New requirements in Totara 9.0:
- PHP version 5.5.9 now required (was 5.4.4 in Totara 2.9).
- PHP zlib and OPcache modules now recommended.
- MSSQL only: Database user requires additional permissions: 'ALTER SETTINGS(SERVER)'.
- MSSQL 2008 now required (was 2005 in Totara 2.6).
- Postgres 9.2 now required (was 9.1 in Totara 2.9).
- MySQL 5.5.31 now required (was 5.1.33 in Totara 2.6).
- MariaDB 5.5.31 now required (was 5.3.5 in Totara 2.6).
To upgrade to Totara 9.0 you must be on Totara 2.2.13 or later. If your version is earlier than 2.2.13 the upgrade will not run. Versions of Totara prior to 2.2 must first upgrade to 2.2 via Totara 1.1.17+, then to at least 2.2.13, before upgrading to 9.0. For more information see Upgrading from Moodle.
- Check the live logs to check if any users are currently using the site. The site will be offline while the upgrades are performed (Site administration > Reports > Live Logs).
- Enable maintenance mode in Totara (Site administration > Server > Maintenance Mode).
- Back up the Totara database.
- Back up the sitedata directory.
- Back up the Totara source code directory.
Remove the old source code, and extract the new source code into the source code directory.
Do not copy the new code on top of the existing code folder.
- Navigate to the admin/index.php page. The upgrade process will automatically start.
- Check for warnings or errors on the upgrade review page.
- Edit new settings page if required.
- Disable server maintenance mode.
- Congratulations, your site is now upgraded. Read CHANGELOG.php for details on what is new.
In 9.0 there is now added support for multiple jobs. During upgrade, all existing position assignments are converted to Job Assignments, for more information go to Upgrading and Using Job Assignments.
Password salting & module security
Totara automatically generates and adds a different salt for each user. A site-wide variable for the salt is no longer required for new installations of 2.5 or greater.
Backward compatibility for site upgrades
If you are upgrading a site from 2.4 or below and you are already using a site-wide salt in your configuration file, you need to keep using it to ensure your existing users can still log in.
Each time a user logs in their password hash will be converted to the new scheme, but it may take a long time before all your users have logged in. Alternatively, if you would like to force all your users to use the new scheme you could force reset all passwords using bulk user actions.
Sites running PHP version below 5.3.7
The new password hashing mechanism relies on bcrypt support from PHP which is only normally available in PHP version is 5.3.7 or greater (see note below). If you are using a version of PHP which doesn't properly support bcrypt, Totara will fall back to the old password hashing scheme, so we recommend that you continue to use a site-wide salt until you are able to upgrade PHP.
Note: While an important fix to PHP's hashing algorithm was added in 5.3.7, some distributions of Linux have backported the fix to bcrypt to earlier versions of PHP. This means that some earlier versions of PHP may still work.