Upgrade SysPass from 2.1 to 3.0
Hi Tech Guys,
SysPass It’s one of the best powerful Free and Open Source web application that provides a password management in a secure and collaborative way with intuitive web UI and several useful features.
More informations on the official website syspass.org.
In this tutorial are going to upgrade step by step from version 2.1 to 3.0, and if you installed previously with php 5.6, we will upgrade on version 7.0 because is supported from the application.
There are important changes in the version 3.0, a fully database structure change, “config” directory is moved off to “/app/config”, Composer PHP package manager is used to install and keep up-to-date sysPass dependencies.
Requirements:
-Centos 7.3 server with minimal hardware configuration (depends of your needs).
-Syspass version 2.1 installed.
-ROOT permission on server.
-Internet connection to download all needed packages.
-Good IT basic knowledge and a bit of patience…
Let’s Start!
Stop Apache web server before start, is not mandatory but we prefer to stop it so no one can use the application in the while.
systemctl stop httpd.service
Backup everything and if you can, snapshot your system (just in case).
There are three general ways to backup with mysqldump, choose what you prefer:
shell> mysqldump [options] db_name [tbl_name ...] shell> mysqldump [options] --databases db_name ... shell> mysqldump [options] --all-databases
move on /tmp (we backup twice, never enough):
mysqldump -p --all-databases > all_databases.sql mysqldump -p syspass > syspass.sql
in additions for precautions save on your local pc, so execute those command with scp:
scp root@[syspass_srv_ip]:/tmp/all_databases.sql /(your local path for backup) scp root@[syspass_srv_ip]:/root/syspass.sql /(your local path for backup)
copy /config folder on your pc
scp -r root@[syspass_ip]:/var/www/html/sysPass/config (your local path for backup)
and on /tmp as well so will be ready at copy time
cp /var/www/html/sysPass/config /tmp
(optional) If your bakup folder is populated and you wish to hold the previous folder, copy also the backup
cp /var/www/html/sysPass/backup /tmp
(optional) only if you have an old php version and would like to switch to 7.0 remove all older php pkgs
yum remove -y php*
once you can, and you are on it, update all server pkgs
yum update -y
install epel to get extras repository and utils tools
yum install epel-release yum-utils -y
and repo to download and activate php 7.0 pkgs, otherwise you will download last version not supported from syspass.
yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm yum-config-manager --enable remi-php70
install all required php 7.0 pkgs
yum install php php-common php-opcache php-mcrypt php-cli php-gd php-curl php-mysql php-xml php-devel php-intl php-mbstring php-bcmath php-pdo php-ldap
also install this pkgs required from composer
yum install git zip unzip php7.0-zip -y
be sure maria db and apache are updated to latest version, once you touch the server
yum upgrade -y httpd mariadb-server mariadb
Move on /tmp, download last version of sysPass (if in the time a newer update of version 3 used in this tutorial was released, change the paths) decompress, remove all old folders (or rename if you are not sure) and move the new folder on apache html folder.
cd /tmp wget https://github.com/nuxsmin/sysPass/archive/3.0.5.19020701.tar.gz tar -xvzf 3.0.5.19020701.tar.gz mv sysPass-3.0.5.19020701 sysPass rm 3.0.5.19020701.tar.gz rm -rf /var/www/html/sysPass cp -rf sysPass /var/www/html/. rm -rf /tmp/sysPass
Move the original syspass config folder that contain “config.xml”, “key.pem” , “pubkey.pem” and “syspass.log” if you want to keep old logs, to the new path
cp /tmp/config/* /var/www/html/sysPass/app/config/.
Change permission to whole folder
chown apache -R /var/www/html/sysPass chmod 750 /var/www/html/sysPass/app/config /var/www/html/sysPass/app/backup
Be careful at /app/config because contain important information, however you can use .htaccess to make it not accessible to all world (if is on public network).
If selinux is not disabled and is in enforcing mode use those command to allow the program to write its configuration and some other files, so Change SELinux’s context and user
setsebool -P httpd_can_connect_ldap 1
chcon -R -t httpd_sys_rw_content_t /var/www/html/syspass/app/{config,backup,cache,temp}
Go back in the main app folder
cd /var/www/html/sysPass
Download and install composer PHP package manager, used to install and keep up-to-date sysPass dependencies
php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
php -r "if (hash_file('sha384', 'composer-setup.php') === '48e3236262b34d30969dca3c37281b3b4bbe3221bda826ac6a9a62d6444cdb0dcd0615698a5cbe587c3f0fe57a54d8f5') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
php composer-setup.php
php -r "unlink('composer-setup.php');"
php composer.phar install --no-dev
In conclusion restart Apache service
systemctl start httpd.service
Point your browser to https://[ip_or_hostname]/sysPass/index.php or https://[ip_or_hostname]/sysPass/index.php?r=login
more information at official RTD official site
—>>> ENJOY!!! <<<—
YOBICLOUD TEAM editor
About the author