RT Manual

为什么80%的码农都做不了架构师？>>>   

RT Manual

一、安装RT

1. linux环境

#cat /etc/issue

Red Hat Enterprise Linux AS release 4 (Nahant Update 4)

2. 管理员登录

以管理员root账号登录

3. 公网配置DNS

A记录

scm7.***.cn -> ***.51.173.94

#nslookup scm7.***.cn

4. 配置time

#crontab -e

0 21 * * * /usr/sbin/ntpdate 10.1.56.203

5. 配置iptables

#vi /etc/sysconfig/iptables

# Firewall configuration written by system-config-securitylevel # Manual customization of this file is not recommended. *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :RH-Firewall-1-INPUT - [0:0] -A INPUT -j RH-Firewall-1-INPUT -A FORWARD -j RH-Firewall-1-INPUT -A RH-Firewall-1-INPUT -i lo -j ACCEPT -A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT -A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT #scm1.***.cn -A RH-Firewall-1-INPUT -s ***.51.173.20 -j ACCEPT #scm2.***.cn -A RH-Firewall-1-INPUT -s ***.51.173.21 -j ACCEPT #scm4.***.cn -A RH-Firewall-1-INPUT -s ***.51.173.23 -j ACCEPT #scm3.***.cn -A RH-Firewall-1-INPUT -s ***.51.173.22 -j ACCEPT #scm6.***.cn -A RH-Firewall-1-INPUT -s ***.51.173.92 -j ACCEPT #scm7.***.cn -A RH-Firewall-1-INPUT -s ***.51.173.94 -j ACCEPT #ruanjianyuan bangongqu -A RH-Firewall-1-INPUT -s ***.51.173.153 -j ACCEPT -A RH-Firewall-1-INPUT -s ***.51.173.154 -j ACCEPT -A RH-Firewall-1-INPUT -s ***.51.173.155 -j ACCEPT -A RH-Firewall-1-INPUT -s ***.51.173.156 -j ACCEPT -A RH-Firewall-1-INPUT -s ***.51.173.157 -j ACCEPT -A RH-Firewall-1-INPUT -s ***.51.173.158 -j ACCEPT -A RH-Firewall-1-INPUT -s ***.51.173.160 -j ACCEPT -A RH-Firewall-1-INPUT -s ***.51.173.165 -j ACCEPT -A RH-Firewall-1-INPUT -s ***.51.173.166 -j ACCEPT -A RH-Firewall-1-INPUT -s ***.51.173.167 -j ACCEPT -A RH-Firewall-1-INPUT -s ***.51.173.168 -j ACCEPT -A RH-Firewall-1-INPUT -s ***.51.173.169 -j ACCEPT -A RH-Firewall-1-INPUT -s ***.51.173.170 -j ACCEPT #ruanjianyuan bangongqu xianzhi daikuan -A RH-Firewall-1-INPUT -s ***.51.173.159 -j ACCEPT #project.***.cn -A RH-Firewall-1-INPUT -s ***.157.98.58 -j ACCEPT -A RH-Firewall-1-INPUT -s ***.157.98.68 -j ACCEPT -A RH-Firewall-1-INPUT -s ***.157.98.62 -j ACCEPT #huilongsen bangongqu -A RH-Firewall-1-INPUT -s ***.249.75.106 -j ACCEPT -A RH-Firewall-1-INPUT -s ***.249.75.107 -j ACCEPT #yizhuang wangtong idc -A RH-Firewall-1-INPUT -s 10.1.0.0/255.255.0.0 -j ACCEPT #yizhuang wangtong idc bangongqu -A RH-Firewall-1-INPUT -s ***.51.173.56 -j ACCEPT #openvpn -A RH-Firewall-1-INPUT -s 192.168.0.0/255.255.0.0 -j ACCEPT -A RH-Firewall-1-INPUT -s ***.10.72.132 -j ACCEPT -A RH-Firewall-1-INPUT -s ***.10.72.133 -j ACCEPT -A RH-Firewall-1-INPUT -s ***.51.173.81 -j ACCEPT #shanghai bangongqu -A RH-Firewall-1-INPUT -s ***.160.165.70 -j ACCEPT -A RH-Firewall-1-INPUT -s ***.160.165.71 -j ACCEPT -A RH-Firewall-1-INPUT -s ***.160.165.66 -j ACCEPT #guangzhou bangongqu -A RH-Firewall-1-INPUT -s ***.62.144.226 -j ACCEPT #shenzhen bangongqu -A RH-Firewall-1-INPUT -s ***.15.143.145 -j ACCEPT #guangzhou idc bangongqu -A RH-Firewall-1-INPUT -s ***.14.9.141 -j ACCEPT -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited COMMIT

6. 本机配置hosts

#vi /etc/hosts

增加如下行

***.51.173.94 scm7.***.cn hgfi

7. 关闭selinux

#vi /etc/selinux/config

修改如下行

SELINUX=disabled

#reboot

8. 安装mysql

#rpm -ivh perl-DBD-MySQL-2.9004-3.1.i386.rpm

#rpm -ivh mysql-bench-4.1.20-1.RHEL4.1.i386.rpm

#rpm -ivh mysqlclient10-devel-3.23.58-4.RHEL4.1.i386.rpm

#rpm -ivh mysql-devel-4.1.20-1.RHEL4.1.i386.rpm

#rpm -ivh mysql-server-4.1.20-1.RHEL4.1.i386.rpm

#vi /etc/my.cnf

[mysqld] set-variable=max_allowed_packet=10M

9. 重启mysqld服务

#service mysqld restart

#chkconfig --add mysqld

#tail -f /var/log/mysqld.log

#mysql -u root mysql

mysql>update user set password=password('***') where user='root';

mysql>flush privileges;

mysql>quit

10. 安装fastcgi

#rpm -ivh apr-devel-0.9.4-24.5.i386.rpm

#rpm -ivh apr-util-devel-0.9.4-21.i386.rpm

#rpm -ivh httpd-devel-2.0.52-25.ent.i386.rpm

#rpm -ivh perl-suidperl-5.8.5-36.RHEL4.i386.rpm

#tar zxvf mod_fastcgi-2.4.2.tar.gz

#cd mod_fastcgi-2.4.2

#cp Makefile.AP2 Makefile

#vi Makefile

top_dir = /etc/httpd

#make

#make install

#vi /etc/httpd/conf.d/FastCGI.conf

LoadModule fastcgi_module modules/mod_fastcgi.so FastCgiIpcDir /tmp FastCgiServer /opt/rt3/bin/mason_handler.fcgi -idle-timeout 120 -processes 8 FastCgiConfig -restart

#mkdir -p /etc/httpd/logs/fastcgi/dynamic

#chown -R apache:apache /etc/httpd/logs/fastcgi

#mkdir -p /tmp/dynamic/

#chmod 777 /tmp/dynamic/

11. 安装rt

#tar zxvf HTML-Mason-1.28.tar.gz

#cd HTML-Mason-1.28

#perl Makefile.PL

#make;make install

#tar zxvf FCGI-0.67.tar.gz

#cd FCGI-0.67

#perl Makefile.PL

#make;make install

#perl -MCPAN -e 'force("install", "MIME::Entity");'

#perl -MCPAN -e 'force("install", "WWW::Mechanize");'

#tar xzvf rt-3.0.10.tar.gz

#cd rt-3.0.10/

#./configure --with-web-user=apache --with-web-group=apache

#perl sbin/rt-test-dependencies --with-mysql --with-fastcgi | grep MISSING

#perl sbin/rt-test-dependencies --with-mysql --with-fastcgi --install

#perl sbin/rt-test-dependencies --with-mysql --with-fastcgi | grep MISSING

#useradd rt

#make install

12. 配置rt

#vi /opt/rt3/etc/RT_SiteConfig.pm

修改如下几处

Set($Timezone , 'Asia/Shanghai'); Set($rtname , ""); Set($Organization , ""); Set($WebPath , ""); Set($WebBaseURL , "http://scm7.***.cn:88");

#make initialize-database

13. 配置httpd

#vi /etc/httpd/conf/httpd.conf

Listen 88 <VirtualHost ***.51.173.94:88> ServerName scm7.***.cn DocumentRoot /opt/rt3/share/html/ AddDefaultCharset UTF-8 AddHandler fastcgi-script .fcgi <Directory "/opt/rt3/share/html"> Options FollowSymLinks ExecCGI AllowOverride None </Directory> Alias /NoAuth/images /opt/rt3/share/html/NoAuth/images ScriptAlias / /opt/rt3/bin/mason_handler.fcgi/ </VirtualHost>

14. 启动httpd服务

#service httpd restart

#chkconfig --add httpd

#chkconfig --level 35 httpd on

#tail -f /var/log/httpd/error_log

15. 初始登陆

http://scm7.***.cn:88/

账号：root

口令：password

16. 配置sendmail

#ln -s /opt/rt3/bin/rt-mailgate /etc/smrsh/

#vi /etc/rt.aliases

rt: "| /etc/smrsh/rt-mailgate --queue general --action correspond --url http://scm7.***.cn:88/" rt-comment: "| /etc/smrsh/rt-mailgate --queue general --action comment --url http://scm7.***.cn:88/"

#newaliases /etc/rt.aliases

#vi /etc/mail/sendmail.mc

define(`ALIAS_FILE', `/etc/aliases,/etc/rt.aliases')dnl DAEMON_OPTIONS(`Port=smtp,Addr=0.0.0.0, Name=MTA')dnl

#vi /etc/mail/local-host-names

scm7.***.cn

#m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf

17. 启动sendmail服务

#service sendmail restart

#chkconfig --add sendmail

#chkconfig --level 35 sendmail on

#tail -f /var/log/maillog

#echo test | mail -s 'test' zbwangjian@***.cn

18. 配置账号维护脚本

#vi /bin2/w.sh

内容如下

#!/bin/sh export LC_ALL=zh_CN.GB18030 n0=`expr index $1 "@"` if [ $n0 = 0 ] then echo "***账号格式不对，请输入完整的mail地址***" exit fi n1=$1 n2=`echo ${n1##*@}` if [ "$n2" = "***.cn" ] then n3=`echo ${n1%%@*}` else n3=`echo ${n1/@/.}` fi echo ...rt... SAVEIFS=$IFS IFS=" " file1=/tmp/`date +"%Y-%m-%d-%H%M%S"`.$$ ssh $LOGNAME@scm7.***.cn "mysql -u root -p*** -e "use rt3; select id from Users where EmailAddress = '$n1' into outfile '$file1'";" scp $LOGNAME@scm7.***.cn:$file1 /tmp/ if [ -f $file1 ] then file2=`cat $file1` for f in $file2 do ssh $LOGNAME@scm7.***.cn "mysql -u root -p*** -e "use rt3; update Principals set Disabled = '1' where id = '$f'";" done fi IFS=$SAVEIFS /bin/echo "$n1" | /usr/bin/mutt -s "logoff-user" scm-dept@scm5.***.cn

二、维护RT

1. 备份

#service httpd stop

#mysqldump --opt -u root -p*** rt3 > /var/lib/mysql.bak/rt3.sql

2. 恢复

#mysql -uroot -p***

mysql>drop database rt3;

mysql>create database rt3;

mysql>quit

#mysql -u root -p*** rt3 < /var/lib/mysql.bak/rt3.sql

#mysqlcheck -u root -p*** --databases rt3

#mysql_fix_privilege_tables --password=***

#service httpd restart

http://wiki.bestpractical.com/view/RHEL4InstallGuide

http://wiki.bestpractical.com/view/ManualInstallation

http://wiki.bestpractical.com/view/FastCGIConfiguration

http://archive.apache.org/dist/perl/

http://database.51cto.com/art/200811/97667.htm

http://hikin.javaeye.com/blog/505489

http://info.mysql.cn/install/2006/0410/5521.html

http://www.mysqlsystems.com/2009/04/upgradingmysql.html

三、升级RT到3.8.1

1. 备份

#service httpd stop

#mv /opt/rt3/ /opt/rt3-3.0.10/

#mysqldump --opt -u root -p*** rt3 > /var/lib/mysql.bak/rt3.sql

2. 升级mysql

#service mysqld stop

#rpm -qa|grep -i mysql

#rpm -e ….

#mv /var/lib/mysql/ /var/lib/mysql.3/

#rpm -ivh MySQL-client-community-5.0.92-1.rhel4.i386.rpm

#rpm -ivh MySQL-devel-community-5.0.92-1.rhel4.i386.rpm

#rpm -ivh MySQL-server-community-5.0.92-1.rhel4.i386.rpm

#/usr/bin/mysqladmin -u root password '***'

#cp /usr/share/mysql/my-medium.cnf /etc/my.cnf

#vi /etc/my.cnf

[mysqld] max_allowed_packet = 10M

#service mysql restart

#mysql -uroot -p***

mysql>create database rt3;

mysql>quit

#mysql -u root -p*** rt3 < /var/lib/mysql.bak/rt3.sql

#mysqlcheck -u root -p*** --databases rt3

#mysql_fix_privilege_tables --password=***

#mysql -uroot -p***

mysql>GRANT ALL PRIVILEGES ON rt3.* to 'rt_user'@'localhost' IDENTIFIED BY 'rt_pass';

mysql>quit

3. 安装rt

#tar xzvf rt-3.8.1.tar.gz

#cd rt-3.8.1

#./configure --with-web-user=apache --with-web-group=apache

#make testdeps

#make fixdeps

#tar zxvf GnuPG-Interface-0.42.tar.gz

#perl Makefile.PL

#make;make install

#tar zxvf XML-RSS-1.05.tar.gz

#cd XML-RSS-1.05

#perl Makefile.PL

#make;make install

#tar zxvf DBD-mysql-4.018.tar.gz

#cd DBD-mysql-4.018

#perl Makefile.PL

#make;make install

#make testdeps

#make upgrade

4. 配置rt

#vi /opt/rt3/etc/RT_SiteConfig.pm

修改如下几处

Set($Timezone , 'Asia/Shanghai'); Set($rtname , ""); Set($Organization , ""); Set($WebPath , ""); Set($WebBaseURL , "http://scm7.***.cn:88");

#vi /etc/group

rt:x:501:apache

#mysql -uroot -p***

mysql>use rt3;

mysql>show table status;

mysql>alter table ACL Engine=InnoDB;

mysql>alter table Attachments Engine=InnoDB;

mysql>alter table CachedGroupMembers Engine=InnoDB;

mysql>alter table CustomFields Engine=InnoDB;

mysql>alter table CustomFieldValues Engine=InnoDB;

mysql>alter table GroupMembers Engine=InnoDB;

mysql>alter table Groups Engine=InnoDB;

mysql>alter table Links Engine=InnoDB;

mysql>alter table Principals Engine=InnoDB;

mysql>alter table Queues Engine=InnoDB;

mysql>alter table ScripActions Engine=InnoDB;

mysql>alter table ScripConditions Engine=InnoDB;

mysql>alter table Scrips Engine=InnoDB;

mysql>alter table sessions Engine=InnoDB;

mysql>alter table Templates Engine=InnoDB;

mysql>alter table TicketCustomFieldValues Engine=InnoDB;

mysql>alter table Tickets Engine=InnoDB;

mysql>alter table Transactions Engine=InnoDB;

mysql>alter table Users Engine=InnoDB;

mysql>quit

#service mysql restart

#/opt/rt3/sbin/rt-setup-database --dba root --dba-password *** --action upgrade

#rm -fr /opt/rt3/var/mason_data/obj

#perl etc/upgrade/schema.mysql-4.0-4.1.pl rt3 root *** > sql.queries

#mysql -u root -p*** rt3 < sql.queries

5. 启动httpd服务

#service httpd restart

6. Set up automated recurring tasks (cronjobs)

#crontab -e

0 0 * * * /opt/rt3/sbin/rt-email-digest -m daily 0 0 * * 0 /opt/rt3/sbin/rt-email-digest -m weekly 0 * * * * /opt/rt3/sbin/rt-email-dashboards

http://blog.youkuaiyun.com/liuhaixian/archive/2009/02/01/3856113.aspx

http://dev.tot.name/db/html/20081223/20081223112752.htm

http://liudaoru.javaeye.com/blog/395180

http://note.tcc.edu.tw/478.html

http://blog.youkuaiyun.com/huithe/archive/2010/02/03/5283949.aspx

http://xionghui.blog.51cto.com/165540/30925

http://lists.bestpractical.com/pipermail/rt-users/2008-October/054896.html

http://www.gossamer-threads.com/lists/rt/users/77451

http://shwenwen.itpub.net/post/34911/496986

官方的demo  http://rt.easter-eggs.org/demos/

官方wiki  http://requesttracker.wikia.com/wiki/HomePage

官方list  http://www.gossamer-threads.com/lists/rt/

四、升级RT到3.8.7

1. 备份

#service httpd stop

#mv /opt/rt3/ /opt/rt3-3.8.1/

#mysqldump --opt -u root -p*** rt3 > /var/lib/mysql.bak/rt3.sql

2. 安装rt

#tar xzvf rt-3.8.7.tar.gz

#cd rt-3.8.7

#./configure --with-web-user=apache --with-web-group=apache

#make testdeps

#make fixdeps

#make upgrade

#/opt/rt3/sbin/rt-setup-database --dba root --dba-password *** --action upgrade

[Mon Mar 5 16:37:27 2012] [warning]: Going to add [OLD] prefix to all temlates in approvals queue. If you never used approvals then you can delete all these templates with [OLD] prefix. Leave new there may be you will want to use approvals some time. (./etc/upgrade/3.8.2/content:3) [Mon Mar 5 16:37:28 2012] [warning]: IMPORTANT: We're going to delete all scrips in Approvals queue and save them in 'rt-approvals-scrips-JpRS' file. (./etc/upgrade/3.8.2/content:165)

#more rt-approvals-scrips-*

3. 配置rt

#vi /opt/rt3/etc/RT_SiteConfig.pm

修改如下几处

Set($Timezone , 'Asia/Shanghai'); Set($rtname , ""); Set($Organization , ""); Set($WebPath , ""); Set($WebBaseURL , "http://scm7.***.cn:88");

#rm -fr /opt/rt3/var/mason_data/obj

4. 启动httpd服务

#service httpd start

五、ExternalAuth

1. 配置mysql

#mysql -uroot -p***

mysql>create database rt3ext;

mysql>quit

#mysqldump --opt -u root -p*** rt3 -d Users Principals > rt3ext.sql

#vi rt3ext.sql

`LastUpdated` datetime default NULL, `Disabled` smallint(6) NOT NULL default '0', PRIMARY KEY (`id`),

#mysql -u root -p*** rt3ext < rt3ext.sql

#mysqlcheck -u root -p*** --databases rt3ext

#mysql_fix_privilege_tables --password=***

#mysql -uroot -p***

mysql>GRANT ALL PRIVILEGES ON rt3ext.* to 'rt_user'@'localhost' IDENTIFIED BY 'rt_pass';

mysql>quit

2. 配置rt

#tar zxvf RT-Authen-ExternalAuth-0.08.tar.gz

#cd RT-Authen-ExternalAuth-0.08

#perl Makefile.PL

#make

#make install

#tar zxvf Crypt-MySQL-0.04.tar.gz

#cd Crypt-MySQL-0.04

#perl Makefile.PL

#make

#make install

#vi /opt/rt3/etc/RT_SiteConfig.pm

#Set(@Plugins,(qw(Extension::QuickDelete))); Set( @Plugins, qw(RT::Authen::ExternalAuth) ); Set($ExternalAuthPriority, ['My_MySQL']); Set($ExternalInfoPriority, ['My_MySQL']); Set($ExternalServiceUsesSSLorTLS, 0); Set($AutoCreateNonExternalUsers, 0); Set($ExternalSettings, { 'My_MySQL' => { 'type' => 'db', 'auth' => 1, 'info' => 1, 'server'=> 'localhost', 'database'=> 'rt3ext', 'table' => 'Users', 'user' => 'rt_user', 'pass' => 'rt_pass', 'port' => '3306', 'dbi_driver' => 'mysql', 'u_field'=> 'Name', 'p_field' => 'Password', 'p_enc_pkg' => 'Crypt::MySQL', 'p_enc_sub' => 'password41', 'd_field'=> 'Disabled', 'd_values' => ['0'], 'attr_match_list' => [ 'Gecos', 'Name' ], 'attr_map' => { 'Name' => 'Name', 'EmailAddress' => 'EmailAddress', 'ExternalAuthId' => 'Name', 'Gecos' => 'Gecos' } } } ); Set($SenderMustExistInExternalDatabase, 1); Set($LookupSenderInExternalDatabase, 1); Set($ValidateUserEmailAddresses, 1); 1;

#perl -c /opt/rt3/etc/RT_SiteConfig.pm

#service httpd restart

六、ExternalAuth2

1. 配置openldap

…

2. 配置rt

#vi /opt/rt3/etc/RT_SiteConfig.pm

#Set(@Plugins,(qw(Extension::QuickDelete))); Set( @Plugins, qw(RT::Authen::ExternalAuth) ); Set($ExternalAuthPriority, [ 'My_LDAP' ]); Set($ExternalInfoPriority, [ 'My_LDAP']); Set($ExternalServiceUsesSSLorTLS, 0); Set($AutoCreateNonExternalUsers, 0); Set($ExternalSettings, { 'My_LDAP' => { 'type' => 'ldap', 'auth' => 1, 'info' => 1, 'server' => 'example.com', #'user' => 'CN=(user),CN=Users,DC=example,DC=com', #'pass' => 'password', 'base' => 'dc=example,dc=com', 'filter' => '(objectclass=Person)', 'd_filter' => '(&(objectCategory=person)(objectClass=user) (userAccountControl:1.2.840.113556.1.4.803:=2))', 'tls' => 0, 'net_ldap_args' => [ version => 3 ], 'group' => '', 'group_attr' => '', 'attr_match_list' => [ 'Name', 'EmailAddress', 'RealName', 'WorkPhone', 'Address2' ], 'attr_map' => { 'Name' => 'sAMAccountName', 'EmailAddress' => 'mail', 'Organization' => 'physicalDeliveryOfficeName', 'RealName' => 'cn', 'ExternalAuthId' => 'sAMAccountName', 'Gecos' => 'sAMAccountName', 'WorkPhone' => 'telephoneNumber', 'Address1' => 'streetAddress', 'City' => 'l', 'State' => 'st', 'Zip' => 'postalCode', 'Country' => 'co' } } } ); 1;

RT-Extension-LDAPImport-0.07.tar.gz

http://requesttracker.wikia.com/wiki/ExternalAuth

http://requesttracker.wikia.com/wiki/Ubuntu_8.04.1

http://requesttracker.wikia.com/wiki/LdapSiteConfigSettings

http://www.gossamer-threads.com/lists/rt/users/106580?search_string=RT%204.0.2%20and%20ExternalAuth;#106580

 

https://github.com/afrous/Cynthia

转载于:https://my.oschina.net/tadcat/blog/150752