Building and Installing on Mac OS X
From cosign wiki
Contents |
Overview
This page will guide you through building and installing Cosign on Mac OS X. For additional notes regarding an installation on Mac OS X Server, please see Leopard Server Install.
Building and Installing
Requirements
You will need to have the current Xcode Tools installed. Download them from Apple's developer site or the Mac App Store. These notes also assume you have Apache 1.x or Apache2 installed. Recent Mac OS X releases include Apache2.
Get the Source
Download the latest release of Cosign from weblogin.org.
Configure the Build
In Terminal, decompress the archive and change to the Cosign source directory:
tar zxf cosign-VERSION.tar.gz cd cosign-VERSION
If building for Apache 1.x, use --enable-apache1=/path/to/apxs. If building for Apache2, use --enable-apache2=/path/to/apxs2. If building for Mac OS X Server, you'll probably want to add --enable-universal-binaries, which will give you four-architecture (i386, x86_64, ppc, and ppc64) binaries of the daemon, CGIs, and the Apache filters.
./configure --enable-apache2=/usr/sbin/apxs --enable-universal-binaries \ --enable-krb --with-gss
NOTE: For Mac OS X 10.7 Server, you can not build universal binaries, so the command would be:
./configure --enable-apache2=/usr/sbin/apxs --enable-krb --with-gss
Build the Apache Filter
make
NOTE: For Mac OSX 10.8 Server, XCode 4.4 (as of it's first release in July 2012) has a bug where a compiler path is missing. Before running "make", you will need to do this:
cd /Applications/Xcode.app/Contents/Developer/Toolchains
sudo ln -s XcodeDefault.xctoolchain OSX10.8.xctoolchain
Running "make" at this point will generate a lot of "deprecated" warning messages -- these can be ignored when installing cosign 3.2.0 (as of August 2012)
Build All Weblogin Components (Optional)
If you intend to set up a weblogin environment, you'll need to build the daemon and CGIs:
make everything
Install
make install
or
make install-all
if you're setting up a central weblogin server.
Create Support Directories
The cosign filter, [mod_cosign], by default stores service cookies in /var/cosign/filter. You can override the location of the service cookie directory using the [CosignFilterDB] directive, but the default location is fine for most uses. The directory must exist, and the Apache user, www, must be the owner of the directory:
sudo -s Password: root# mkdir -p -m 0750 /var/cosign/filter root# chown www:www /var/cosign/filter
Next Steps
At this point, you should have all the pieces in place. For instructions on configuring Cosign with Apache, please see these instructions. The Leopard Server Install and Lion Server Install notes, although focused on the University of Michigan's environment, should help get you up and running on Mac OS X Server. This page describes setting up a complete weblogin environment.
Questions and discussion are always welcomed on the cosign-discuss mailing list.