The easiest upgrade process

Discussion in 'General OpenLiteSpeed Discussion' started by Jamie-VV, Jun 16, 2017.

  1. Jamie-VV

    Jamie-VV New Member

    I am currently running 1.4.23.

    If I'm compiling OpenLiteSpeed from the source package, can I just copy the openlitespeed binary into its required place and re-start the server?

    Or do I really need to move /usr/local/lsws aside and let "make install" do its job and then I manually reconfigure things afterwards?

    I did the clean install when upgrading from 1.3.12 to 1.4.23, as many things, including config file formats, changed. However, every few months another minor 1.4.x version is released, and I would like to upgrade, but would prefer not to go through the fresh install process from scratch as OpenLiteSpeed is being used on a production server.
     
  2. lsfoo

    lsfoo Administrator

    Hi @Jamie-VV

    As always, please make a back up of your current installation before doing anything.

    If you go through the compilation procedure (including make install), it should behave like an upgrade if you use the same configuration options during configure. The configuration format is still the same, so you shouldn't need to reconfigure it afterwards.

    Otherwise, if you'd rather not use make install, in addition to the main openlitespeed binary, you also need to make sure that the module binaries are also updated (cache.so, etc.). Another thing that may have changed is the web admin, so if you use the web admin, that may need to be updated as well.

    Let us know if you have any further questions about this procedure!

    Cheers,
    Kevin
     
  3. Jamie-VV

    Jamie-VV New Member

    Thanks for your help and advice.

    I did an experiment in a test area to see what files in /usr/local/lsws were changed between a "make install" when upgrading from version 1.4.23 to 1.4.26.

    The files that did change were located in these directories:
    • add-ons/snmp_monitoring/
    • admin/conf/ (only the webadmin SSL certificates, which are not trusted by browsers so they don't matter anyway)
    • admin/html/
    • bin/ (only the openlitespeed binary)
    • docs/
    • modules/ (all the .so files)
    • share/autoindex/
    And of course the "VERSION" file.

    So "make install" seems to be quite safe and doesn't disturb the existing configuration.

    Given that there are quite a few files from different areas that get updated, I'll just use the "make install" method, keeping a copy of the existing /usr/local/lsws directory just in case something goes wrong and I need to roll back to the previous version.
     
  4. Jamie-VV

    Jamie-VV New Member

    Sorry, just a follow-up.

    Why has "make install" changed these file permissions in /usr/local/lsws/conf/cert from:

    -rw------- 1 root root 4795 Feb 9 23:23 ca.crt
    -rw------- 1 root root 2122 Feb 11 23:50 server.crt
    -rw------- 1 root root 1679 Feb 9 10:23 server.key

    to:

    -rwxr-xr-x 1 lsadm lsadm 4795 Feb 9 23:23 ca.crt
    -rwxr-xr-x 1 lsadm lsadm 2122 Feb 11 23:50 server.crt
    -rwxr-xr-x 1 lsadm lsadm 1679 Feb 9 10:23 server.key

    What should the correct permissions be for a Ubuntu installation?
     
  5. lsfoo

    lsfoo Administrator

    Glad to hear that everything worked out.

    I will get back to you on the permissions question.

    Cheers,
    Kevin
     
  6. lsfoo

    lsfoo Administrator

    Hi @Jamie-VV

    If root works, it should stay as root. You may want to check the error logs to make sure that the certificate was loaded correctly. As for the file permissions, it doesn't matter too much because the conf directory should have strict permissions, so the files underneath should be protected.

    Cheers,
    Kevin
     
  7. Jamie-VV

    Jamie-VV New Member

    For some reason when I first installed OpenLiteSpeed, it had set the permissions on the "conf" directory to:

    drwxr-xr-x 5 lsadm lsadm 4096 Jun 1 08:53 /usr/local/lsws/conf/

    However, for each directory under /usr/local/lsws/conf/vhosts, it set it like so:

    drwx------ 2 lsadm lsadm 4096 Jun 1 08:53 www.XXXX/
    So everything was safe.

    After the upgrade, the above virtual hosts directory become world readable, as well as the server certificate files, so the "make install" process must have changed the permissions on those for some reason.

    Anyway, as suggested, I have now changed the top level "conf" directory as shown below, so the file permissions that "make install" altered underneath that won't matter and the server certificates are safe:

    drwx------ 5 lsadm lsadm 4096 Jun 20 10:00 /usr/local/lsws/conf/
     
    lsfoo likes this.

Share This Page