From eefe9d508c7e7c98fffaf1782deaadac4baf01e8 Mon Sep 17 00:00:00 2001 From: bradymiller Date: Mon, 9 Feb 2009 11:36:48 +0000 Subject: [PATCH] Installation checks for file permissions --- INSTALL | 43 ++++++++++---------- setup.php | 135 +++++++++++++++++++++++++++++++------------------------------- 2 files changed, 91 insertions(+), 87 deletions(-) diff --git a/INSTALL b/INSTALL index e4390bb31..ff406ad1b 100644 --- a/INSTALL +++ b/INSTALL @@ -64,8 +64,23 @@ Linux, for example, use the command: Make sure the webserver is running, and point a web-browser to setup.php located within the openemr web folder. If you installed OpenEMR in the root web directory, the URL would read: http://localhost/openemr/setup.php. -The setup script will step you through the configuration of the OpenEMR -and embedded php-GACL databases. +The setup script will step you through the configuration of the OpenEMR. + +The first screen will ensure that several files/directories exist and ensure +that the webserver user (often "nobody", "apache", or "www-data") has write +privileges on these files/directories. The files include +openemr/library/sqlconf.php, openemr/gacl/gacl.ini.php and +openemr/gacl/gacl.class.php. In linux, these can be set by "chmod a+w +filename" command to grant global write permissions to the file, but be +sure to set them back to something more secure (such as chmod 644) before +actively using OpenEMR. The directories include +openemr/gacl/admin/templates_c, +openemr/interface/main/calendar/modules/PostCalendar/pntemplates/compiled and +openemr/interface/main/calendar/modules/PostCalendar/pntemplates/cache. The command +"chown apache -R directory_name" will grant global write permissions +to the directories, and we recommend making these changes permanent. +Should it display errors related to file/directory writing priviledges you +may click the 'Check Again' button to try again (after fixing permissions). In step 1, you need to tell setup whether it needs to create the databases on its own, or if they you have already created them. MySQL root priveleges will @@ -111,22 +126,11 @@ It is suggested that no more than one group per office be used. Step 3 is where setup will install the OpenEMR database and connect to it to create the initial tables. Should anything fail during step 3, you may have to remove the existing database or tables before you can try again. If no errors -occur, you will see a "Continue" button at the bottom. Before clicking this, -you need to ensure that the webserver user (often "nobody", "apache", or -"www-data") has write privileges on the openemr/library/sqlconf.php, -openemr/gacl/gacl.ini.php and openemr/gacl/gacl.class.php files and the -openemr/gacl/admin/templates_c directory. The command -"chmod a+w library/sqlconf.php" will grant global write permissions -to the file. Be sure to set them back to something more secure (such as -chmod 644) before actively using OpenEMR. - -Step 4 will initially check to ensure the proper writing priviledges in the -files and directory mentioned above in step 3. Should it display -errors related to file writing priviledges you may click the 'Check Again' -button to try again (after fixing file permission). After the file -priviledges are confirmed, it will then write setting to the SQL -configuration file, and then install and configure the embedded phpGACL -access controls. +occur, you will see a "Continue" button at the bottom. + +Step 4 will then write setting to the SQL configuration file and +install/configure the embedded phpGACL access controls. After completed, there +will be a "Continue" button at the bottom. Once setup is completed, one last thing must be done before OpenEMR can be used. The file openemr/interface/globals.php must be edited by hand to reflect the @@ -166,8 +170,7 @@ and custom/faxcover.txt; it also requires the following utilities: IV. Setting Up Access Control -Since OpenEMR version 2.9.0.3, phpGACL access control software has been -embedded in OpenEMR, and these access controls are installed and +Since OpenEMR version 2.9.0.3, phpGACL access controls are installed and configured automatically during OpenEMR setup. It can be administered within OpenEMR in the admin->acl menu. This is very powerful access control software. To learn more about phpGACL diff --git a/setup.php b/setup.php index 86e06f12c..29e798025 100644 --- a/setup.php +++ b/setup.php @@ -17,8 +17,10 @@ $gaclConfigFile2 = "gacl/gacl.class.php"; $gaclWritableDirectory = "gacl/admin/templates_c"; $gaclSetupScript1 = "./gacl/setup.php"; $gaclSetupScript2 = "./acl_setup.php"; +$requiredDirectory1 = "interface/main/calendar/modules/PostCalendar/pntemplates/compiled"; +$requiredDirectory2 = "interface/main/calendar/modules/PostCalendar/pntemplates/cache"; $writableFileList = array($conffile, $gaclConfigFile1, $gaclConfigFile2); -$writableDirList = array($gaclWritableDirectory); +$writableDirList = array($gaclWritableDirectory, $requiredDirectory1, $requiredDirectory2); include_once($conffile); ?> @@ -51,18 +53,7 @@ include_once($conffile);

In order to take full advantage of the documents capability you @@ -324,13 +315,7 @@ if ($upgrade != 1) { fclose($fd);*/ flush(); } -echo "\n
Next step will ensure the following files or directories are world-writeable:
\n"; -foreach ($writableFileList as $tempFile) { - echo " 'openemr/$tempFile' file
"; -} -foreach ($writableDirList as $tempDir) { - echo " 'openemr/$tempDir' directory
"; -} +echo "\n
Next step will finalize SQL setup and install/configure access controls (php-GACL).
\n"; echo "

\n @@ -350,54 +335,8 @@ break; case 4: echo "Step $state

\n"; -echo "Checking to ensure files are ready...
"; +echo "Writing SQL configuration file and setting up access controls(php-GACL)...

"; -//ensure required files and directories are writable before moving on -$errorWritable = 0; -foreach ($writableFileList as $tempFile) { - if (is_writable($tempFile)) { - echo "'openemr/$tempFile' file is ready.
"; - } - else { - echo "
UNABLE to open configuration file 'openemr/$tempFile' for writing.
"; - echo "(ensure 'openemr/$tempFile' file is world-writeable)

"; - flush(); - $errorWritable = 1; - } -} - -foreach ($writableDirList as $tempDir) { - if (is_writable($tempDir)) { - echo "'openemr/$tempDir' directory is ready.
"; - } - else { - echo "
UNABLE to open directory 'openemr/$tempDir' for writing.
"; - echo "(ensure 'openemr/$tempDir' directory is world-writeable)

"; - flush(); - $errorWritable = 1; - } -} -if ($errorWritable) { - echo "You can't proceed until all files are ready.
"; - echo "Fix above file permissions and then click the 'Check Again' button to re-check files.
"; - flush(); - echo " - \n - - - - - - - - -
\n -

\n"; - break; -} - -//passed all file tests, now can write sql configuration and configure php-GACL -echo "
Files are all ready, now writing SQL Configuration to disk and configuring access controls (php-GACL)...

"; echo "Writing SQL Configuration...
"; @touch($conffile); // php bug $fd = @fopen($conffile, 'w'); @@ -551,6 +490,68 @@ echo "Welcome to OpenEMR. This utility will step you through the configuration Echo "

If you are upgrading from a previous version, please read the README file.

"; +echo "We will now ensure correct file permissions and directories before starting installation:

\n"; +echo "Ensuring following files are world-writable...
\n"; +$errorWritable = 0; +foreach ($writableFileList as $tempFile) { + if (is_writable($tempFile)) { + echo "'openemr/$tempFile' file is ready.
"; + } + else { + echo "
UNABLE to open file 'openemr/$tempFile' for writing.
"; + echo "(ensure 'openemr/$tempFile' file is world-writeable)
"; + $errorWritable = 1; + } +} +if ($errorWritable) { + echo "
You can't proceed until all above files are ready.
"; + echo "Fix above file permissions and then click the 'Check Again' button to re-check files.
"; + echo "In linux, recommend changing file permissions temporarily with the 'chmod 666 filename' command.
"; + echo "



\n"; + break; +} + +echo "
Ensuring following directories exist...
\n"; +$errorWritable = 0; +foreach ($writableDirList as $tempDir) { + if (file_exists($tempDir)) { + echo "'openemr/$tempDir' directory exists.
"; + } + else { + echo "
UNABLE to find directory 'openemr/$tempDir'.
"; + echo "(please create 'openemr/$tempDir' directory)
"; + $errorWritable = 1; + } +} +if ($errorWritable) { + echo "
You can't proceed until all above directories exist.
"; + echo "Add above marked directories and then click the 'Check Again' button to re-check for directories.
"; + echo "In linux, recommend using the 'mkdir directory_name' command

\n"; + echo "


\n"; + break; +} + +echo "
Ensuring following directories have proper permissions...
\n"; +$errorWritable = 0; +foreach ($writableDirList as $tempDir) { + if (is_writable($tempDir)) { + echo "'openemr/$tempDir' directory is ready.
"; + } + else { + echo "
UNABLE to open directory 'openemr/$tempDir' for writing.
"; + echo "(ensure 'openemr/$tempDir' directory is world-writeable)
"; + $errorWritable = 1; + } +} +if ($errorWritable) { + echo "
You can't proceed until all directories are ready.
"; + echo "Fix above directory permissions and then click the 'Check Again' button to re-check directories.
"; + echo "In linux, recommend changing owners of directories permanently to the web server. For example, in many linux OS's the web server user is 'apache', 'nobody', or 'www-data'. So if 'apache' were the web server user name, could use the command 'chown -R apache:apache directory_name' command.

\n"; + echo "


\n"; + break; +} + +echo "

All required files and directories have been verified. Click to continue installation.
\n"; echo "


"; -- 2.11.4.GIT