Posting in the Magento forums has been disabled pending the implementation of a new and improved forum solution which should better serve the community.

For new questions please post at magento.stackexchange.com, the community-run support site for the Magento community. We will be providing updates on the new forum solution soon. For questions or concerns please email community@magento.com.

Magento Forum

Updating / Upgrading Magento and Magento Packets
 
tagtech
Jr. Member
 
Total Posts:  14
Joined:  2008-05-01
 

Upgrading/Updating Magento –

What exactly is the best method or methods for upgrading, updating and/or maintaining Magento and Magento Packets?

SVN (SubVersion) -
I see in research that some posts make reference to SVN – which appears to be a nightmarish “code-head” method of updating software.  In the forum and Wiki there are plenty of references to SVN and using it to update parts of Magento, but trying to find laymen’s documentation on how to actually use SVN is a whole other story, it is most difficult to find simple how to instructions for SVN.

Links for how to use SVN would be nice.  A step by step tutorial for SVN would also be nice.  My research shows that SVN appears to be a very powerful package but one needs a “certified code-head’s degree,” to understand how to use SVN. 

It would also be nice if we were told at the time of installation that SVN would be needed so that server admin’s could ensure that SVN was loaded and available.  There is nothing more frustrating than to find out at a later date – “oh I need this package”, only to have to go get it, install it and worry about what it might break.

Magento Connect –
Once installed one finds the Magento Connect in the admin.  This appears simple enough, you find the contribution you want and you put the key in and whola it is downloaded and installed.

But wait, you must make all folders web writeable to use Magento Connect, one must ask – “is this a wise idea?” I have never seen good things happen with all files and/or folders set to 777, in fact we have experienced several problems with folders and/or files being set to 777 so I wonder if this is a good thing?  Then I find out that under the Wiki it says – for those who don’t want to make folders and files 777, you can use PEAR.

What we need here is a script or button one can run/click that temporarily sets the correct permissions on all Magento files and folders to allow for the use of Magento Connect.  Once done using Magento Connect, the admin could then run the script again or click the button and switch the files and folder permissions back to something more secure than 777.

PEAR –
For those of us that don’t use PEAR all the references to PEAR are “greek” to us non-pear users.  So once again it appears that we have another update option, which we must learn.  I am not opposed to learning PEAR and actually after researching it PEAR does appear to be fairly easy to use but nothing with Magento seems to be standardized.

Links to PEAR documentation would be helpful for those of us having to learn or refresh our knowledge on the use of PEAR.  From the examples in the Wiki, it was most difficult to find out how to add the Magento channels to PEAR.

It would have been useful for admins and installers to be made aware of the PEAR option in the beginning during or before installation so as to prevent frustration and confusion brought on by a desire to update current software.  Basically no one likes surprises.

YUM & APT-GET . . .?

Both YUM and APT-GET are universally accepted as mature stable packet managers in all the most popular Linux distros, it would seem to me that Magento being praised as the new upcoming, cutting edge shopping cart would follow suit with others in the field and employee one or both of these packet management systems

YUM –
I posted a thread asking about YUM and not one person responded.  My question here is simple, what is wrong with YUM?  Are there any future plans to implement the use of YUM?

APT-GET –
I posted a thread asking about APT-GET and not one person responded.  Again – my question here is simple, what is wrong with APT-GET?  Are there any future plans to implement the use of APT-GET?

I would like to know from other Magento users and admins the following:

1. What have you found to be the best method or methods for updating/upgrading and maintaining Magento?

2. How many forms of updating and upgrading are used in Magento?  Specifically what methods of updating and upgrading have I missed in this post that I might encounter and have to learn?  I know of SVN and PEAR – what else is there I am missing or will encounter?

3. Has anyone written a script that will temporarily change all Magento files/folders to 777 and allow one to run Magento Connect, then after updating or installing packets, one could run another script that will reset all Magento folders back to the previous privilege settings as they were prior to updating or installation?  For those of us that work from the command line, to CHMOD and get everything back the way it was before running Magento Connect would be a laborious chore to have to do each time one wanted to use Magento Connect.

4. Has anyone experienced any SECURITY problems running all Magento folders/files set to 777 just so they could use Magento Connect?

Standard linux conventions dictate that one does not want to run any file or folders at 777 unless one has to for a very specific reason.  Myself and other Linux admins I have talked to are generally under the impression that running files and folders unnecessarily set to 777 is a security risk.

If I am incorrect about running all files and/or folders set to 777 being a security risk can anyone please illustrate to me how this is not a security risk?

I would like to know the URL’s of stores running their entire installation of Magento set to 777, I would like to look at some of these stores.

Thank you

TagTech

Keywords:
Upgrades, Updates, SVN, PEAR, YUM, Magento Connect, APT-GET,

 
Magento Community Magento Community
Magento Community
Magento Community
 
_ADS_
Jr. Member
 
Total Posts:  15
Joined:  2008-12-02
 

Tagtech,

You sure have a lot of replies to sort from. It seems you haven’t write that big question for nothing, cause you have a lot of replies.

Since I am here, it means that I was asking the same question to myself and then to the search page on magento.

I had a problem last night while doing the ssh folder permissions. Everything went fine with the update and all but after resetting file permissions the site was not working. I reverted back cause the permissions ware not enough on the app/etc/sub_files*
It was not a big deal sine I could have used the “-R” option for app/etc like this:

chmod -R o+w app/etc

Since I am nothing but a self taught user with no magento programming skills I can’t foretell what this change will do.

So...,
Based on all the answers and posts to your question I came to the conclusion that I should try again changing permissions to the file and folders. I will worry later of what will happen if more files need o+w permissions after changing them back.

 
Magento Community Magento Community
Magento Community
Magento Community
Magento Community
Magento Community
Back to top