Tuesday, July 13, 2010 GLPI, INSTALLATION 2 comments
Step
By Step GLPI Installation Guide for linux
Requirements
1) Working Apache server
2) Working Mysql Server
3) Latest version of GLPI
Step by Step Installation
1) Mysql configuration
Login to mysql server through shell (or webmin). Create database glpidbdb name - glpidb, username - glpiuser , password - glpipwd
#mysql -u root -p ( enter the mysql
root password)
mysql> create database glpidb;
mysql> grant all privileges on
glpidb.* to glpiuser@localhost identified by 'glpipwd';
mysql>
exitLogin to apache server host through shellDownload the latest glpi archive
Un tar glpi-0.72.4.tar.gz in the web root directory
#tar -xvzf glpi-0.72.4.tar.gz -C
/var/www/html/
#cd /var/www/html
#chown -R apache glpi
edit /etc/httpd/conf/httpd.conf and add the following configurations
< VirtualHost 192.168.1.2:* >
DocumentRoot /var/www/html/glpi
ServerName support.example.com
RewriteEngine on
RewriteCond %{REQUEST_METHOD}
^(TRACE|TRACK)
RewriteRule .* - [F]
< Directory
"/var/www/html/glpi" >
DirectoryIndex index.php
< /Directory
>
Options ExecCGI
< /VirtualHost >
Restart apache server
#service httpd restart
Browse your support url http://support.example.com or ip (from remote computer)
for directory access use http://192.168.1.2/glpi ( from local host http://localhost/glpi)
for directory access use http://192.168.1.2/glpi ( from local host http://localhost/glpi)
Click on Installation button
User Name= glpiuser
Password = glpipwd
Step 2
Select the database glpi form the shown list and continue
IPTABLES for fedora Linux
Here I have mentioned the basic configurations for enabling iptables in fedora linux.
Here I have mentioned the basic configurations for enabling iptables in fedora linux.
#iptables -L
will list your current iptables configuration.
To allow established sessions to receive traffic
# iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
You could start by blocking traffic, but you might be working over SSH, where you would need to allow SSH before blocking everything else.
To allow incoming traffic on the default SSH port (22), you could tell iptables to allow all TCP traffic on that port to come in.
# iptables -A INPUT -p tcp --dport ssh -j ACCEPT
Now check the current configuration
# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
For Interface based access for eth0 specify -i eth0
Once we enabled the ssh port.we can drop all other incoming ports.
# iptables -A INPUT -j DROP
Now check the rule
# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
DROP all -- anywhere anywhere
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
DROP all -- anywhere anywhere
In the final step we have to enable loopback interface. After all the traffic has been dropped. We need to insert this rule before that. Since this is a lot of traffic, we'll insert it as the first rule so it's processed first.
#iptables -I INPUT 1 -i lo -j ACCEPT
To enabling logging
# iptables -I INPUT 5 -m limit --limit 5/min -j LOG --log-prefix "iptables denied: " --log-level 7
To save this configuration
# iptables-save > /etc/sysconfig/iptables
or
#service iptables save
or
#service iptables save
#service iptables start
This configuration will enable ssh port and disable all other incoming ports.
IPTABLES for Fedora| Redhat Linux
Basic Setup:
Here I have mentioned the basic configurations for enabling iptables in fedora linux.
Basic Setup:
Here I have mentioned the basic configurations for enabling iptables in fedora linux.
#iptables -L
will list your current iptables configuration.
1) To allow established sessions to receive traffic
# iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
2) You could start by blocking traffic, but you might be working over SSH, where you would need to allow SSH before blocking everything else.
To allow incoming traffic on the default ssh port (22)
# iptables -A INPUT -p tcp --dport 22 -j ACCEPT
To allow incoming traffic on the default Squid port (3128)
# iptables -A INPUT -p tcp --dport 3128 -j ACCEPT
To allow incoming traffic on the default Apache port
# iptables -A INPUT -p tcp --dport 80 -j ACCEPT
To allow incoming traffic on the default samba port
# iptables -A INPUT -p udp --dport 137 -j ACCEPT
# iptables -A INPUT -p udp --dport 138 -j ACCEPT
# iptables -A INPUT -p udp --dport 139 -j ACCEPT
# iptables -A INPUT -p tcp --dport 139 -j ACCEPT
# iptables -A INPUT -p tcp --dport 445 -j ACCEPT
To allow incoming traffic on the default SNMP port (161)
# iptables -A INPUT -p tcp --dport 161 -j ACCEPT
# iptables -A INPUT -p udp --dport 161 -j ACCEPT
Now check the current configuration
# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:http
ACCEPT tcp -- anywhere anywhere udp dpt:netbios-ns
ACCEPT tcp -- anywhere anywhere udp dpt:netbios-dgm
ACCEPT tcp -- anywhere anywhere udp dpt:netbios-ssn
ACCEPT tcp -- anywhere anywhere tcp dpt:netbios-ssn
ACCEPT tcp -- anywhere anywhere tcp dpt:snmp
ACCEPT tcp -- anywhere anywhere udp dpt:snmp
ACCEPT tcp -- anywhere anywhere tcp dpt:microsoft-ds
ACCEPT tcp -- anywhere anywhere tcp dpt:squid
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:http
ACCEPT tcp -- anywhere anywhere udp dpt:netbios-ns
ACCEPT tcp -- anywhere anywhere udp dpt:netbios-dgm
ACCEPT tcp -- anywhere anywhere udp dpt:netbios-ssn
ACCEPT tcp -- anywhere anywhere tcp dpt:netbios-ssn
ACCEPT tcp -- anywhere anywhere tcp dpt:snmp
ACCEPT tcp -- anywhere anywhere udp dpt:snmp
ACCEPT tcp -- anywhere anywhere tcp dpt:microsoft-ds
ACCEPT tcp -- anywhere anywhere tcp dpt:squid
3) Once we enabled the above port.we can drop all other incoming ports.
# iptables -A INPUT -j DROP
Now check the rule
# iptables -L
For Interface based access for eth0 specify -i eth0
4) In the final step we have to enable loopback interface. After all the traffic has been dropped. We need to insert this rule before that. Since this is a lot of traffic, we'll insert it as the first rule so it's processed first.
#iptables -I INPUT 1 -i lo -j ACCEPT
5) To enabling logging
# iptables -I INPUT 5 -m limit --limit 5/min -j LOG --log-prefix "iptables denied: " --log-level 7
6) To save this configuration
# iptables-save > /etc/sysconfig/iptables
or
#service iptables save
or
#service iptables save
#service iptables start
This configuration will enable ssh port and disable all other incoming ports.
To manually edit iptables config
Also you can manual edit /etc/sysconfig/iptables
IP Tables configuration for other Services
1) Iptables for default ldap port
# iptables -A INPUT -p tcp --dport 389 -j ACCEPT
# iptables -A INPUT -p tcp --dport 636 -j ACCEPT
or manually edit /etc/sysconfig/iptables and add the below mentioned line
-A INPUT -p tcp -m tcp --dport 389 -j ACCEPT
2) Iptables for Backup Exec
3) IP tables for smtp
#iptables -A INPUT -p tcp --dport 25 -j ACCEPT
or manually edit /etc/sysconfig/iptables and add the below mentioned line
-A INPUT -p tcp -m tcp --dport 25 -j ACCEPT
4) iptables for smtps
#iptables -A INPUT -p tcp --dport 465 -j ACCEPT
or manually edit /etc/sysconfig/iptables and add the below mentioned line
-A INPUT -p tcp -m tcp --dport 465 -j ACCEPT
5) iptables for pop3 , pop3s
#iptables -A INPUT -p tcp --dport 110 -j ACCEPT
#iptables -A INPUT -p tcp --dport 995 -j ACCEPT
or manually edit /etc/sysconfig/iptables and add the below mentioned line
-A INPUT -p tcp -m tcp --dport 110 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 995 -j ACCEPT
6) iptables for imap , imaps
#iptables -A INPUT -p tcp --dport 143 -j ACCEPT
#iptables -A INPUT -p tcp --dport 993 -j ACCEPT
or manually edit /etc/sysconfig/iptables and add the below mentioned line
-A INPUT -p tcp -m tcp --dport 143 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 993 -j ACCEPT
7) iptables for webmin default port
#iptables -A INPUT -p tcp --dport 10000 -j ACCEPT
or manually edit /etc/sysconfig/iptables and add the below mentioned line
-A INPUT -p tcp -m tcp --dport 1000 -j ACCEPT
8) IPtables for named, domain
#iptables -A INPUT -p tcp --dport 53 -j ACCEPT
#iptables -A INPUT -p udp --dport 53 -j ACCEPT
or manually edit /etc/sysconfig/iptables and add the below mentioned line
-A INPUT -p tcp -m tcp --dport 53 -j ACCEPT
-A INPUT -p udp -m udp --dport 53 -j ACCEPT
9) iptables for TFTP server
#iptables -A INPUT -p udp --dport 69 -j ACCEPT
or manually edit /etc/sysconfig/iptables and add the below mentioned line
-A INPUT -p udp -m udp --dport 69 -j ACCEPT
10) iptable configuration for DHCP server
#iptables -A INPUT -p udp --dport 67 -j ACCEPT
#iptables -A INPUT -p udp --dport 68 -j ACCEPT
or manually edit /etc/sysconfig/iptables and add the below mentioned line
-A INPUT -p udp -m udp --dport 67 -j ACCEPT
-A INPUT -p udp -m udp --dport 68 -j ACCEPT
11) iptables for NFS server- click here
12) iptables for FTP server - click here
13) iptables for NTP server
#iptables -A INPUT -p udp --dport 123 -j ACCEPT
or manually edit /etc/sysconfig/iptables and add the below mentioned line
-A INPUT -p udp -m udp --dport 123 -j ACCEPT
Iptables for NFS server
Step 1
To
enable NFS clients to access NFS server we need to enable the following
services.
a]
TCP/UDP 111 - RPC 4.0 portmapper
b] TCP/UDP 2049 - NFSD (nfs server)
c] Portmap static ports - Dynamic ports defined in /etc/sysconfig/nfs file.
b] TCP/UDP 2049 - NFSD (nfs server)
c] Portmap static ports - Dynamic ports defined in /etc/sysconfig/nfs file.
Port
mapper assigns each NFS service to a port dynamically at service startup time.
Dynamic ports cannot be protected by port filtering firewalls such as iptables.
So we need to configure static ports for port map service
Edit
/etc/sysconfig/nfs and add the below mentioned lines
#vim
/etc/sysconfig/nfs
RQUOTAD_PORT=875
LOCKD_TCPPORT=32803
LOCKD_UDPPORT=32769
MOUNTD_PORT=892
STATD_PORT=662
STATD_OUTGOING_PORT=2020
Save the
file and restart the service
# service portmap
restart
# service nfs restart
# service rpcsvcgssd restart
# service nfs restart
# service rpcsvcgssd restart
Step 2
IP tables configuration for nfs
#iptables -A INPUT -p tcp --dport 110 -j ACCEPT
#iptables -A INPUT
-p udp --dport 110 -j ACCEPT#iptables -A INPUT -p tcp --dport 2049 -j ACCEPT
#iptables -A INPUT -p tcp --dport 662 -j ACCEPT
#iptables -A INPUT -p udp --dport 662 -j ACCEPT
#iptables -A INPUT -p tcp --dport 875 -j ACCEPT
#iptables -A INPUT -p udp --dport 875 -j ACCEPT
#iptables -A INPUT -p tcp --dport 892 -j ACCEPT
#iptables -A INPUT -p udp --dport 892 -j ACCEPT
#iptables -A INPUT -p tcp --dport 32803 -j ACCEPT
#iptables -A INPUT -p udp --dport 32769 -j ACCEPT
Now Save and restart
iptables
# iptables-save >
/etc/sysconfig/iptables
or#service iptables save
Also you can manually edit and /etc/sysconfig/iptables and add the below mentioned line
-A INPUT -p tcp -m tcp
--dport 110 -j ACCEPT
-A INPUT -p udp -m udp --dport 110 -j ACCEPT-A INPUT -p tcp -m tcp --dport 662 -j ACCEPT
-A INPUT -p udp -m udp --dport 662 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 875 -j ACCEPT
-A INPUT -p udp -m udp --dport 875 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 892 -j ACCEPT
-A INPUT -p udp -m udp --dport 892 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 2049 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 32803 -j ACCEPT
-A INPUT -p udp -m udp --dport 32769 -j ACCEPT
IPTABLES
configuration for VSFTPD server
1) Add following lines in /etc/modprobe.conf
alias ip_conntrack
ip_conntract_ftp ip_nat_ftp
#modprobe ip_nat_ftp
2) Allow incoming traffic on the default Ftp port (21)
# iptables -A INPUT -p tcp --dport 21 -j ACCEPT
save this configuration
# iptables-save >
/etc/sysconfig/iptables
or#service iptables save
Restart iptables
#service iptables start
Tuesday, May 18, 2010 IPTABLES, SSH No
comments
How to enable ssh
port in iptables ?
Iptables Basic configuration
Enabling source IP based access
Edit /etc/sysconfig/iptables and add the following lines
#vim /etc/sysconfig/iptables
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [1888:534373]
-A INPUT -i lo -j ACCEPT
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A INPUT -d x.x.x.x/32 -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -j DROPCOMMIT
replace x.x.x.x with your interface ip
Enabling interface based access
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [1888:534373]
-A INPUT -i lo -j ACCEPT
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -j DROPCOMMIT
Restart iptables service
#service iptables restart
Linux iptables configuration for Symantec
Backup Exec
Here I have described , how to enable the backup exec agent ports on Linux iptables configuration
Here I have described , how to enable the backup exec agent ports on Linux iptables configuration
By default Symantec backup exec will be running on dynamic ports . So
we have to manually configure the dynamic port range in the backup exec server.
To configure the dynamic port range manually, follow the below steps.
In the symantec backup exec go to
Tools -- Options
-- Network Security and check Enable remote agent TCP
dynamic port range
and specify the ports range manualy . Port range 31821-32829
Restart the backup exec server
Now login to the linux machine and enable access for this port range (31821-32829) and the Backup Exec agent VRTSralus which is running on the port 10000 (default port for VRTSralus).
If webmin is running on the port 10000, edit /etc/webmin/miniserv.conf and change the default port to 10001
#iptables -A INPUT -p tcp --dport 10000 -j ACCEPT
#iptables -A INPUT -p tcp --dport 32821:32829 -j ACCEPT
Now Save and restart iptables
# iptables-save > /etc/sysconfig/iptables
or
#service iptables save
#service iptables restart
Also you can manually edit and /etc/sysconfig/iptables and add the below mentioned line
-A INPUT -p tcp -m tcp --dport 10000 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 32821:32829 -j ACCEPT
#service iptables save
#service iptables restart
Also you can manually edit and /etc/sysconfig/iptables and add the below mentioned line
-A INPUT -p tcp -m tcp --dport 10000 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 32821:32829 -j ACCEPT
IPTABLES
NAT for fedora linux
If your have two network cards eth0, eth1
lets assume
eth0 is connected to local network
eth1 is connected to public network(or ppp0)
Masquerading
1)To enable nat on eth0 for all local network users
If you are running iptables service, use the following method
#echo 1 > /proc/sys/net/ipv4/ip_forward
#iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
To save this changes
#iptables-save > /etc/sysconfig/iptables
or
#service iptables save
#service iptables restart
This will enable Masquerade. Now you can configure eth0 as the gateway for local network.
If you are not running iptables service
edit /etc/rc.local and add the below lines
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
Then execute the ./rc.local file
2) To enable nat on eth0 for specified network user ips
#echo 1 > /proc/sys/net/ipv4/ip_forward
#iptables -t nat -A POSTROUTING -s x.x.x.x(ip of local user system1) -o eth1 -j MASQUERADE
#iptables -t nat -A POSTROUTING -s x.x.x.x(ip of local user system2) -o eth1 -j MASQUERADE
#iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
Port Redirection
1)To redirect external 80 port traffic to 3128 port
#iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-port 3128
2)To redirect external rdp port traffic to any local systems rdp port.
#iptables -t nat -A PREROUTING -t nat -p tcp -d x.x.x.x(eth1 ip) --dport 3389 -j DNAT --to x.x.x.x(ip of any local network system):3389
or
#iptables -t nat -A PREROUTING -t nat -p tcp -d x.x.x.x(eth1 ip) --dport 3382 -j DNAT --to x.x.x.x(ip of any local network system):3389
If your have two network cards eth0, eth1
lets assume
eth0 is connected to local network
eth1 is connected to public network(or ppp0)
Masquerading
1)To enable nat on eth0 for all local network users
If you are running iptables service, use the following method
#echo 1 > /proc/sys/net/ipv4/ip_forward
#iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
To save this changes
#iptables-save > /etc/sysconfig/iptables
or
#service iptables save
#service iptables restart
This will enable Masquerade. Now you can configure eth0 as the gateway for local network.
If you are not running iptables service
edit /etc/rc.local and add the below lines
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
Then execute the ./rc.local file
2) To enable nat on eth0 for specified network user ips
#echo 1 > /proc/sys/net/ipv4/ip_forward
#iptables -t nat -A POSTROUTING -s x.x.x.x(ip of local user system1) -o eth1 -j MASQUERADE
#iptables -t nat -A POSTROUTING -s x.x.x.x(ip of local user system2) -o eth1 -j MASQUERADE
#iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
Port Redirection
1)To redirect external 80 port traffic to 3128 port
#iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-port 3128
2)To redirect external rdp port traffic to any local systems rdp port.
#iptables -t nat -A PREROUTING -t nat -p tcp -d x.x.x.x(eth1 ip) --dport 3389 -j DNAT --to x.x.x.x(ip of any local network system):3389
or
#iptables -t nat -A PREROUTING -t nat -p tcp -d x.x.x.x(eth1 ip) --dport 3382 -j DNAT --to x.x.x.x(ip of any local network system):3389
Monday, May 03, 2010 ACL, SQUID No
comments
How to enable Time
based access in squid proxy server ?
Below you can find the squid time based access.
Edit squid.conf and add the below mentioned lines
User Based restriction
acl USER1 proxy_auth raj
acl USER2 proxy_auth sam
acl DAY time 08:00-18:00
http_access allow USER1 DAY
http_access deny USER1
http_access allow USER2 !DAY
http_access deny USER2
acl USER2 proxy_auth sam
acl DAY time 08:00-18:00
http_access allow USER1 DAY
http_access deny USER1
http_access allow USER2 !DAY
http_access deny USER2
acl After_Office time SMTWHFA
20:00-24:00
acl Before_Office time SMTWHFA 00:00-08:30
acl Before_Office time SMTWHFA 00:00-08:30
acl Proxy_Afrer8 proxy_auth
user1 user2
http_access deny Before_Office
#(Deny access to all users)
http_access deny After_Office
!Proxy_Afrer8 # (This will exclude user1,user2)
http_access allow ntlm_users
http_access
deny
all
acl IPGROUP01 src 10.1.2.3 10.1.2.4
acl WORKINGHOUR time MTWHF 08:30-17:30
http_access allow IPGROUP01 WORKINGHOUR
http_access deny IPGROUP01
acl WORKINGHOUR time MTWHF 08:30-17:30
http_access allow IPGROUP01 WORKINGHOUR
http_access deny IPGROUP01
Monday, May 03, 2010 ACL, NTLM, SQUID No
comments
How to enable NTLM Auth in squid
proxy server:
Step 1
Configure
samba with winbind support
Step 2
Edit squid.conf and add the following lines
auth_param
ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
auth_param basic program
/usr/bin/ntlm_auth --helper-protocol=squid-2.5-basicauth_param basic realm Squid Proxy server
auth_param basic credentialsttl 2 hour
auth_param basic children 5
auth_param basic casesensitive off
auth_param ntlm children 20
authenticate_cache_garbage_interval 10 seconds
acl
ntlm_users proxy_auth REQUIRED
Restart Squid proxy server
#service
squid restrat
How to Block skype on squid proxy server
Edit squid.conf and add the below mentioned lines. This will allow skype for user1, user 2 and deny for all.
Edit squid.conf and add the below mentioned lines. This will allow skype for user1, user 2 and deny for all.
acl numeric_IPs url_regex -i
^([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)
acl Skype_UA browser ^skype^
acl Skype_Allowed_Users proxy_auth user1 user2
acl Skype_Allowed_Users proxy_auth user1 user2
http_access deny numeric_IPS !Skype_Allowed_Users
http_access deny Skype_UA !Skype_Allowed_Users
http_access allow ntlm_users
http_access deny all
http_access deny Skype_UA !Skype_Allowed_Users
http_access allow ntlm_users
http_access deny all
Install GLPI on a GNU/Linux
Debian
We start by assuming that you have a running Debian Woody on your computer.
Apache, PHP and MySQL
installation
First, install the Apache Web server (wwww.apache.org) As GLPI is programmed in PHP, it is necessary to install the PHP module for Apache.
The use of the apt-get tool will make it easier.
As root (all commands below have to be entered as root) :
hector#
hector# apt-get install apache php4
GLPI uses a MySQL (www.mysql.com) database for its back end, so it is neccessary to install mysql-server and its associated PHP libraries.
hector#
hector# apt-get install mysql-server php4-mysql
First, we have to create a password for the root user of the MySQL server (for evident security reasons).
hector#
hector# mysqladmin -u root password 'password'
hector#mysql -u root -p
enter password : *******
mysql> create database glpidb;
We are also going to create glpiuser user (with a password) and to give it
the necessary rights : hector#
mysql>grant all privileges on glpidb.* to glpiuser@localhost
mysql>identified by 'glpiuser_password';
Download and install GLPI
You now have to download the latest version of GPLI on the http://glpi-project.org
website, “Download” section. (Debian has its own .deb package for GPLI
available via apt-get, however this currently is several revisons behind the
latest release). Then you have to unzip the tarball in the /var/www directory Apache created for you :
hector#
hector#tar -xvzf glpi-X.X.X.tar.gz -C /var/www/
Now you will have to give rights to some folders :
hector#
hector#cd /var/www/glpi
hector#chmod 777 backups/dump glpi/config docs
GLPI Configuration
In your web browser, go to http://your_server/glpi where you should
see a GLPI install page. Follow the step-by-step instructions which will guide you through the install steps. Once the installed has completed you will be presented with the GLPI login page. To re-run this installer, incase of any errors or missed steps above, delete the following file :
- /var/www/glpi/config/config_db.php
No comments:
Post a Comment