Skip to main content
Jump to: navigation, search

Difference between revisions of "EMF Build Server Setup"

(New page: = EMF Build Server Setup = You will need to be root for most of these tasks. == Install OS == Installation began with [ Ubuntu Server 6.06LTS], f...)
m (/etc/bashrc)
Line 165: Line 165:
* Switch to the root user.
* Switch to the root user.
* Append the following into <tt style="color:DarkGreen">/etc/bashrc</tt>, where <tt style="color:DarkGreen">_username_</tt> should be replaced with your actual username:  
* Replace <tt style="color:DarkGreen">/etc/bashrc</tt> with this:
==== /etc/bashrc ====
==== /etc/bashrc ====

Revision as of 00:05, 13 September 2007

EMF Build Server Setup

You will need to be root for most of these tasks.

Install OS

Installation began with Ubuntu Server 6.06LTS, for x86. Very simple and straight forward. I partitioned the drive 36.4G drive like this:

sdb1   Boot, NC   Primary   Linux ext3   10000.01M
sdb2              Primary   Linux swap    1000.00M
sdb3              Primary   Linux ext3   25391.44M

Install via apt-get

apt-get install apache2 perl5 curl cvs sun-java6-jdk
apt-get install php5 php5-cgi php5-cli php5-curl 
apt-get install zip unzip tar bzip2 sudo screen
apt-get install openssh-server ccrypt
apt-get install vim vim-common vim-scripts vim-gtk
apt-get install libgtk2.0-common libgtk2.0-0 libgtk2.0-bin

Install & symlink

Set default editor to vim

  • If you prefer vim to nano, you'll have to do this:
export EDITOR=vim
  - or - 
cd /etc/alternative; rm -f editor; ln -s /usr/bin/vim editor

Recreate ssh keys

  • If upgrading from an existing server, you can copy the old server's ssh keys so that the server will "look" the same to users connecting via ssh.
cp /mnt/sda1/etc/ssh/* /etc/ssh/

Set a static IP address


# The loopback interface
auto lo
iface lo inet loopback

# The first network card - this entry was created during the Debian installation
# (network, broadcast and gateway are optional)
auto eth0
iface eth0 inet static
address 9.xx.yyy.zzz
network 9.xx.yyy.0
broadcast 9.xx.yyy.255
gateway 9.xx.yyy.1

Add bootable partitions to grub loader


default         0
timeout         5

title           Ubuntu, kernel 2.6.15-26-server
root            (hd1,0)
kernel          /boot/vmlinuz-2.6.15-26-server root=/dev/sdb1 ro quiet splash
initrd          /boot/initrd.img-2.6.15-26-server

title           Ye Old Debian on sda1, kernel 2.4.25, no initrd
root            (hd0,0)
kernel          /boot/vmlinuz-2.4.25 root=/dev/sda1

Set up web content

  • Copy content from an existing server partition or else extract from CVS:
mkdir -p /home/www-data/build/modeling; cd /home/www-data/build/modeling;
cvs -d -q co -d scripts releng-common/tools/scripts
mkdir -p /var/www/html; cd /var/www/html; 
cvs -d -q co -d modeling www/modeling

Fix permissions & ownership

cd /var/www/html; find . -type f -exec chmod 664 {} \;
cd /var/www/html; find . -type d -exec chmod 2775 {} \;
cd /var/www/html; find . -exec chown www-data:www {} \;

cd /home/www-data/build; find . -type f -exec chmod 664 {} \;
cd /home/www-data/build; find . -type d -exec chmod 2775 {} \;
cd /home/www-data/build; find . -exec chown www-data:www {} \;
cd /home/www-data/build/modeling/scripts; find . -type f -name "*.sh" -exec chmod 755 {} \;

Fix hostname

  • Ensure your /etc/hosts file contains something a line such as this, so that the server knows its own name:     localhost
9.xx.yyy.zzz emf

Fix web user (www-data)

  • Edit /etc/group. Add www group:


  • Edit /etc/passwd. Change users' home directories and shell:


  • Edit /etc/sudoers to let you run commands and switch to the web user w/o needing a password. Add the following lines:


# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL

# Members of the www group can sudo to www-data
%www            emf = (www-data) NOPASSWD: ALL
  • Switch to the web user. You should NOT be prompted for a password.
sudo -u www-data bash
  • Create an ssh key, WITH NO PASSPHRASE. Store in ~/.ssh/id_rsa and ~/.ssh/
ssh-keygen -b 2048 -t rsa
  • Copy contents of ~/.ssh/ into ~/.ssh/authorized_keys file for user on who

will be running builds. This is so that the web user can commit changes to cvs (tagging, updating map files) for I, M, S & R builds.

  • Test by ssh'ing to, where _username_ should be replaced with your actual username:
  • Run newgrp www so that when new files are created, they will use the group id www instead of www-data:
newgrp www
  • Set umask 022 so that files will be created with group write perms 664 (see #/etc/bashrc):
umask 022
  • Set the remote shell connection method for CVS to be ssh instead of the default rsh (see #/etc/bashrc):
export CVS_RSH=/usr/bin/ssh
  • Set an ANT_HOME and JAVA_HOME, and add ant to the PATH (see #/etc/bashrc):
export ANT_HOME=/opt/apache-ant-1.6
export JAVA_HOME=/opt/sun-java2-5.0
export PATH=${PATH}:${ANT_HOME}/bin
  • Switch to the root user.
  • Replace /etc/bashrc with this:


[ -f ~/.alias ] && . ~/.alias

# set PATH so it includes user's private bin if it exists
if [ -d ~/bin ] ; then

umask 022
export GREP_OPTIONS='--color=auto'
export GTK2_RC_FILES=$HOME/.gtkrc-2.0
export KDEDIR=/usr
export QTDIR=/usr/share/qt3
export EDITOR=vi
export LC_ALL=C; #for perl



if [ $UID -eq 0 ]; then # root
  prompt="\! $rcol\]\u@$hcol\h$norm:\$(pwd)\\[$norm\]\n$rcol#$norm ";  fcol=$brown;
  prompt="\! $ucol\]\u@$hcol\h$norm:\$(pwd)\\[$norm\]\n$ucol\$$norm "; fcol=$ucol;

# If this is an xterm set the title to user@host:dir
case $TERM in
  export PS1=$prompt"\[\e]30;\u@\H\a\]"
  export PROMPT_COMMAND='echo -ne "\033]0;${USER}@${HOSTNAME}: ${PWD}\007"'
  export PS1=$prompt
  • Add the following to .bashrc and .bash_profile files:


[ -f /etc/bashrc ] && . /etc/bashrc


[ -f ~/.bashrc ] && . ~/.bashrc

  • Copy both .bashrc and .bash_profile into /etc/skel, so that new users will get these files in their home dirs.

Change Apache's default web dir

  • For consistency w/ other servers, edit /etc/apache2/sites-enabled/000-default and set Apache's default DocumentRoot to /var/www/html instead of /var/www.

Secure build script

  • Since the webserver is public but builds should only be run by authorized users, we must secure access to the build.php script.
  • Edit Apache config file to allow .htaccess rule changes to take affect. Change None to All:


# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
#   Options FileInfo AuthConfig Limit
  AllowOverride All
  • Create password file, where _username_ should be replaced with an actual username and /path/to/password/file should be replaced with an actual path:
httpasswd -c /path/to/password/file _username_
  • You can add additional users to the password file like this:
httpasswd /path/to/password/file _username2_
  • Create .htaccess file, replacing /path/to/password/file with the same path used in the previous step:


AuthType Basic
AuthName "EMF Build Server"
AuthUserFile /path/to/password/file
Require valid-user
  • Restart Apache, eg.:
/usr/sbin/httpd -k restart
 - or -
apache2ctl restart

Run a build

Using the username and password set up in the previous step, go here:

Check the build log while it's running or after it completes. If you see any messages such as permission denied or the following, something is amiss.

Debugging tips

execvp: Permission denied
  • Shell scripts must contain unix line endings. Run dos2unix to make sure, if copying them from a non-unix filesystem.
  • Shell scripts /home/www-data/build/emft/scripts/*.sh must be executable. See #Fix permissions & ownership.


  • Directories, eg. /home/www-data/build/emft/jet/downloads/drops/1.0.0 must be writable by the web user

(or group www). See #Fix permissions & ownership.

-- Connection refused
cvs [checkout aborted]: end of file from server (consult above messages if any)
  • CVS connection refusals are the result of not being able to automatically ssh as the web user to This

could be a problem with ssh keys (see above - #Fix web user (www-data)) or the method CVS uses to connect (rsh instead of ssh - see #/etc/bashrc).


  • For any compilation-related problems, missing file problems, or other issues not touched upon in this document, see EMFT_Procedures.

Display build logs, details & test results

Builds - including unpublished Nightly builds - are listed on the downloads page here:

Published builds are located here:

Add additional users

  • As root, run:
adduser -p newuserpassword newuser
  • Then copy .bashrc, .bash_profile, and .alias from an existing user to the new user's home dir (if /etc/skel is not used).
 cp /home/user/.bashrc /home/user/.bash_profile /home/user/.alias /home/newuser
  • Fix permissions on copied files
 chown newuser:newuser /home/newuser/.bashrc /home/newuser/.bash_profile /home/newuser/.alias

Install & configure mysql server 5

  • Install
 apt-get install mysql-server-5.0 mysql-client-5.0

CVS configuration

  • Install
apt-get install cvs
  • Create cvs group
vi /etc/group
  • Add the following line (or similar), listing all the users to have CVS access, then exit and save (ESC, :wq)
  • Create CVSROOT
cd /home; ln -s /var/lib/cvs
  • Set permissions
cd /home/cvs
chgrp -R cvs .
chmod -R 2775 . CVSROOT

See Also

Additional info and configuration steps are listed in EMFT Build Server Setup.

Back to the top