Andreas/tracks
1
0
Fork 0
mirror of https://github.com/TracksApp/tracks.git synced 2025-12-16 23:30:12 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

initial draft complete

rharmonson 2014-06-26 16:15:41 -07:00
parent 196432e2aa
commit 87ef0e626e
1 changed files with 8 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

15
Installing-Tracks-2.2.2-on-CentOS-6.5-Minimal-x86_64.md

@ -1013,7 +1013,7 @@ At the bottom of the file, add the following:
###SELinux ###SELinux
Configure SELinux to use permissive mode due to Phusion Passenger is going to be blocked by SELinux. Use permissive versus diabled to log passenger activities. Configure SELinux to use permissive mode due to Phusion Passenger is going to be blocked by SELinux. Use permissive versus diabled to log passenger activities.
``` ```
$ sudo vi /etc/selinux/conf $ sudo vi /etc/selinux/config
``` ```
Then for this session set SELinux to be permissive or reboot. Then for this session set SELinux to be permissive or reboot.
@ -1021,7 +1021,7 @@ Then for this session set SELinux to be permissive or reboot.
$ sudo setenforce 0 $ sudo setenforce 0
``` ```
Once Tracks installation is complete and been in use for a while, you can create a SELinux module. See the section titled "SELinux module" below for instructions. Once Tracks installation is complete and been in use for a while, you can create a SELinux module. See the section titled "SELinux Passenger module" below for instructions.
###Firewall & Apache2 ###Firewall & Apache2
Open firewall for Apache by 'customizing' and permitting http or web traffic (80 TCP). You may, also, remove the previous rule for port 3000 TCP. Open firewall for Apache by 'customizing' and permitting http or web traffic (80 TCP). You may, also, remove the previous rule for port 3000 TCP.
@ -1065,10 +1065,10 @@ Alternatively, You can simply create an action specifying a new context and new
#Other Considerations #Other Considerations
##SELinux Passenger Module ##SELinux Passenger module
The process that follows can be used for creating security modules for SELinux. Alternatively, you can disable SELinux, but that would be unwise. The process that follows can be used for creating security modules for SELinux. Alternatively, you can disable SELinux, but that would be unwise.
Temporarily go into SELinux permissive mode. SELinux must be set to permissive mode versus disabled to captures events to logs. Either update \etc\selinux\config` as decribed above or execute setenforce.
``` ```
$ sudo setenforce 0 $ sudo setenforce 0
``` ```
@ -1078,8 +1078,9 @@ Restart Apache
$ sudo service httpd restart $ sudo service httpd restart
``` ```
Start using your Rails application Start using your rails application, Tracks.
Walk through SELinux log and generate new SELinux policy module
Later, walk through SELinux's log and generate new SELinux policy module.
``` ```
$ sudo grep httpd /var/log/audit/audit.log | audit2allow -M passenger $ sudo grep httpd /var/log/audit/audit.log | audit2allow -M passenger
``` ```
@ -1089,7 +1090,7 @@ Install newly created SELinux module
$ sudo semodule -i passenger.pp $ sudo semodule -i passenger.pp
``` ```
Switch SELinux back into enforcing mode. Set SELinux to enforcing mode. Update `/etc/selinux/config` or execute setenforce as appropriate.
``` ```
$ sudo setenforce 1 $ sudo setenforce 1
``` ```