Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
tutorial:adm:czechidm_installation [2019/06/04 11:44] urbanl odebrany known issues, problem se selinuxem byl dan do navodu server preparation linux |
tutorial:adm:czechidm_installation [2019/06/10 13:17] urbanl [10. Final Steps] |
||
---|---|---|---|
Line 439: | Line 439: | ||
Follow some final configuration steps: [[tutorial: | Follow some final configuration steps: [[tutorial: | ||
+ | === On CentOS set permisive mod on Tomcat === | ||
+ | SELinux will deny acces to the database for tomcat and won't allow create files by him. The tomcat will write error to the ''/ | ||
+ | |||
+ | To fix this we need set the permissive mode for tomcat: | ||
+ | < | ||
+ | semanage permissive -a tomcat_t | ||
+ | </ | ||
+ | |||
+ | <note warning> | ||
+ | Evaluate impact of SELinux adjustments **before** you implement them. Proper mitigation heavily depends on habits and security policies of your organization. | ||
+ | |||
+ | There are some possibilities: | ||
+ | * Set permissive mode for logrotate as above. | ||
+ | * Set permissive mode for whole SELinux. (This will drop the SELinux' | ||
+ | * Adjust particular SELinux labels. Example ([[https:// | ||
+ | </ |