[Zope] Suggestions for improving http://www.zope.org/Members/mcdonc/HowTos/zopeinstall/ZOPE-INSTALL-HOWTO

Douglas Carnall dougie@carnall.org
Wed, 13 Mar 2002 16:27:08 +0000


Chris,

What with all the activity on the list in the last week about the quality of
documentation, I'd thought I'd better try to deliver on my promise to send
you feedback. I'd hoped to send you something more polished, but best not to
let the best be the enemy of the good I always think. Anyway, the following
comments relate to my experience of installing Zope using your fine
document:
 
http://www.zope.org/Members/mcdonc/HowTos/zopeinstall/ZOPE-INSTALL-HOWTO

1) A bit out of date: refers to "the as yet mythical 2.2.5" for example (we
are now 2.5.0, no?)


2) A couple of minor typo-like errors


All this futzing with security is important because we're going to start
Zope as the root user. When Zope is started as root, it executes programs
kept in the Zope directory as the root user before it switches user context
to the nobody user. If these program files are modifiable by arbitrary
users, ***you [could] [be] [are] compromising the security of your
system.*** We've limited our risk by allowing only three trusted users to
access the Zope holding directory and anything kept within it. Giving
arbitrary write access to the holding directory or the Zope directory and
files within is a Bad Idea.

***pick one

=====
=====

There, I did it. I've got a holding directory named "/usr/local/zope" that's
owned by the "nobody" user. It's also group-owned by the "mcdonc" group,
whose only member is my user account "mcdonc".

3) Educational suggestions

Could add:

If you don't already have such a group on your system, you need to set one
up as follows

dougie@carnall:/usr/local/zope$ su
Password:
dougie@carnall:/usr/local/zope#
root@carnall:/usr/local/zope# usermod -G users,dougie dougie

This adds the user dougie to two groups, users and dougie.


*****

*****

Further reading/additional knowledge.

Understanding unix permissions is vital to successfully installing zope. You
may need to brush up by reading the man pages of the following commands:

chmod/chgrp/useradd/groupadd/usermod/groupmod

(It was setting up the groups that I had not done before)

dougie@carnall:/usr/local/zope$ man usermod

and so on

This is a nice introductory page:

http://www.perlfect.com/articles/chmod.shtml

I'd also recommend

Pfaffenberger B. Linux Command Instant Reference. Almeda CA: Sybex, 2000.

though O'Reilly has just put up this nice page here:

http://www.oreillynet.com/linux/cmd/

*****
*****

If you are having trouble with your install have a look at these related
webpages:

start with:

http://www.zope.org/Members/jens/docs/newbie_caveats

I made a mini-link-o-paedia for someone on the list a while back:

http://www.carnall.demon.co.uk/install_zope.html

Scavenge at will.

******
******

Might be useful to reassure people of the distro independence of Zope, and
the various versions of python problem. (see
http://lists.zope.org/pipermail/zope/2002-February/108708.html et seq)

Hope this is helpful

D.

-- 
Douglas Carnall

tel:+44 (0)20 7241 1255
fax:08700 557879 
mob:07900 212881
http://www.carnall.org/
dougie@carnall.org