Personal tools
You are here: Home Fedora Solved Server Solutions Installing Zope+Plone on Fedora

Installing Zope+Plone on Fedora

by jon last modified Jan 30, 2008 03:46 AM

This guide will help you set up your own Plone site using Zope and Apache on Fedora Core. Zope is capable of acting as a standalone server, but we use Apache and its URL rewriting engine (mod_rewrite) to give us more power and flexibility.

Requirements

This process uses entirely packages that are available from the Fedora repository. You can use 'yum' to install everything you need.

Fedora Versions:

  • Fedora Core 5
  • Fedora Core 6

Support for Fedora 7 will be coming soon. Fedora 7 only has python 2.5 and Zope does not currently support python 2.5.

These are the packages you will need:

  • httpd
  • zope
  • plone

Some basic assumptions are made with regard to your setup. You may need to adjust the process accordingly if any of these vary:

  • You have registered a domain name (eg. example.com)
  • Your ISP allows access to port 80, or you can route traffic to port 80 using your router
  • You have root access and are familiar with basic functions on the server you will be using

Installing Requirements

To install zope, plone and httpd do the following:
yum install zope plone httpd

Definitions

For the purpose of simplicity in this document, we'll select some standard names to use that you will need to replace in your own work. They are as follows:

  • example.com - This is the domain name that we will use for our examples. This will be replaced by whatever your domain name is.
  • zope.conf - This is the filename we have chosen for our Apache HTTPD configuration. The directives here could easily be placed elsewhere in your Apache configuration.

Apache Configuration

These files are used to configure Apache to serve our Plone site. They are placed in /etc/httpd/conf.d or merged with existing virtual hosts.

zope.conf

This file is used to configure Apache to pass appropriate requests to Zope

zope.conf

cache.conf

This entirely optional file is used to enable caching on Apache, which can improve loading speeds.

cache.conf

Zope Configuration

We're going to do things just a little differently from normal. Before we set up our new site, we are going to replace the normal Zope ACL system with the more advanced ACL system that supports groups.

Dummy Account Creation

Before we start Zope, we need to create a couple of accounts. These first two accounts are both dummy accounts, and shouldn't match the login you intend to use to manage your Zope instance.

First, we'll initialize the Zope ACL system with our first fake account:

zopectl adduser username password
You can replace username and password with other details if you wish.

Next, we create an account using Zope's failsafe method. This allows us to delete the ACL system without locking ourselves out.

32-bit systems

cd /var/lib/zope
/usr/lib/zope/bin/zpasswd.py access

64-bit systems

cd /var/lib/zope
/usr/lib64/zope/bin/zpasswd.py access

It will ask you for basic account details. Enter a different username and password combination here, and remember that it should not match what you want to use to manage Zope. Use SHA encryption and leave the domain restrictions empty.

Bringing Everything Up

We are now ready to start Apache and Zope for the first time:

service zope start
service httpd start

Zope may spit out some messages. They are safe to ignore.

You can set these to start when the system boots. You may use the following or run 'system-config-services':

chkconfig zope on
chkconfig httpd on

Building SELinux Module

If using SELinux, you must customize the policy to allow Apache to connect to Zope. You may either audit the actions and build a policy or use the one we have here. This policy applies to Fedora Core 5/6 targeted. The following will allow apache to connect to zope:

Note: You will need the 'checkpolicy' package.

module zope 1.0;
require {
class tcp_socket name_connect;
type http_cache_port_t;
type httpd_t;
};

allow httpd_t http_cache_port_t:tcp_socket name_connect;

To build the policy you create a file called zope.te with the above contents. You then run the following commands to build the module:
checkmodule -M -m -o zope.mod zope.te
semodule_package -o zope.pp -m zope.mod
And finally you load the module into the policy:
semodule -i zope.pp

If you would like to learn how to build these types of modules, please read our howto on SELinux module building.

Replacing the ACL System

You should now be able to point your browser to the Zope Management Interface at:

http://www.example.com/zope/manage

It should ask you for login details. Use the second dummy account we created earlier.

Now, find the acl_users item, place a checkmark to the right side of it, and hit the Delete button at the bottom of the page. This will remove the original ACL system.

Next, find the combobox near the top-right of the main frame. Select "Group User Folder" in the list and hit the Add button. This adds the new ACL system that supports groups.

Creating Administrative Users and Groups

We are now ready to create our initial administrative group and add our first user to it.

  • Find the acl_users item and click on it. This will bring you to the user management section.
  • Find the Groups Tab at top and click on it. This is where we will create our administrative group. For our example, we'll use root for the group name, but you can use any name you would like.
  • In the Groups management section, find the Create Groups box. Enter root in the box. Click the Create button.
  • Now, place a checkmark in the box next to the root item, and find the Affect roles section. Check both Manager and Owner, and click the Change button. You should not check anything in the Affect groups section.
  • Next, we create your initial user account. Find the Users Tab up top and click on it.
  • Find the User Creation section. In the Batch user creation list box, enter the username you would like to use. Enter a password in the box below that, and click the Create button.
  • It will show you a status report. When you continue, you will return to the Users page. Now, place a checkmark next to your name and find the Affect groups section. Mark root and hit the Change button.

Your accounts should now be configured.

Removing the Dummy Account

We are now ready to remove the second dummy account. (The first is already destroyed.) We'll also restart Zope to be sure that all changes are applied:

cd /var/lib/zope
rm access
service zope restart

You should now either close your browser or otherwise clear your HTTP authentication so that you can log back in with your new account.

This finishes the Zope configuration.

Creating the Plone Site

We are now ready to create your Plone site. Visit the ZMI (Zope Management Interface) again:

http://www.example.com/zope/manage

In the combobox in the upper-right, select "Plone Site" and click the Add button. Enter example.com for the ID. The title and description are up to you. This creates your initial Plone site.

Learning and Customizing Plone

It is highly recommend that you go through The Definitive Guide to Plone to get you started in working with Plone. It will guide you through many common tasks and some more advanced tasks that will help you become familiar with Plone and the ZMI.

More Information

Disclaimer

We test this stuff on our own machines, really we do. But you may run into problems, if you do, come to #fedora on irc.freenode.net

Added Reading


Document Actions
Log in


Forgot your password?
New user?