Difference between revisions of "X-Cart:Installation"

From X-Cart 4 Classic
Jump to: navigation, search
m (How to manage file permissions on UNIX server?)
(FAQ)
Line 53: Line 53:
 
1. Turn off simple file sharing (in the Explorer menus, under "Folder Options" -> Tab: View), then set the permissions using the normal Security tab in Windows.
 
1. Turn off simple file sharing (in the Explorer menus, under "Folder Options" -> Tab: View), then set the permissions using the normal Security tab in Windows.
  
2. Use a built-in 'cacls' command to allow anonymous user necessary access. This way "simple file sharing" may remain active but still user can be granted necessary privileges.  
+
2. Use a built-in 'cacls' command to allow anonymous user necessary access. This way "simple file sharing" may remain active but still user can be granted necessary privileges.
 
This commandline allows you to change permissions on x-cart directory and all its subdirectories::
 
This commandline allows you to change permissions on x-cart directory and all its subdirectories::
  
cacls c:\inetpub\wwwroot\xcart /E /G <computer>\\IUSR_<computer>:C
+
cacls c:\inetpub\wwwroot\xcart /E /G <computer>\\IUSR_<computer>:C
  
 
The <computer> string should be replaced with the name of your computer.
 
The <computer> string should be replaced with the name of your computer.
  
It is the C at the end after the colon that means setting 'Change' permission.  
+
It is the C at the end after the colon that means setting 'Change' permission.
 
+
 
 
Here is more information on permissions on Windows
 
Here is more information on permissions on Windows
  
The permissions on Windows systems are all selectable with two boxes which are:  
+
The permissions on Windows systems are all selectable with two boxes which are:
  
 
* Allow - Grant the permission.
 
* Allow - Grant the permission.
* Deny - Any denied permission for a group or user will override any allow permission, even if the user is in a group that is granted that permission.  
+
* Deny - Any denied permission for a group or user will override any allow permission, even if the user is in a group that is granted that permission.
  
 
If neither box is checked, the permission is not granted for the user or group, but if the user is in another group that has the permission, it will not be denied. Normally, if a user is a member of several groups that have different levels of permissions to an object, the least restrictive permissions apply unless the user, or one of their groups have the no access box checked for that permission.
 
If neither box is checked, the permission is not granted for the user or group, but if the user is in another group that has the permission, it will not be denied. Normally, if a user is a member of several groups that have different levels of permissions to an object, the least restrictive permissions apply unless the user, or one of their groups have the no access box checked for that permission.
  
'''Standard File and Folder Permissions'''  
+
'''Standard File and Folder Permissions'''
  
 
* Read(R) - View attributes, contents, and permissions. Can synchronize.
 
* Read(R) - View attributes, contents, and permissions. Can synchronize.
Line 82: Line 82:
 
Permissions assigned to directories are inherited (default) by all files and subdirectories that are contained in the directory. The inheritance option, selected by default, may be deselected. Each file or directory has an Access Control List (ACL). To set permissions for additional users or groups, they are added to the ACL of the file or directory. Windows Explorer or the Cacls command line utility can be used to set permissions.
 
Permissions assigned to directories are inherited (default) by all files and subdirectories that are contained in the directory. The inheritance option, selected by default, may be deselected. Each file or directory has an Access Control List (ACL). To set permissions for additional users or groups, they are added to the ACL of the file or directory. Windows Explorer or the Cacls command line utility can be used to set permissions.
  
'''Special File and Folder Permissions'''  
+
'''Special File and Folder Permissions'''
  
On the file or folder properties dialog, click the "Security" tab and the "Advanced" button to assign special file or folder permissions.  
+
On the file or folder properties dialog, click the "Security" tab and the "Advanced" button to assign special file or folder permissions.
  
 
* Traverse Folder/Execute File - .
 
* Traverse Folder/Execute File - .
Line 100: Line 100:
 
* Take Ownership - The user can take ownership of the file, but can't give it back.
 
* Take Ownership - The user can take ownership of the file, but can't give it back.
  
These permissions can be applied to directories, files, and subdirectories with one of the following selections:  
+
These permissions can be applied to directories, files, and subdirectories with one of the following selections:
 
* This folder, subfolders and files
 
* This folder, subfolders and files
 
* This folder only
 
* This folder only
Line 108: Line 108:
 
* Subfolders only
 
* Subfolders only
 
* Files only
 
* Files only
 +
 +
===How to disable PHP safe_mode in Ensim control panel?===
 +
 +
To disable php_safe_mode in the Ensim accounts, create a file named php in the /etc/httpd/conf/site# (replace site# accordingly) with the following lines:
 +
 +
<pre>
 +
<IfDefine vwh_php4_module>
 +
php_admin_flag safe_mode off
 +
</IfDefine>
 +
 +
===How to disable SELinux security restrictions for httpd on Fedora Core & RedHat?===
 +
 +
1. Edit the file '/etc/selinux/SELINUXTYPE/booleans' and add the string
 +
 +
<pre>
 +
httpd_disable_trans=1
 +
</pre>
 +
 +
2. Execute command 'setsebool httpd_disable_trans 1'
 +
 +
3. Restart the Apache 'service httpd restart'
  
 
==Troubleshooting==
 
==Troubleshooting==

Revision as of 12:42, 22 December 2009

Step-by-step guide

Step1

Step2

Step3

FAQ

How to manage file permissions on UNIX server?

If you use UNIX operation system, you should change permissions on some files in order to install X-Cart. During setup X-cart installation wizard needs to modify config.php file, create several directories in xcart directory and populate them with files. That is why it is neccesary to set writable permissions on config.php (chmod 0666 config.php) and xcart directory (chmod 0777 . - dot means current directory, because you may install xcart in a directory with different name, e.g. /shop or /store or in a root directory). X-cart is also using perl scripts to connect to some payment processors and shell script spam.sh to send newsletter; the last 2 commands (chmod 755 admin/spam.sh and chmod 755 payment/*.pl) make these scripts executable. You can use UNIX shell or ftp client to run chmod commands.

If you are unfamiliar with chmod comand here is some info about it:

Chmod command is used to define the users of various groups that have certain permissions to perform an action over a file. There are three basic actions you can carry out over any file: read from it, write to it, and execute it. The basic format for chmod is chmod xyz file.foo. x, y, and z are each a number between 0 and 7. Each number represents permissions given to a group: x is for the user that owns the file, y is for the group that owns the file (normally the user's group), and z is for everybody else. To determine actual values for each number, one uses the following method: start with x = 0. If you want to be able to read from the file, add four. x can be 0 or 4 at this point in time. If you want to be able to write to the file, add two. x can now be 0, 2 (a write-only file), 4 (read-only file), or 6 (read/write file). If you want to be able to execute the program, add one. You now have a full range of possible numbers:

Digit Permissions
0 None - cannot read or write or execute
1 Can execute, but cannot read or write
2 Write-only, cannot read or execute
3 Write-able/executable
4 Read-only, cannot write to or execute
5 Read-only executable, cannot write to
6 Readable Writeable file, but not executable (ie: text file)
7 Readable Writeable Executable file - most programs are this

NOTE: it is insecure to keep config.php file writable for everyone. After the installation, you should change the permissions: chmod 644 config.php

How to configure access file permissions on Windows Server?

When you are installing or updating the software under Windows, the IUSR_<computername> user must be given appropriate permissions on the file system to be able to modify files in the x-cart directory and its subdirectories or to run perl and upgrades etc.

There are several ways to configure permissions:

1. Turn off simple file sharing (in the Explorer menus, under "Folder Options" -> Tab: View), then set the permissions using the normal Security tab in Windows.

2. Use a built-in 'cacls' command to allow anonymous user necessary access. This way "simple file sharing" may remain active but still user can be granted necessary privileges. This commandline allows you to change permissions on x-cart directory and all its subdirectories::

cacls c:\inetpub\wwwroot\xcart /E /G <computer>\\IUSR_<computer>:C

The <computer> string should be replaced with the name of your computer.

It is the C at the end after the colon that means setting 'Change' permission.

Here is more information on permissions on Windows

The permissions on Windows systems are all selectable with two boxes which are:

  • Allow - Grant the permission.
  • Deny - Any denied permission for a group or user will override any allow permission, even if the user is in a group that is granted that permission.

If neither box is checked, the permission is not granted for the user or group, but if the user is in another group that has the permission, it will not be denied. Normally, if a user is a member of several groups that have different levels of permissions to an object, the least restrictive permissions apply unless the user, or one of their groups have the no access box checked for that permission.

Standard File and Folder Permissions

  • Read(R) - View attributes, contents, and permissions. Can synchronize.
  • Write(W) - Can change attributes, and file contents. Can create files or folders. Can synchronize.
  • Read(R) and Execute(E) - Can change sub folders, perform read operations, and execute a file.
  • List Folder Contents - Can perform read and execute permissions on folders. Can view folder contents, attributes, permissions. Can synchronize and change to subfolders.
  • Modify - Perform Read, Execute, and Write permissions along with ability to delete.
  • Full Control - Can perform Modify functions (above), take ownership, and modify permissions.

Permissions assigned to directories are inherited (default) by all files and subdirectories that are contained in the directory. The inheritance option, selected by default, may be deselected. Each file or directory has an Access Control List (ACL). To set permissions for additional users or groups, they are added to the ACL of the file or directory. Windows Explorer or the Cacls command line utility can be used to set permissions.

Special File and Folder Permissions

On the file or folder properties dialog, click the "Security" tab and the "Advanced" button to assign special file or folder permissions.

  • Traverse Folder/Execute File - .
  • List Folder/Read Data - .
  • Read Attributes - The user can read the attributes (archive, compress, hidden, etc.) of the file, but not read the contents of the file.
  • Read Extended Attributes - .
  • Create Files/Write Data - .
  • Create Folders/Append Data - .
  • Write Attributes - .
  • Write Extended Attributes - .
  • Delete Subfolders and Files - .
  • Delete - The user can delete the file.
  • Read Permissions - The user can read the file.
  • Change Permissions - Lets the user change permissions for the file, but not view or change the contents of the file.
  • Take Ownership - The user can take ownership of the file, but can't give it back.

These permissions can be applied to directories, files, and subdirectories with one of the following selections:

  • This folder, subfolders and files
  • This folder only
  • This folder and subfolders
  • This folder and files
  • Subfolders and files only
  • Subfolders only
  • Files only

How to disable PHP safe_mode in Ensim control panel?

To disable php_safe_mode in the Ensim accounts, create a file named php in the /etc/httpd/conf/site# (replace site# accordingly) with the following lines:

<IfDefine vwh_php4_module>
php_admin_flag safe_mode off
</IfDefine>

===How to disable SELinux security restrictions for httpd on Fedora Core & RedHat?===

1. Edit the file '/etc/selinux/SELINUXTYPE/booleans' and add the string 

<pre>
httpd_disable_trans=1

2. Execute command 'setsebool httpd_disable_trans 1'

3. Restart the Apache 'service httpd restart'

Troubleshooting

Error: "Warning no such file or directory: ./COPYRIGHT".

This or similar errors occur if some of X-Cart files are missing. They could be lost during FTP upload to the server or accidentally deleted. You should re-upload X-Cart distribution to your host and try to run installation script again.

Fatal error: Can't connect to the MySQL server" on step 2 of installation

Possible causes are as follows:

a) Incorrect username/password/database name of your MySQL database. You should contact your hosting administrators and ask them to specify correct access information for MySQL database (please note, this information is case sensitive).

b) If your MySQL server and X-Cart are located on different hosts there is a possibility that connection from your host to MySQL server is disabled. You should contact your hosting administrator to ask if there are any restrictions of this kind.

Installation suddenly freezes on step 3 (importing data)

Some mis-configured MySQL servers drop connection when feeding big amount of data from PHP script (during installation X-Cart pumps several megabytes of data into the database). You may try to restart installation process from the beginning. If you still cannot succeed you can install X-Cart manually (look for details in the INSTALL file in the X-Cart distribution or in the corresponding section of X-Cart manual).

Installation error - Warning: opendir(/[xcart_root_dir]/.pgp.def): failed to open dir: No such file or directory in /[xcart_root_dir]/include/install.php on line 599

X-Cart '.pgp.def' folder wasn't extracted from the installation package. You should create this folder manually ('mkdir .pgp.def') and reinstall X-Cart.