[rt-users] Upgrading 3.8.4 to 4.0.1 - Root password??

[George_Holl]

We have a fresh installation of RT 4.0.5. with imported data from a former
version.
I can login as root, but there are two issues:

1) When I logoff and I want to logon again, the root password is changed
to somewhat! Than I have to reset it. 
I followed the instruction at:
" UPGRADING FROM 3.8.8 and earlier - Changes:
Previous versions of RT used a password hashing scheme which was too 
easy to reverse, which could allow attackers with read access to the RT 
database to possibly compromise users' passwords.  Even if RT does no 
password authentication itself, it may still store these weak password 
hashes -- using ExternalAuth does not guarantee that you are not 
vulnerable!  To upgrade stored passwords to a stronger hash, 
run:   perl etc/upgrade/vulnerable-passwords   "

I did that, but it didn't solve the issue.
Can you give me a hint?

2) Our system which is fresh installed:

Ubuntu 10.04.4 LTS

Apache Version Apache/2.2.14 (Ubuntu)
Apache API Version 20051115

PHP Version 5.3.2-1ubuntu4.14
mysql, Client API version 5.1.61
RT 4.0.5

Data of the former version were imported in a mysql-database (that
worked).

When I try to create a new request, I get the error message:
"Anfrage konnte aufgrund eines internen Fehlers nicht angelegt werden"
(query couldn't be created because of an internal error).
The corresponding entry in the access-log is:
ip.ip.ip.ip - - [18/Apr/2012:08:21:14 +0200] "POST /index.html HTTP/1.1"
200 3736
What's the problem of the system?

Kind regards 

 George



Thomas Sibley wrote:
> 
> Please keep replies on the list.
> 
> On 04/12/2012 12:19 PM, johnathan.bell at baker.edu wrote:
>> Thanks. I'm glad to know that it's something much simpler than I
>> expected. I did read those, but they only mentioned the "standard
>> database upgrade process" as far as I could see. Further research says
>> that's probably going to be "rt-setup-database --action upgrade" or
>> something similar… yes?
> 
> Yes.  The README refers to `make upgrade-database`.  You're running
> Ubuntu packages, so the instructions we write aren't exactly the same as
> what you'll need to do (they apply to the tarball we ship).
> 
> The Ubuntu packages don't run the database upgrades for you; they just
> install the new source.
> 
>> What about the other parts like secure-passwords, etc… the other random
>> "little" scripts in etc/upgrade? Should those be run before or after the
>> rt-setup-database cmd?
> 
> Most are run after.  The docs (docs/UPGRADING*) mention what needs to be
> run during the middle of the upgrade.
> 
> 

-- 
View this message in context: http://old.nabble.com/Upgrading-3.8.4-to-4.0.1---Root-password---tp33676179p33713298.html
Sent from the Request Tracker - User mailing list archive at Nabble.com.