Skip to content

Installation: Incorporating SELinux

Jump to bottom Edit New page
acozine edited this page May 28, 2013 · 4 revisions

If you're using CentOS with SELinux, we recommend turning SELinux off during your installation process. If you've finished the installation and successfully transcoded and downloaded a file, you may want to reinstate SELinux. Here are our notes about how to configure it to work with HydraDAM.

  1. Edit /etc/sysconfig/selinux with sudo vi /etc/sysconfig/selinux and set SELINUX=enforcing.
  2. Confirm that you can turn SELinux on and off: sudo getenforce will return "enforcing" if SELinux is installed and running; sudo setenforce 0 temporarily turns SELinux off; sudo setenforce 1 turns it back on.
  3. Install the SELinux development tools: sudo yum install –y policycoreutils-python
  4. Enable passenger to work with SELinux:
    1. Switch SELinux off with sudo setenforce 0
    2. Walk through SELinux log and generate new SELinux policy module
      grep httpd /var/log/audit/audit.log | audit2allow -M passenger
    3. Install newly created SELinux module semodule -i passenger.pp
    4. Switch SELinux back into enforcing mode setenforce 1
  5. Enable apache to work with SELinux: sudo /usr/sbin/setsebool -P httpd_can_network_connect=1
  6. Enable mysql to run in the nonstandard directory (/opt/mysql) with SELinux:
    sudo semanage fcontext –a –t mysqld_db_t “/opt/mysql(/.*)?”
    sudo restorecon –Rv /opt/mysql
  7. Turn SELinux on: sudo setenforce 1
  8. Restart mysql, tomcat, and apache, then try again to upload a file
Add a custom footer
Add a custom sidebar
Clone this wiki locally