0" |
| BGCOLOR="#E0E0E0" |
| WIDTH="100%" |
| ><TR |
| ><TD |
| ><FONT |
| COLOR="#000000" |
| ><PRE |
| CLASS="programlisting" |
| > c:\perl\bin\perl.exe -xc:\bugzilla -wT "%s" %s |
| </PRE |
| ></FONT |
| ></TD |
| ></TR |
| ></TABLE |
| ><DIV |
| CLASS="note" |
| ><P |
| ></P |
| ><TABLE |
| CLASS="note" |
| WIDTH="100%" |
| BORDER="0" |
| ><TR |
| ><TD |
| WIDTH="25" |
| ALIGN="CENTER" |
| VALIGN="TOP" |
| ><IMG |
| SRC="../images/note.gif" |
| HSPACE="5" |
| ALT="Note"></TD |
| ><TD |
| ALIGN="LEFT" |
| VALIGN="TOP" |
| ><P |
| > The ActiveState install may have already created an entry for |
| .pl files that is limited to <SPAN |
| CLASS="QUOTE" |
| >"GET,HEAD,POST"</SPAN |
| >. If |
| so, this mapping should be <EM |
| >removed</EM |
| > as |
| Bugzilla's .pl files are not designed to be run via a webserver. |
| </P |
| ></TD |
| ></TR |
| ></TABLE |
| ></DIV |
| ><P |
| > IIS will also need to know that the index.cgi should be treated |
| as a default document. On the Documents tab page of the virtual |
| directory properties, you need to add index.cgi as a default |
| document type. If you wish, you may remove the other default |
| document types for this particular virtual directory, since Bugzilla |
| doesn't use any of them. |
| </P |
| ><P |
| > Also, and this can't be stressed enough, make sure that files |
| such as <TT |
| CLASS="filename" |
| >localconfig</TT |
| > and your |
| <TT |
| CLASS="filename" |
| >data</TT |
| > directory are |
| secured as described in <A |
| HREF="security-webserver.html#security-webserver-access" |
| >Section 4.3.1</A |
| >. |
| </P |
| ></DIV |
| ></DIV |
| ><DIV |
| CLASS="section" |
| ><H2 |
| CLASS="section" |
| ><A |
| NAME="install-config-bugzilla" |
| >2.2.5. Bugzilla</A |
| ></H2 |
| ><P |
| > Your Bugzilla should now be working. Access |
| <TT |
| CLASS="filename" |
| >http://<your-bugzilla-server>/</TT |
| > - |
| you should see the Bugzilla |
| front page. If not, consult the Troubleshooting section, |
| <A |
| HREF="troubleshooting.html" |
| >Appendix B</A |
| >. |
| </P |
| ><DIV |
| CLASS="note" |
| ><P |
| ></P |
| ><TABLE |
| CLASS="note" |
| WIDTH="100%" |
| BORDER="0" |
| ><TR |
| ><TD |
| WIDTH="25" |
| ALIGN="CENTER" |
| VALIGN="TOP" |
| ><IMG |
| SRC="../images/note.gif" |
| HSPACE="5" |
| ALT="Note"></TD |
| ><TD |
| ALIGN="LEFT" |
| VALIGN="TOP" |
| ><P |
| > The URL above may be incorrect if you installed Bugzilla into a |
| subdirectory or used a symbolic link from your web site root to |
| the Bugzilla directory. |
| </P |
| ></TD |
| ></TR |
| ></TABLE |
| ></DIV |
| ><P |
| > Log in with the administrator account you defined in the last |
| <TT |
| CLASS="filename" |
| >checksetup.pl</TT |
| > run. You should go through |
| the parameters on the Edit Parameters page |
| (see link in the footer) and see if there are any you wish to |
| change. |
| They key parameters are documented in <A |
| HREF="parameters.html" |
| >Section 3.1</A |
| >; |
| you should certainly alter |
| <B |
| CLASS="command" |
| >maintainer</B |
| > and <B |
| CLASS="command" |
| >urlbase</B |
| >; |
| you may also want to alter |
| <B |
| CLASS="command" |
| >cookiepath</B |
| > or <B |
| CLASS="command" |
| >requirelogin</B |
| >. |
| </P |
| ><P |
| > This would also be a good time to revisit the |
| <TT |
| CLASS="filename" |
| >localconfig</TT |
| > file and make sure that the |
| names of the priorities, severities, platforms and operating systems |
| are those you wish to use when you start creating bugs. Remember |
| to rerun <TT |
| CLASS="filename" |
| >checksetup.pl</TT |
| > if you change it. |
| </P |
| ><P |
| > Bugzilla has several optional features which require extra |
| configuration. You can read about those in |
| <A |
| HREF="extraconfig.html" |
| >Section 2.3</A |
| >. |
| </P |
| ></DIV |
| ></DIV |
| ><DIV |
| CLASS="NAVFOOTER" |
| ><HR |
| ALIGN="LEFT" |
| WIDTH="100%"><TABLE |
| SUMMARY="Footer navigation table" |
| WIDTH="100%" |
| BORDER="0" |
| CELLPADDING="0" |
| CELLSPACING="0" |
| ><TR |
| ><TD |
| WIDTH="33%" |
| ALIGN="left" |
| VALIGN="top" |
| ><A |
| HREF="installation.html" |
| ACCESSKEY="P" |
| >Prev</A |
| ></TD |
| ><TD |
| WIDTH="34%" |
| ALIGN="center" |
| VALIGN="top" |
| ><A |
| HREF="index.html" |
| ACCESSKEY="H" |
| >Home</A |
| ></TD |
| ><TD |
| WIDTH="33%" |
| ALIGN="right" |
| VALIGN="top" |
| ><A |
| HREF="extraconfig.html" |
| ACCESSKEY="N" |
| >Next</A |
| ></TD |
| ></TR |
| ><TR |
| ><TD |
| WIDTH="33%" |
| ALIGN="left" |
| VALIGN="top" |
| >Installation</TD |
| ><TD |
| WIDTH="34%" |
| ALIGN="center" |
| VALIGN="top" |
| ><A |
| HREF="installing-bugzilla.html" |
| ACCESSKEY="U" |
| >Up</A |
| ></TD |
| ><TD |
| WIDTH="33%" |
| ALIGN="right" |
| VALIGN="top" |
| >Optional Additional Configuration</TD |
| ></TR |
| ></TABLE |
| ></DIV |
| ></BODY |
| ></HTML |
| > |