Hi, I am trying to promote Koha here in Denmark. We have a large number of small private schools for whick Koha is just great. However, often they do not have a lot of knowhow on Linux terminal (or nothing at all). Here the Live-DVD is really great. Starting with that, I try to make step-by-step guides (on my site koha.dk) to help people without any preconditions to get started. One of the major remaining obstacles is the need to change the master password katikoan. I have made a guide on this and I think most people should be able to handle it. However, it made me wonder, if this obstacle could be avoided? One possibility would off course be to let people enter their own password during the installation from the live-DVD, but that would probably complicate the installation proces and I like that to be as simple as possible. Therefore I had another idea, but I dont know, if this is at all possible. Could the "scope" of the users be limited? What I would like was, if this master-user (with password katikoan) would only work, if you sit and log in directly at the server (not across any network). Then you would install koha on the server, log in there and create at least one admin-user. Then you could use this to log in from somewhere else and continue from there. In this case there would be no need to change katikoan, because nobody from outside could use it. Maybe this could be extended. When you create admin-users, you may give them different permissions. Maybe these could be dependent on whether you log in at the server, from the local network or across the Internet. I think this could increase the general security? At least I could easily imagine cases, where a user should have admin-rights only, when sitting inside the house at the local network. -- Venlig hilsen Lars J. Helbo Borgergade 44, Sall DK-8450 Hammel tlf+fax: (+45) 8696 9315 lars@helbo.org www.helbo.org
Hello Lars, On Tue, May 21, 2013 at 2:05 PM, Lars J. Helbo <lars@helbo.org> wrote:
<snipped>
One of the major remaining obstacles is the need to change the master password katikoan
The password is simply the mysql db passwd. So, IMHO the simplest thing would be as follows: 1. write a bash script to change the mysql db password 2. update the koha-conf.xml with the new password, using sed for example, called when 1 is completed. 3. Unpack the ISO, place your script(s) and remaster the ISO. Test in a VM. Rinse and repeat until it works perfectly. cheers -- Indranil Das Gupta Phone : +91-98300-20971 Blog : http://indradg.randomink.org/blog IRC : indradg on irc://irc.freenode.net Twitter : indradg -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=-=- Please exchange editable Office documents only in ODF Format. No other format is acceptable. Support Open Standards. For a free editor supporting ODF, please visit LibreOffice - http://www.documentfoundation.org
Greetings, The Live-DVD is great for testing and demonstrating. A package installation is better for production use. When you install packages, the password is auto-magically created as part of the install process. Assuming your instance name is library, the command typically used to figure out what the password is before going into the web installation step is: $ sudo xmlstarlet sel -t -v 'yazgfs/config/pass' /etc/koha/sites/library/koha-conf.xml Just change 'library' to whatever you call your instance. Step-by-step guides are nice, but with the tendency for people to proliferate them all over the internet, this tends to lead towards a lot of outdated guides all over the place. And this leads to people following outdated instructions while trying to install current versions. This is generally a bad thing. If these are Live-DVD instructions, I would recommend you teaming with the person making the Live-DVD so that the instructions are together with the product for which they are intended. This will limit proliferation of older instructions. As for your idea to limit the system user to only localhost is possible, but you would also have to consider various networking configurations such as proxies. Because of this complication, I don't foresee anyone spending time on it, but you are always welcome to supply a patch to Koha. And lastly, I in no way reflect the final word on anything. :) GPML, Mark Tompsett
Greetings, all, We're on a fairly tight deadline to switch from Horizon to Koha, and my knowledge of Linux is growing but not sufficient to manage a full install from packages, so I'm using Vimar Kumal's Live-DVD to set up our system. So far, I've set up two test systems that are working smoothly, and I'll start working on the production system later this week. I've been able to install Xubuntu updates and upgrade to Koha 3.10.5 without many problems. For a small library collection (5000 bibs, 20000+ items), it's been great. (Note: Vimar's message that he's creating a 3.12 DVD came through as I was typing this. Oh well. I think we'll stick with 3.10.5 for a while.) A couple of weeks ago, I posted a message about a couple of problems I was having with the OPAC. Then I got distracted by some other work and only got back to the problems recently. Here are my solutions: On the individual item display, the "Item type" field was blank. On my setup, this field is controlled by CCODE in Authorized Values. I added our item types to CCODE, but they still didn't show up. Then I broke our collection into barcodes by item type and did a bulk item modification for each type. Worked like a charm. The second and more frustrating problem was that on the search results screen with multiple items, each item showed nothing available, even though they definitely were. Checking the item out and back in again didn't work.I checked the list archives and found that the way to fix this was to run fix_onloan.pl in the migration tools directory, but I wasn't having any success getting it to run. A friend helped me figure out the process: from any terminal window, type the following: export KOHA_CONF=/etc/koha/sites/library/koha-conf.xml sudo chmod a=rw koha-conf.xml perl -I/usr/share/koha/lib -I/usr/share/koha/lib/C4 /usr/share/koha/bin/migration_tools/fix_onloan.pl That made it possible to fix the problem by checking items out and back in, but checking out each item one-by-one is a bit cumbersome even for a small library like ours. Eventually I hit on the idea of putting a batch of barcodes in .koc format, creating a special staff account (998) to check them out to, and uploading the .koc file. The file's contents looks something like this: Version=1.0 Generator=kocQt4 GeneratorVersion=1.0 2013-05-20 13:29:45 265 issue 998 32975000117403 2013-05-20 13:29:45 265 issue 998 32975000115803 2013-05-20 13:29:45 265 issue 998 32975000108063 2013-05-20 13:29:45 265 issue 998 32975000012059 but a lot longer. Then I called up user 998 in the checkin screen, clicked on "return all" and the problem was solved. Yes, they're both clumsy and inelegant solutions, but they work. Any suggestions for a better way to do either are welcome. Fred King Medical Librarian, MedStar Washington Hospital Center fred.king@medstar.net 202-877-6221 -----Original Message----- From: koha-bounces@lists.katipo.co.nz [mailto:koha-bounces@lists.katipo.co.nz] On Behalf Of Mark Tompsett Sent: Tuesday, May 21, 2013 7:51 AM To: Lars J. Helbo Cc: koha@lists.katipo.co.nz Subject: Re: [Koha] Master-password (katikoan) and Live-DVD Greetings, The Live-DVD is great for testing and demonstrating. A package installation is better for production use. When you install packages, the password is auto-magically created as part of the install process. Assuming your instance name is library, the command typically used to figure out what the password is before going into the web installation step is: $ sudo xmlstarlet sel -t -v 'yazgfs/config/pass' /etc/koha/sites/library/koha-conf.xml Just change 'library' to whatever you call your instance. Step-by-step guides are nice, but with the tendency for people to proliferate them all over the internet, this tends to lead towards a lot of outdated guides all over the place. And this leads to people following outdated instructions while trying to install current versions. This is generally a bad thing. If these are Live-DVD instructions, I would recommend you teaming with the person making the Live-DVD so that the instructions are together with the product for which they are intended. This will limit proliferation of older instructions. As for your idea to limit the system user to only localhost is possible, but you would also have to consider various networking configurations such as proxies. Because of this complication, I don't foresee anyone spending time on it, but you are always welcome to supply a patch to Koha. And lastly, I in no way reflect the final word on anything. :) GPML, Mark Tompsett _______________________________________________ Koha mailing list http://koha-community.org Koha@lists.katipo.co.nz http://lists.katipo.co.nz/mailman/listinfo/koha CONFIDENTIAL: The information contained in this communication, including its attachments, may contain confidential information and is intended only for the individual(s) or entity(ies) to whom it is addressed. The information contained in this communication may also be protected by legal privilege, federal law or other applicable law. If you are not the intended recipient of this communication, you are hereby notified that any distribution, dissemination or duplication of this communication is strictly prohibited. If you have received this communication in error please immediately delete and destroy all copies of this message and please immediately notify us of the error by separate communication. Thank you.
my knowledge of Linux is growing but not sufficient to manage a full install from packages, so I'm using Vimar Kumal's Live-DVD to set up our system.
I'm not an installation expert, but based on what smarter people than I have said, using the Live DVD instead of packages for production use is a mistake for at least a couple of reasons: First, not many Koha folks use the Live DVD, especially not the developers. This will make it difficult for you to get support in the long run. Second, the packages should make your life much easier in the long run because of the ease of handling maintenance and upgrades. If you're looking for help getting Koha set up, I suggest trying again with the packages and asking questions here or in the Koha IRC channel. Push through whatever difficulty you're having now and get yourself to a better place for long-term maintainability. -- Owen -- Web Developer Athens County Public Libraries http://www.myacpl.org
Den 21-05-2013 15:27, Owen Leonard skrev:
I'm not an installation expert, but based on what smarter people than I have said, using the Live DVD instead of packages for production use is a mistake for at least a couple of reasons: First, not many Koha folks use the Live DVD, especially not the developers. This will make it difficult for you to get support in the long run. Second, the packages should make your life much easier in the long run because of the ease of handling maintenance and upgrades.
You are probably right. The problem is that the potential users that I know of here, will often give up during the manual installation, so they will never get to any long run. -- Venlig hilsen Lars J. Helbo Borgergade 44, Sall DK-8450 Hammel tlf+fax: (+45) 8696 9315 lars@helbo.org www.helbo.org
You are probably right. The problem is that the potential users that I know of here, will often give up during the manual installation, so they will never get to any long run.
Instead of encouraging users to use the Live DVD we should encourage them to take advantage of all the available online resources for getting help. -- Owen -- Web Developer Athens County Public Libraries http://www.myacpl.org
participants (5)
-
Indranil Das Gupta -
King, Fred -
Lars J. Helbo -
Mark Tompsett -
Owen Leonard