Logical Outcome Ltd.

The Mantis Bug Tracker setup is simple when running in a local environment, where you can control everything. in a LAMP system (Linux, Apache, MySQL, PHP), the Mantis BT installer is capable of most of the install. Only one additional step (creation of a MySQL userid) may be needed. See Secure MySQL Setup for details.

In a hosted environment, there is more work to do. This description is based on using cPanel. The steps are as follows:

1. create a new database for Mantis. From the Control Panel, select MySQL Databases. Under Databases, enter a new name and click the Add Database button.

2. create a new User (or two for the secure setup). Under "Users" on the same page, enter the new user name, and click "Add User".

3. Link the new user(s) to the database. In the "Databases" section, you should see an entry for the new database. Note that it will be prefixed by your user account name (e.g., xyz_mantis). Underneath that, there will be a dropdown menu listing all or your database users (similarly with names like xyz_mantisweb). In the simple case, select the "all" privileges checkbox and click "Add User to Database" button. The database is now ready to use. The listing will look similar to that below:

   
   

4. Copy the Mantis code to the hosted site. I usually ftp the code from my development site to the host. For a standard install, you can use the File Manager to upload the distribution .zip file to the "public_html" folder on your host. The folder can then be extracted by clicking on it, and selecting the "Extract Files from Folder" link.

5. Make the new Mantis folder writable (to allow for initial setup). Select the Mantis folder in the File Manager, and select the "Change Permissions" link. Make the folder writable by clicking the checkbox at the intersection of "world" and "write" and clicking "Change". 

6. Run the Mantis installer to complete the installation. Access the web page at http://<your host>/mantisbt/admin/install.php. This should check your server and present you with a list of options to initialize the system. The boxes should be filled in as follows:

   Type of Database	MySql (default)MySqliMicrosoft SQL Server (experimental)PGSQL (experimental)Oracle - oci8 (Experimental)db2/400 (experimental)
   Hostname (for Database Server)
   Username (for Database)
   Password (for Database)
   Database name (for Database)
   Admin Username (to create Database)
   Admin Password (to create Database)
   Print SQL Queries instead of Writing to the Database

   If you created a single user with all permissions, this is complete. Click the "Install/Upgrade Database" button to continue. In the dual user scenario, the user with all permissions goes in the lower set of username/password fields (Admin), and the lesser permissions goes in the upper block. 

   Note that you will see at least one "Possible Problem" while installing the database. The installer will complain about not being able to log in to MySQL without specifying a database, as well as not being able to create the database. These messages can be ignored.

7. Make the new Mantis folder read-only again. Select the Mantis folder in the File Manager, and select the "Change Permissions" link. Make the folder unwritable by clicking the checkbox at the intersection of "world" and "write" and clicking "Change". 

Mantis should be fully functional now.

This page was originally posted at http://www.futureware.biz/blog/index.php?title=mysql_setup_for_use_with_mantis&more=1&c=1&tb=1&pb=1.

In some environments, additional database security may be desired when running a Mantis installation. The key to this is to restrict what the database userid can do. Note that database userids are distinct from system login or mantis user names, and are specific to the database system being used.

The following restrictions should be put in place:

• The userid should be restricted in terms of where it can access the database from. MySQL permissions can lock out access by host name or IP address. The database should only be accessible from the web server.
• The userid should be restricted in terms of what databases it can access. For the most secure setup, a new userid should be defined that only has access to the Mantis database.
• The userid should be restricted in terms of what it can do to the database. The operating user only requires SELECT, INSERT, UPDATE, and DELETE privileges.

Thus, you should create a new userid within MySQL to run the Mantis installation. You can create this user using the following command while in the mysql command line tool:

GRANT SELECT, INSERT, UPDATE, DELETE ON bugtracker.* TO mantis_user@hostname IDENTIFIED by password; where mantis_user is the new mantis userid, hostname is the name of the host running the web server, and password is the password. You may need to repeat this command for both a host named 'localhost' and one with the hostname as defined in the host's DNS entry.

To update the database using the internal tools, you may require a userid with additional privileges. At a minimum, you would need to add ALTER, INDEX, CREATE, DELETE, and DROP privileges to another user for database upgrades. Before the 1.0.0 release, you would need to manually edit the config_inc.php file to replace the userid and password to update the database structures. With version 1.0.0, the system installer allows for a second administrative userid to be used specifically for this purpose. You can create this user using the following command while in the mysql command line tool:

GRANT ALL ON bugtracker.* TO mantis_admin@hostname IDENTIFIED by password;