- <ul>
- <p><li><h4>PostgreSQL 8.x</h4>
- PostgreSQL added a restriction in v8.x that a sequence cannot be dropped
- after if it is referenced by a table. However backups created with
- LedgerSMB v2.6.13 and earlier have a DROP SEQUENCE step in the backup
- which will fail. To fix this edit the backup before restoring on a 8.x
- system.
- <p>This typically looks like this:
- <pre>
- DROP SEQUENCE id ;
- CREATE SEQUENCE id START 10579;
- --
- DROP SEQUENCE invoiceid ;
- CREATE SEQUENCE invoiceid START 11096;
- --
- DROP SEQUENCE orderitemsid ;
- CREATE SEQUENCE orderitemsid START 178;
- --
- DROP SEQUENCE jcitemsid ;
- CREATE SEQUENCE jcitemsid START 53;
- </pre>
- <p>Change it to:
- <pre>
- CREATE SEQUENCE id;
- SELECT SETVAL('id', 10579);
- CREATE SEQUENCE invoiceid;
- SELECT SETVAL('invoiceid', 11096);
- CREATE SEQUENCE orderitemsid;
- SELECT SETVAL('orderitemsid', 178);
- CREATE SEQUENCE jcitemsid;
- SELECT SETVAL('jcitemsid', 53);
- </pre>
- <p><li><h4>PostgreSQL template1</h4>
- template1 is a template to build new databases
- from. Anything you put into template1 will be copied to a new database.
- So when you try to create a new dataset, the tables are already created from
- template1 and when LedgerSMB tries to create them you'll get an error that
- the tables already exist.
- <p><li><h4>PostgreSQL 8.0+</h4>
- To use LedgerSMB with 8.0+ you have to modify Pg-tables.sql The file
- is in the sql directory.
- <pre>
- CREATE TABLE orderitems (
- trans_id int,
- parts_id int,
- description text,
- qty float4,
- sellprice float8,
- discount float4,
- unit varchar(5),
- project_id int,
- reqdate date,
- ship float4,
- serialnumber text,
- id int default nextval('orderitemsid')
- ) WITH OIDS;
- CREATE TABLE inventory (
- warehouse_id int,
- parts_id int,
- trans_id int,
- orderitems_id int,
- qty float4,
- shippingdate date,
- employee_id int
- ) WITH OIDS;
- CREATE TABLE assembly (
- id int,
- parts_id int,
- qty float,
- bom bool,
- adj bool
- ) WITH OIDS;
- </pre>
- This change is only required for LedgerSMB versions 2.6.3 and below.
- <p>If you already built a dataset without this change you will get
- an error when you try to save a PO or assembly.
- <p>"ERROR: column "oid" does not exist"
- <p>Drop the tables and rebuild WITH OIDS.
- <p><li><h4>Japanese characters</h4>
- modify apache so that EUC_JP is the main additional language.
- <br>comment out all unrelated languages except, UTF_8 shift jis, EUC_JP
- <br>restart apache
- <br>Fire up psql and do the encoding as per the table:-
- <br>Table 5-2. Postgres Client/Server Character Set Encodings
- <p>Server Encoding Available Client Encodings
- <br>EUC_JP EUC_JP, SJIS
- <br>EUC_TW EUC_TW, BIG5
- <br>LATIN2 LATIN2, WIN1250
- <br>LATIN5 LATIN5, WIN, ALT
- <br>MULE_INTERNAL EUC_JP, SJIS, EUC_KR, EUC_CN, EUC_TW, BIG5, LATIN1 to LATIN5, WIN, ALT, WIN1250
- <p>Create the dataset from admin.pl, now the Japanese shows up in multibyte encoding
- <p>Now you can write in Hiragana, Katakana, Kanji and English
- <p><li><h4>Error posting a check/receipt</h4>
- <pre>
- DBD::Pg::db do failed: ERROR: syntax error at or near "," at character 114
- Error!
- INSERT INTO acc_trans (trans_id, chart_id, transdate,amount)
- VALUES (13314, , '03-22-2005',1.00 * 1)
- ERROR: syntax error at or near "," at character 114 </pre>
- This error is caused by a transaction which does not have links to
- an AR/AP account.
- <br>set up your chart of accounts properly and create at least one
- AR and AP account. Then edit all your transactions and repost.
- <p><li><h4>SELinux</h4>
- <a href=http://fedora.redhat.com/docs/selinux-faq-fc3/index.html>http://fedora.redhat.com/docs/selinux-faq-fc3/index.html</a>
- <p>modify /etc/selinux/conf and set SELINUX=permissive
- <p>use audit2allow and add the following to policy.conf,
- then run "make reload"
- <p>#line 83
- <br>allow httpd_sys_script_t port_type:{ tcp_socket udp_socket } { send_msg
- recv_msg };
- <br>allow httpd_sys_script_t sysctl_kernel_t:dir search;
- <br>allow httpd_sys_script_t sysctl_t:dir search;
- <br>allow httpd_sys_script_t tmp_t:sock_file write;
- <br>allow httpd_sys_script_t httpd_sys_content_t:lnk_file read;
- <br>allow httpd_sys_script_t sysctl_kernel_t:file read;
- <br>allow httpd_sys_script_t unconfined_t:unix_stream_socket connectto;
- <p><li><h4>session timeouts</h4>
- If you get frequent timeouts or can't even log in synchronize
- the clocks from the server and workstation.
- <p><li><h4>lineitems not printing</h4>
- Templates designed on a UNIX platform don't work on a DOS platform.
- To make them work load the template either with the builtin template editor
- or a text editor and save. Templates designed on a Windows platform have the
- same problem and won't work on a UNIX platform. Once you strip the ^M's
- the'll work just fine.
- <p><li><h4>UTF-8 character encoding</h4>
- Most of the translations are in ISO format. To convert the translations
- change directory to locale/cc and convert the files with iconv to UTF-8.
- You should also convert the COAs too and make sure you select UTF-8
- encoding when you set up a new dataset.
- <p><li><h4>characterset problems</h4>
- If you have problems displaying the correct characterset try adding
- <pre>
- AddDefaultCharset On</pre>
- in your httpd.conf file.
- <p><li><h4>About installation</h4>
- The easiest is to use the setup.pl script as root.
- You don't need to know very much about your system, just login as root,
- run 'perl setup.pl' and follow the prompts.
- <p>setup.pl does not check for missing software packages and it is your
- responsibilite to make sure you have the required software
- installed either from source or from a package.
- <p>Requirements are clearly indicated in the README file and on the
- download page.
- <p><li><h4>cannot create function</h4>
- <ol>
- <li>either run createlang and install the plpgsql language handler or
- install yourself. For more information how to do that, visit
- <a href=http://www.postgresql.org/docs/>PostgreSQL</a> and
- read the interactive documentation for procedural languages.
- <li>load admin.pl
- <li>unlock the system
- <li>login
- </ol>
- <p><li><h4>The requested URL /ledger-smb/admin.pl was not found</h4>
- Your webserver doesn't know where to find the script. Most commonly this
- is from distributions hiding webserver configuration files in different
- locations or files and setup.pl wasn't able to configure the location for
- you. Find out which file (httpd.conf, httpdcommon.conf, ...)
- controls your webserver configuration and add
- <pre>
- # LedgerSMB
- Include /etc/httpd/ledger-smb-httpd.conf</pre>
- Create a file 'ledger-smb-httpd.conf' in /etc/httpd and copy the next part
- into the file.
- <pre>
- AddHandler cgi-script .pl
- AddDefaultCharset On
- Alias /ledger-smb /var/www/ledger-smb/
- <Directory /var/www/ledger-smb>
- Options ExecCGI Includes FollowSymlinks
- </Directory>
- <Directory /var/www/ledger-smb/users>
- Order Deny,Allow
- Deny from All
- </Directory></pre>
- replace '/etc/httpd' and '/var/www' with the appropriate directories.
- <p><li><h4>users/members : Permission denied</h4>
- Your webserver must have write access to the users directory.
- If your server runs as user/group 'apache:apache' then set the
- users directory to owner/group apache:apache.
- <pre>
- # chown -R apache:apache users</pre>
- <p><li><h4>Dataset newer than version</h4>
- You are trying to use an older version with a dataset which was
- created with a newer version.
- <p><li><h4>PDF option not working</h4>
- Check if you have latex and pdflatex installed.
- <p><li><h4>Apache 2.0 "error 500"</h4>
- Some of the early versions of Apache 2.0 (< patchlevel 44) had a rewrite engine
- which decoded escaped strings. This created a lot of problems and I worked
- around it by escaping strings twice.
- If you get a server 500 error 'filename too long' or if collapsed menus
- don't expand you may have to adjusted the following code in
- SL/Form.pm and change the number (44) on line 84.
- <pre>
- # for Apache 2 we escape strings twice
- if (($ENV{SERVER_SIGNATURE} =~ /Apache\/2\.(\d+)\.(\d+)/) && !$beenthere) {
- $str = $self->escape($str, 1) if $2 < 44;
- }</pre>
- <p><li><h4>IDENT Authentication failed for user "sledger-smb"</h4>
- Edit pg_hba.conf and change authentication to
- <pre>
- local all all MD5</pre>
- The file is in the 'data' directory of your postgresql installation.
- This is different with every distribution so look for it.
- <pre>
- # find / -name 'pg_hba.conf'</pre>
- <p>Some people can't read and seem to think 'localhost' is just some
- fancy word for a local machine.
- 'localhost' is a host like any other host on a network.
- A 'local' entry in pg_hba.conf will allow socket connections ONLY and
- not allow a host connection. If you then try to connect to 'localhost'
- postgres will come back with an authentication error.
- <p>So, forget you ever heard there is such a thing as 'localhost' and leave
- the Host portion blank.
- <p><b>WARNING!</b> DO NOT just put a 'host all all trust' in pg_hba.conf
- unless you know what you are doing.
- <p><li><h4>DBD-Pg for Mandrake 9.0</h4>
- Mandrake did not package a compiled DBD-Pg package again, so install DBD-Pg
- from the source package.
- Install perl-DBD-Pg-1.01-4mdk.i586.rpm from the 'contrib' area.
- (Mandrake / 9.0 / contrib / RPMS)
- <p><li><h4>LaTeX error</h4>
- If for some reason LaTeX produces an error message check for strange
- characters in your account description and parts description
- and use \usepackage[latin1]{inputenc} in the preamble.
- <p><li><h4>LaTeX templates</h4>
- If you don't want to edit tex code by hand,
- you could use Lyx, Abiword, or any WYSIWYG editor capable of exporting
- latex code.
- To do that you must change the tokens for the variables <% and %> to something
- like << and >>. % is the comment character in tex. There is also a
- pagebreak block which must be commented out.
- When you are done with the changes
- replace << and >> with <% and %> and uncomment the pagebreak block.
- <p>LaTeX is difficult but it also offers a much superior environment
- to produce professionally looking forms in postscript and PDF format.
- Unfortunately with all that power there is also a steep learning curve.
- <p><li><h4>W3M</h4>
- pass terminal=mozilla when you start w3m
- <pre>
- $ w3m -F http://localhost/ledger-smb/login.pl?terminal=mozilla</pre>
- To use without frames
- <pre>
- $ w3m http://localhost/ledger-smb/login.pl?terminal=lynx</pre>
- <p><li><h4>PDF option disappeared</h4>
- Edit ledger-smb.conf and set $latex = 1;
- <br>ledger-smb.conf is perl code, check if it compiles, if it does not,
- the internal defaults are used which turn off $latex, hence no PDF option.
- <p><li><h4>Installation on Windows (WIN32)</h4>
- <ul>
- <li>install Apache, perl,
- <a href=http://techdocs.postgresql.org/guides/InstallingOnWindows>Postgres</a>
- or Oracle, DBI and the appropriate DBD
- module
- <br>if you can't compile DBD-Pg here is a precompiled
- <a href=http://http://pgfoundry.org/projects/dbdpgppm/>DBD-Pg module</a>
- <li>download the latest version of <a
- href=http://ledger-smb.sourceforge.net>LedgerSMB</a>
- <li>extract the files to c:\apache\ledger-smb
- <li>run 'perl shebang' to change the first line of the scripts. If perl
- is not in c:\perl\bin' change '#!c:\\perl\\bin\\perl' to the location where
- your perl binary is.
- <li>edit c:\apache\conf\httpd.conf and add
- <pre>
- Alias /ledger-smb "c:/apache/ledger-smb/"
- <Directory "c:/apache/ledger-smb">
- AllowOverride All
- AddHandler cgi-script .pl
- AddDefaultCharset On
- Options +ExecCGI
- Order Allow,Deny
- Allow from All
- </Directory>
- <Directory "c:/apache/ledger-smb/users">
- Order Deny,Allow
- Deny from All
- </Directory>
- </pre>
- <li>start Apache
- <li>start Postgres|Oracle|DB2
- <li>connect to http://localhost/ledger-smb/admin.pl and set up users
- and datasets
- <li>connect to http://localhost/ledger-smb/login.pl and login
- </ul>
- <p><li><h4>What do I enter for the language</h4>
- If you use English, nothing, if you want to use a foreign language for
- the login screen and admin stuff enter the language code, this is the
- directory in the locale directory.
- <p><li><h4>printing to a printer</h4>
- Printers are defined in ledger-smb.conf
- <pre>
- %printer = ( 'Default' => 'lpr', 'Color' => 'lpr -PEpson' );</pre>
- Check in your /etc/printcap file for the names of available printers.
- <p>If you have LaTeX installed set
- <pre>
- $latex = 1</pre> in ledger-smb.conf
- <p>To send the document to the printer check the "Postscript" or "PDF" format,
- enter the number of copies and click on the "Print" button.
- <p>The printer you enter in your preferences is the default printer.
- You can choose any other available printer. This makes it possible
- to print from anywhere on the network to any printer.
- <p>Note: html format is for screen preview. Use the "Print" option from your
- browser to print to a printer.
- <p><li><h4>Using samba to send printjobs to a printer attached to a Windows XP workstation</h4>
- The next part applies to roll your own print filters only. If you use CUPS or
- LPRng your milage may vary but you can still use this as a guide how it works.
- I use the printer 'Epson' as an example which is
- attached to a XP workstation called Raven.
- <pre>
- /etc/printcap entry on the server which runs lpd
-
- epson:Epson\
- :sh:\
- :lp=/dev/null:\
- :sd=/var/spool/output/epson:\
- :if=/usr/libexec/lpr/epson/prnfilter:\
- # end of entry in /etc/printcap
- # prnfilter shell script
- #!/bin/sh
- # Filter for Epson Stylus
- PATH="$PATH:/usr/local/bin"
- #read first_line
- read tmp
- first_line=`echo $tmp | cut -b1-2 | sed -n '1p'`
- first_chr=`expr "$first_line" : '\(.\)'`
- first_two=`expr "$first_line" : '\(..\)'`
- rewindstdin
- if [ "$first_two" = "%!" ]; then # Postscript file
- gs @st640p.upp -dSAFER -dNOPAUSE -q -sOutputFile=/tmp/$$ -
- else
- # text file
- cat > /tmp/$$
- echo -n "^L" >> /tmp/$$
- smbclient '\\Raven\Epson' "" -c 'printmode text'
- fi
- smbclient '\\Raven\Epson' "" -P -c "print /tmp/$$"
- rm /tmp/$$
- # EOF
- rewindstdin is a small program to rewind the filehandle for STDIN
- save the next part up to EOF to a file rewindstdin.c and compile
- #include <sys/types.h>
- #include <unistd.h>
- extern int errno;
- main()
- {
- if( lseek(0,0,0) == 0 ){
- errno = 0;
- }
- return( errno );
- }
- # EOF
- compile to an executable
- gcc -o /usr/local/bin/rewindstdin rewindstdin.c
- </pre>
- <p><li><h4>beginning balances</h4>
- Add a GL Journal entry and enter the beginning balance for your accounts.
- Beginning balances are the balances from your last balance sheet. If you also
- add open invoices to account for COGS for inventory, add the invoices
- and make the appropriate adjustments.
- <p><li><h4>establish a beginning inventory</h4>
- add the parts with a vendor invoice. Use the <b>real cost</b> for the items,
- not zero. If you use zero cost then the cost of goods will be zero when you
- sell the item.
- <p><li><h4>Assemblies</h4>
- Assemblies are manufactured goods assembled from parts, services and
- assemblies. Because you do not buy assemblies you 'stock assemblies' by
- adding assembled units to your inventory. The quantity for individual parts
- is reduced and the quantity for the assembly increased. To disassemble an
- assembly you simply return the parts to inventory by entering a negative
- quantity for the number of assemblies to stock.
- <p><li><h4>DBD-Pg not installed</h4>
- Most modern distributions now package DBD-Pg. If it is
- not packaged follow this recipe to get it working.
- <ul>
- <li>check if you have the header files for PostgreSQL
- <br>$ find / -name 'libpq-fe.h'
- <br>if nothing shows up install the development package for PostgreSQL
- <li>download and untar DBD-Pg
- <li>set the environment variables POSTGRES_LIB and POSTGRES_INCLUDE
- <li>cd to DBD-Pg directory
- <br>as ordinary user
- <br>$ perl Makefile.PL
- <br>$ make
- <br>$ make test
- <br>if all went well su to root
- <br># make install
- <li>remove DBD-Pg
- </ul>
- <p><li><h4>login.pl has compilation error</h4>
- This could be because of a missing configuration file in the users directory
- <p>check the permission for the users directory. The directory must be
- set writeable for the webserver. If your webserver runs ias user/group
- nobody.nogroup set the directory to
- <pre>
- drwx--x--x 2 nobody nogroup 1024 May 26 16:49 users
- or
- drwxrwx--x 2 johndoe nogroup 1024 May 26 16:49 users</pre>
- <p><li><h4>script not executing, shows in browser instead</h4>
- Add
- <pre>
- AddHandler cgi-script .pl</pre>
- in your httpd.conf file.
- <p><li><h4>unknown terminal!</h4>
- the frontend script couldn't figure out which browser you are using
- <p>include the terminal variable on the URL
- <pre>
- http://localhost/ledger-smb/login.pl?terminal=lynx</pre>
- Valid terminal variables are lynx, mozilla and js
- <p><li><h4>permission denied</h4>
- Check if your web server has write permission to write to the following
- files and directories:
- <pre>
- users/
- templates/
- users/members
- # chown nobody:nogroup users templates users/members
- </pre>
- <p><li><h4>permission denied to access tables</h4>
- The user you entered in the "Database section" must be a valid
- database user who has rights to access the tables.
- <p>If the tables are owned by 'joe' and you enter 'mary' as the dba
- you might run into this problem if mary doesn't have the rights to
- access tables owned by joe.
- <p><li><h4>html and graphics files don't show up on screen</h4>
- Enable Includes and FollowSymlinks Options in your httpd.conf file
- <pre>
- <Directory /usr/local/ledger-smb>
- Options ExecCGI Includes FollowSymlinks
- </Directory>
- </pre>
- <p><li><h4>switch display to a foreign language</h4>
- Load your preferences and select the language.
- <br>Language selection is in accordance to
- <a href=http://www.unece.org/cefact/locode/service/main.htm>
- ISO 3166-1</a> standards.
- <p><li><h4>Text shows in English when I use a foreign language</h4>
- This is because the corresponding hash entry is missing.
- Add the missing text in the locale/cc/all or locale/cc/missing
- file and run 'perl locales.pl' from the command line to rebuild
- the individual files.
- <br>cc refers to the country code.
- <p><li><h4>switch to a foreign language for the login and admin screen</h4>
- Edit ledger-smb.conf and enter the code for the $language variable
- <pre>
- $language = "de";</pre>
- <p>This is a global change and applies to all logins, individual settings
- may be changed by setting the language in your Preferences.
- </ul>
- <p>
- <hr>
- <a name=security>
- <h1>LedgerSMB security</h1>
- </a>
- <ul>
- <li>The security features built into LedgerSMB provide encrypted passwords
- and access control which makes it fairly safe out of the box to run even in
- front of a firewall.
- Some precautions which are out of our control must be taken though.
- It matters where you install SL and how you configure your web server and
- SQL server.
- <pre>
- Typical setups:
-
- /usr/local/vh/www <- DocumentRoot for virtual host
- /usr/local/vh/ledger-smb <- Alias for ledger-smb
- /usr/local/vh/users <- users directory out of reach
- <hr width=60% align=left>
- /usr/local/vh/www <- DocumentRoot for virtual host
- /usr/local/vh/www/ledger-smb <- Alias for ledger-smb
- /usr/local/vh/www/ledger-smb/users <- users configuration files and tmp space
- <Directory /usr/local/vh/www/ledger-smb/users> <- disable webserver access
- Order Deny,Allow for users directory
- Deny from All
- </Directory>
- </pre>
- The location for the users directory can be specified in ledger-smb.conf
- <p><li>Set permission for the users and templates directory to 711
- <p><li>If you do not want anyone to change the templates with the built-in
- editor set the files in templates/directory/ to read only or disable
- the menu item to edit the templates.
- <p><li>You can set up a read-only environment if you disable the menu items
- to add data. i.e 'Add Transaction' if unchecked you will not be able to add
- a transaction or repost a transaction. You may look at it but nothing else.
- <p><li>There are various settings for audit control and you may disable
- reposting entirely or up to a certain date. And with the audit trail enabled
- you can keep tab of who is doing what.
- <p><li>For PostgreSQL you may also set who has access to the server in the file
- pg_hba.conf
- <br>Authentication crypt does not work because not all SQL servers
- accept encrypted passwords.
- <p><li>in addition you can secure the tables from unauthorized access by
- setting up a different database user and GRANT rights. For instance,
- users without DELETE rights will still be able to use the program, change
- customers and vendors, add transactions but will not be able to delete or
- repost transactions.
- <br>To lock all the tables to create a RO system GRANT SELECT rights only.
- <p><li>Other security options include a secure shell, your webserver's
- authentication system, SSL, encrypted tunnels, ...
- </ul>
- </BODY>
- </HTML>
|