Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision Both sides next revision
tutorial:adm:czechidm_installation [2019/03/18 14:46]
urbanl new tomcat instalation 		tutorial:adm:czechidm_installation [2019/06/04 11:44]
urbanl odebrany known issues, problem se selinuxem byl dan do navodu server preparation linux
Line 439: Line 439:
 Follow some final configuration steps: [[tutorial:adm:czechidm_installation_finalize|]]. Follow some final configuration steps: [[tutorial:adm:czechidm_installation_finalize|]].
  
-=== Known Isues === 
-It is possible that, on some distros, SELinux will deny acces to the database for tomcat. The tomcat will error to the ''/var/log/tomcat/catalina.out''or ''/var/log/messages'' line similar to ''org.postgresql.util.PSQLException: Connection to localhost:5432 refused. Check that the hostname and port are correct and that the postmaster is accepting TCP/IP connections.''. 
- 
-If this happens, set the permissive mode for tomcat: 
-<code> 
-semanage permissive -a tomcat_t 
-</code> 
- 
-<note warning> 
-Evaluate impact of SELinux adjustments **before** you implement them. Proper mitigation heavily depends on habits and security policies of your organization. 
- 
-There are some possibilities: 
-  * Set permissive mode for logrotate as above. 
-  * Set permissive mode for whole SELinux. (This will drop the SELinux's protective function.) 
-  * Adjust particular SELinux labels. Example ([[https://access.redhat.com/solutions/39006|here]]). 
-</note> 
  • by kralikf