root / pykota / trunk / docs / installation.sgml @ 1148

Revision 1104, 20.4 kB (checked in by jalet, 21 years ago)

Typo which wasn't

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
Line 
1<!-- $Id$ -->
2
3<chapter>
4  <title id="installation">Installation</title>
5 
6  <para>Last modified on $Date$</para>
7 
8  <para>
9    Before being able to use <application>PyKota</application>, you have of course to
10    install it first. But before installing, you must carefully plan your installation.
11  </para>
12 
13  <para>
14    First you have to determine which machine will be the <application>PyKota</application>
15    <firstterm>Storage Server</firstterm>. The Storage Server is the host responsible
16    for keeping a centralized database of print usage for all your printers, users and groups.
17  </para>
18 
19  <para>
20    Then you have to list all the <firstterm>Print Servers</firstterm> for which
21    you plan to use <firstterm>print quota</firstterm> facilities.
22  </para>
23 
24  <para>
25    Finally you have to download <application>PyKota</application>'s latest version
26    or buy an official package, from
27    <ulink url="http://www.librelogiciel.com/software/">http://www.librelogiciel.com/software/</ulink>.
28    If you've just bought an official package, then as soon as you've receive it you
29    have to decompress and visit its archive, to do so just type the following commands :
30    <screen>
31jerome@nordine:~$ tar -zxf pykota-1.14_official.tar.gz   
32jerome@nordine:~$ cd pykota-1.14_official
33jerome@nordine:~/pykota-1.14_official$
34    </screen>
35  </para>
36 
37  <para>
38    You can see many files in this directory, the first ones to read are <filename>README</filename>,
39    then <filename>COPYING</filename> and <filename>LICENSE</filename>. They will give you
40    basic installation instructions and explain the licensing terms under which
41    <application>PyKota</application> is distributed. Of course they are also mostly
42    boring to read ! Detailed installation and operating instructions are defined
43    in the <filename>./docs</filename> directory, in the form of <acronym>SGML</acronym>
44    documentation in the <ulink url="http://www.docbook.org">DocBook</ulink> format.
45    You have to compile these files into readable documentation like the <acronym>HTML</acronym>
46    or <acronym>PDF</acronym> formats, or buy an official <application>PyKota</application> package
47    which already contains these compiled forms of the documentation.
48  </para>
49 
50  <para>
51    Now we will see what has to be done on each of the servers we are planning to use.
52    <note>
53      <title>Note</title>
54      <para>
55        Of course, depending on the size of your network, you may very well
56        use the same machine as both a Print Server and a Storage Server.
57        This is especially the case if you've got only one server.
58      </para>
59    </note> 
60  </para>
61 
62  <sect1>
63    <title>Storage Server Installation</title>
64   
65    <para>
66      Depending on <application>PyKota</application>'s version number, different
67      types of storage backends may be supported, so we will see for each one of
68      them how to configure it.
69    </para>
70   
71    <sect2>
72      <title>PostgreSQL</title>
73     
74      <para>
75        <application>PostgreSQL</application> is an <firstterm>Object Relationnal DataBase
76        Management System</firstterm> distributed under a <firstterm>Free Software</firstterm>
77        license from the
78        <ulink url="http://www.postgresql.org">http://www.postgresql.org</ulink>
79        web site. It certainely is the free <acronym>RDBMS</acronym> which has the most advanced
80        features, and is widely used all over the world.
81      </para>
82     
83      <para>
84        To configure your Storage Server, you must have PostgreSQL already working.
85        The complete installation of <application>PostgreSQL</application> is not covered by
86        the present manual, please refer to your system's documentation or to
87        <ulink url="http://www.postgresql.org">http://www.postgresql.org</ulink> for
88        details.
89      </para>
90     
91      <para>
92        One thing you have to check, though, is that every Print Server on which you
93        want to install the print quota mechanism, must be able to connect to the
94        <application>PostgreSQL</application> server. In the default installation of
95        <application>PostgreSQL</application> this may not be the case for security reasons, except if both
96        servers are in fact the same machine. In any case, it is recommended that you
97        check the <filename>/etc/postgresql/pg_hba.conf</filename> file and modify it if
98        needed. This file is self documented and its modification is straightforward.
99        You also have to make sure that <application>PostgreSQL</application> accepts <acronym>TCP/IP</acronym> connections.
100        To do so you either have to launch it with the <option>-i</option> option or
101        modify the <filename>/etc/postgresql/postgresql.conf</filename> file, which is
102        self documented and easy to modify too.
103        <tip>
104          <title>Tip</title>
105          <para>
106            Don't forget to restart <application>PostgreSQL</application> if you modify
107            any of its configuration files, in order for the changes to take effect.
108          </para>
109        </tip> 
110      </para>
111     
112      <para>
113        Be careful, you may be unable to connect from a Print Server to the <application>PostgreSQL</application>
114        server even if the configuration is correct. Sometimes your connections may be blocked by
115        one or more network firewalls along the route from one machine to the other. If this
116        is the case, then the best thing you can do is to ask your <firstterm>Network Administrator</firstterm>
117        to not filter the IP port used by <application>PostgreSQL</application>, which is
118        usually port <literal>5432/tcp</literal>.
119        <note>
120          <title>Note</title>
121          <para>
122            The TCP/IP network port used by PostgreSQL may be different. When in doubt, ask your
123            <firstterm>System Administrator</firstterm> for the correct value.
124          </para>
125        </note> 
126      </para>
127     
128      <para>
129        Now that your <application>PostgreSQL</application> server is up and running, and
130        is waiting for your connections, you have to create the Quota Storage DataBase.
131        To do so, you'll have to feed <application>PostgreSQL</application> with the
132        <filename>pykota-x.xx/initscripts/postgresql/pykota-postgresql.sql</filename> file.
133        This file will create a Quota DataBase administrator in the <application>PostgreSQL</application> system, then create an empty
134        Quota DataBase and set some permissions on it. The Quota DataBase administrator
135        is the <application>PostgreSQL</application>'s user used to manage the Quota database.
136        The Quota DataBase Administrator is not present in the Quota Database
137        itself, he is only defined in <application>PostgreSQL</application> and don't
138        have to exist on any system, nor in the Quota DataBase. His default names
139        is <literal>pykotaadmin</literal>.
140        A Quota Storage read-only user is also created under the name of <literal>pykotauser</literal>.
141        This read-only user is used by <application>PyKota</application> to connect to the
142        Quota Storage when a non-root user launches a pykota command. This prevents normal
143        users from being able to modify their own, or other users', quota information.
144        The database which will be created will be named <literal>pykota</literal> by default.
145        <note>
146          <title>Note</title>
147          <para>
148            You can choose other names if you want, just modify the
149            <filename>initscripts/postgresql/pykota-postgresql.sql</filename> file
150            accordingly, and report your changes into <application>PyKota</application>'s
151            configuration file.
152          </para>
153        </note> 
154      </para>
155     
156      <para>
157        To run this script, you can use the <application>psql</application> frontend to
158        <application>PostgreSQL</application>, but your priviledges must be sufficient
159        to be allowed to create users and databases. You can launch <application>psql</application>
160        as the <literal>postgres</literal> user which is <application>PostgreSQL</application>'s
161        default administrator, and connect to the default database named <literal>template1</literal>.
162        From a command line interpreter (i.e. shell), type the following commands :
163        <screen>
164jerome@nordine:~$ cd pykota-1.14_official/initscripts/postgresql
165jerome@nordine:~/pykota-1.14_official/initscripts$ psql -h localhost -U postgres template1
166Welcome to psql, the PostgreSQL interactive terminal.
167
168Type:  \copyright for distribution terms
169       \h for help with SQL commands
170       \? for help on internal slash commands
171       \g or terminate with semicolon to execute query
172       \q to quit
173
174template1=# \i pykota-postgresql.sql
175            ... a lot of output lines
176pykota=#       
177        </screen>
178      </para>
179     
180      <para>
181        For security reasons, you may want to set passwords in
182        <application>PostgreSQL</application> for the
183        <literal>pykotaadmin</literal> and <literal>pykotauser</literal> users.
184        Otherwise any user able to connect to
185        <application>PostgreSQL</application> on your Quota Storage Server
186        could connect to the quota database, and either see it, or even modify it without problem.
187      </para>
188     
189      <para>
190        To do so, just type the following lines while still being at the <application>psql</application>
191        prompt (replace the password values by your own, and do the same for the <literal>pykotauser</literal> user) :
192        <screen>
193pykota=# ALTER USER pykotaadmin PASSWORD 'somepassword';
194ALTER USER
195pykota=# \q
196jerome@nordine:~/pykota-1.14_official/initscripts/postgresql$
197        </screen>
198      </para>
199     
200      <para>
201        The <literal>\q</literal> command above will quit the <application>psql</application>
202        program and return you to the shell's command line prompt.
203      </para>
204     
205      <para>
206        To improve security further, you could encrypt your database connections, or
207        take any other step as needed. Please refer to <application>PostgreSQL</application>'s
208        documentation for details. Also if <application>PyKota</application>'s configuration
209        file <filename>/etc/pykota/pykotadmin.conf</filename> is readable by anyone with access on your file system, a local user could
210        create some script to modify his own print quota.
211        <warning>
212          <title>Warning</title>
213          <para>
214            Defining passwords may not be sufficient if your database access rule is
215            set to <literal>trust</literal> in the <filename>/etc/postgresql/pg_hba.conf</filename>.
216            Again, please refer to <application>PostgreSQL</application>'s documentation
217            for details. Also, passwords will fly unencrypted over the network by default,
218            so be sure to take any necessary step to secure your database server from
219            unauthorized use. This has nothing to do with <application>PyKota</application>
220            though, it is just a general rule to keep in mind.
221          </para>
222        </warning> 
223      </para>
224     
225      <para>
226        If no error occured, then your Quota DataBase is ready to be used.
227        Now you can let the Quota Storage Server alone, the remaining work
228        will have to be done on each one of the print servers which will
229        use this particular Quota Storage Server.
230        <tip>
231          <title>Tip</title>
232          <para>
233            If an error occured, maybe your PostgreSQL version is too old, or
234            an unexpected problem (like a bug) happened. Please send me an email so that I
235            can try to solve the problem. Thanks in advance.
236          </para>
237        </tip> 
238      </para>
239     
240    </sect2> 
241   
242    <sect2>
243      <title>LDAP</title>
244     
245      <para>
246        From version 1.09 on, <application>OpenLDAP</application> can be used as a Quota Storage Backend.
247        It is possible that other LDAP servers can be used, but this is currently untested.
248      </para>
249     
250      <para>
251        To use <application>OpenLDAP</application> as your Quota Storage Backend, you have to copy the
252        <filename>pykota/initscripts/ldap/pykota.schema</filename> in <application>OpenLDAP</application>'s
253        schemas directory.
254        Under Debian GNU/Linux, this is something like :
255        <screen>       
256$ cp pykota.schema /etc/ldap/schema
257        </screen>
258     </para>
259     <para>   
260       Then edit <filename>/etc/ldap/slapd.conf</filename> and add a line to   
261       include the PyKota schema. You should have something
262       like :
263       <screen>   
264# Schema and objectClass definitions
265include         /etc/ldap/schema/core.schema
266include         /etc/ldap/schema/cosine.schema
267include         /etc/ldap/schema/nis.schema
268include         /etc/ldap/schema/inetorgperson.schema
269include         /etc/ldap/schema/pykota.schema
270        </screen>       
271      </para>
272      <para>
273        Finally, restart the <application>OpenLDAP</application> server :   
274        <screen>   
275$ /etc/init.d/slapd restart
276        </screen>
277      </para>
278     
279      <para>
280        Then you have to modify PyKota's configuration files <filename>/etc/pykota/pykota.conf</filename>
281        and <filename>/etc/pykota/pykotadmin.conf</filename>
282        to include LDAP specific options. You may want to give a look at
283        <filename>pykota/conf/pykota.conf.sample</filename> to see all the options that are
284        needed. Adapt the values to your own configuration, and finally initialize your
285        Quota Storage with the help of the <application>edpykota</application> command.
286      </para>
287    </sect2> 
288   
289    <sect2>
290      <title>MySQL</title>
291     
292      <para>
293        A <application>MySQL</application> Storage Backend is planned, but it actually
294        doesn't exist.
295      </para>
296    </sect2> 
297   
298    <sect2>
299      <title>Berkeley DB</title>
300     
301      <para>
302        A <application>Berkeley DB</application> Storage Backend is planned, but it actually
303        doesn't exist. It seems that remote storage won't be possible with such a backend,
304        so in other terms this means that you will have a different quota database on
305        each print server. This may still prove to be useful for small configurations.
306      </para>
307    </sect2> 
308  </sect1> 
309 
310  <sect1>
311    <title>Print Server Installation</title>
312   
313    <para>
314      For each Print Server on which you plan to implement the print quota
315      mechanism, you have, of course, to have an already working printing environment.
316      Currently <application>PyKota</application> works with either the
317      <ulink url="http://www.cups.org"><application>CUPS</application></ulink>
318      or the <ulink url="http://lprng.sourceforge.net"><application>LPRng</application></ulink>,
319      but more may be added in the future.
320    </para>
321   
322    <para>
323      Here's the list of software you have to install on each Print Server, version numbers
324      are given as an indication of which was successfully tested, but older versions may
325      work too.
326      <itemizedlist>
327        <listitem>
328          <para>
329            <application>CUPS</application> version 1.1 or above, or <application>LPRng</application>
330            version 3.8.20 or above (it probably works with older versions but this is untested).
331            You can download them from <ulink url="http://www.cups.org">http://www.cups.org</ulink>
332            or <ulink url="http://lprng.sourceforge.net">http://lprng.sourceforge.net</ulink>
333          </para>
334        </listitem> 
335        <listitem>
336          <para>
337            Python version 2.1 or above.
338            You can download it from <ulink url="http://www.python.org">http://www.python.org</ulink>.
339          </para>
340        </listitem> 
341        <listitem>
342          <para>
343            Quota Storage client libraries, depending on your Quota Storage Backend :
344            <itemizedlist>
345              <listitem>
346                <para>
347                  PostgreSQL backend :
348                  <itemizedlist>
349                    <listitem>
350                      <para>
351                        <application>PostgreSQL</application> client libraries. They must match the <application>PostgreSQL</application>
352                        version used on your Quota Storage Server.
353                      </para>
354                    </listitem> 
355                    <listitem>
356                      <para>
357                        The <application>PygreSQL</application> python module.
358                        It must match the
359                        <application>PostgreSQL</application> client libraries'
360                        version, as well as Python's version.
361                      </para>
362                    </listitem> 
363                  </itemizedlist> 
364                </para>
365              </listitem> 
366              <listitem>
367                <para>
368                  LDAP backend : TODO
369                </para>
370              </listitem>
371              <listitem>
372                <para>
373                  MySQL backend : TODO
374                </para>
375              </listitem>
376              <listitem>
377                <para>
378                  Berkeley DB backend : TODO
379                </para>
380              </listitem>
381            </itemizedlist> 
382          </para>
383        </listitem> 
384        <listitem>
385          <para>
386            <application>ucd-snmp</application> or <application>net-snmp</application> tools, version 4.2.5 or above. You only need
387            the <application>snmpget</application> command.
388            You can download them from <ulink url="http://www.sourceforge.net/projects/net-snmp/">http://www.sourceforge.net/projects/net-snmp/</ulink>.
389            You only need this if you plan to query your printers for their internal page counter via SNMP.
390          </para>
391        </listitem> 
392        <listitem>
393          <para>
394            <application>netatalk</application> version 1.6.1 or above. You only need
395            the <application>pap</application> command.
396            You can download them from <ulink url="http://netatalk.sourceforge.net/">http://netatalk.sourceforge.net/</ulink>.
397            You only need this if you plan to query your printers for their internal page counter via AppleTalk.
398          </para>
399        </listitem> 
400        <listitem>
401          <para>
402            eGenix' mxDateTime Python module version 2.0.3 or above. It must match your default Python version.
403            You can download it from <ulink url="http://www.egenix.com">http://www.egenix.com</ulink>.
404          </para>
405        </listitem> 
406      </itemizedlist> 
407    </para>
408  </sect1> 
409</chapter>
410
411<!--
412
413$Log$
414Revision 1.20  2003/07/25 13:20:32  jalet
415Typo which wasn't
416
417Revision 1.19  2003/07/25 13:18:44  jalet
418Typos
419
420Revision 1.18  2003/07/25 10:41:29  jalet
421Better documentation.
422pykotme now displays the current user's account balance.
423Some test changed in ldap module.
424
425Revision 1.17  2003/06/30 21:44:18  jalet
4261.09 is out !
427
428Revision 1.16  2003/06/24 21:37:05  jalet
429Minor changes
430
431Revision 1.15  2003/06/10 16:37:54  jalet
432Deletion of the second user which is not needed anymore.
433Added a debug configuration field in /etc/pykota.conf
434All queries can now be sent to the logger in debug mode, this will
435greatly help improve performance when time for this will come.
436
437Revision 1.14  2003/06/05 07:12:29  jalet
438Reorganization of directories
439
440Revision 1.13  2003/04/24 21:09:47  jalet
441Documentation slightly improved.
442
443Revision 1.12  2003/04/17 21:33:16  jalet
444Version 1.03 is out.
445
446Revision 1.11  2003/03/25 09:32:06  jalet
447Improved documentation.
448
449Revision 1.10  2003/03/23 17:59:56  jalet
450Clarify a point.
451
452Revision 1.9  2003/03/23 17:57:20  jalet
453Deleted a repetition.
454
455Revision 1.8  2003/03/22 15:34:50  jalet
456More complete installation documentation.
457
458Revision 1.7  2003/03/22 14:26:45  jalet
459Download instructions added.
460
461Revision 1.6  2003/03/22 14:06:02  jalet
462Quota Storage Server installation is OK for PostgreSQL.
463
464Revision 1.5  2003/03/22 13:11:33  jalet
465The port on which the Quota Storage Sever is listening can now
466be set in the configuration file (see sample).
467Better error handling if PygreSQL is not installed.
468Improved documentation.
469Version number changed to 1.02alpha
470
471Revision 1.4  2003/03/22 07:20:38  jalet
472More information wrt PostgreSQL tcp/ip configuration.
473
474Revision 1.3  2003/03/18 22:18:25  jalet
475The documentation will only be a sequence of chapters in a single part, not
476multiple parts each including chapters.
477
478Revision 1.2  2003/03/18 22:10:54  jalet
479Documentation improvements.
480
481Revision 1.1  2003/02/08 00:03:35  jalet
482Documentation skeleton added
483
484
485-->
Note: See TracBrowser for help on using the browser.