Perforce Notes

Right after you install perforce server, it’s in a sort of initialization mode where there is no password for the default “root” user. Anybody can connect and act as that root user by simply connecting as the user “root”. So, you want to lock that down a bit. “p4 protect” is how you do this.

p4 protect may seem like where you would do user permissions. I guess you *could*, but it’s intended more as a sort of global permissions layer, where you can set some hard limits. By default all “users” will have “write” permission on everything in the instance. You can then later specify different permissions in the Perforce administration app via a client.

If you comment out the line that specifies “user” permissions in p4 protect, it will actually remove the line entirely, and only the “root” user will be able to connect at that point.. So I’m thinking of p4 protect as a sort of way to lock everyone but “root” out of the instance without messing with a full p4 client, e.g. you’re at the host console and you just need to quickly do something drastic without hosing lots of stuff.

Note, to connect with p4 connect to a specific port with a specific password you need to set some environment variables really quick before running “p4 protect”:
export P4PORT=1667
export P4PASSWD=Changeme41
– these assume the user is the OS user you’re running the p4 protect command under.

Installing Perforce on CentOS 6.7

Install CentOS minimal

Start NIC
ifup eth0

yum update
yum install nano

Stop and disable firewall (I assume you have some other firewall):
service firewall stop
chkconfig firewall off

disable selinux:
nan /etc/selinux/config
-change to ‘disabled’
-reboot

Set up the Perforce repo as described here: http://ift.tt/1PPCkd6

Install perforce server:
yum install perforce-server.x86_64

Set up a config file for an instance of perforce server that we’ll call “capnjosh1”:
cp /etc/perforce/p4dctl.conf.d/p4d.template /etc/perforce/p4dctl.conf.d/capnjosh1.conf

edit that new conf file:
replace %NAME% with “capnjosh1”
replace %ROOT% with where you want the files to be (/capnjosh1-p4root)
replace %PORT% with 1666

create the directory and make owned by the user perforce (automatically set up by the yum installation):
mkdir /capnjosh1-p4root
chown perforce:perforce /capnjosh-p4root/

Start perforce server:
service perforce-p4dctl start

Run p4 protect to set up core permissions:
p4 protect
-by default it’ll give the OS account ‘root’ full perforce access
(if you set to a different port besides 1666, you will have to set this environment variable “export P4PORT=1667”, or whatever port number you put)

If it doesn’t start, it’ll say as much… likely check your p4root folder and make sure it’s owned by the ‘perforce’ user.

Here’s what’s cool, if you want to add more perforce instances, just copy-paste that .conf file and change the name, port, and p4root path.

When you uninstall perforce, it’ll auto-rename your .conf files so they won’t get auto-loaded if you reinstall perforce again.

Configuring Confluence to Use Jira for Authentication when machines are behind a proxy

Here’s the key:

add the proxy configs to catalina.properties, just at the end, one per line. This is only mentioned in the Confluence-proxy article I found, but it works with Jira as well. Much cleaner.

/opt/atlassian/confluence/conf/catalinia.properties. Here’s what I added to the end of that file:

# Proxy Settings
http.proxyHost=10.22.1.2
http.proxyPort=8080
https.proxyHost=10.22.1.2
https.proxyPort=8080
http.nonProxyHosts=localhost\|10.22.18.45

NOTE: that nonProxyHosts doesn’t *seem* to work with wildcards, e.g. 10.*.*.*
When I did it this way I could never get Confluence to actually connect to Jira and Jira to connect to Confluence. You have to specify the entire IP address. Otherwise, you’ll get messages about “connection refused” or “the application doesn’t appear to be online”. Not very helpful at all, no sir.