install:centos
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
install:centos [2016-03-16 14:36] – [Firewall Rules] 24.78.88.211 | install:centos [2023-04-27 16:18] (current) – fix 96.225.177.69 | ||
---|---|---|---|
Line 1: | Line 1: | ||
===== CentOS ===== | ===== CentOS ===== | ||
- | CentOS 7.x | + | CentOS 7.x with firewallcmd |
==== Firewall Rules ==== | ==== Firewall Rules ==== | ||
Incoming traffic on port 80 may be blocked by default. If so, we must create a permanent firewall rule to accept incoming traffic to our DokuWiki website. | Incoming traffic on port 80 may be blocked by default. If so, we must create a permanent firewall rule to accept incoming traffic to our DokuWiki website. | ||
sudo firewall-cmd --permanent --zone=public --add-service=http | sudo firewall-cmd --permanent --zone=public --add-service=http | ||
- | sudo firewall-cmd --reload | + | sudo firewall-cmd --reload |
==== Apache ==== | ==== Apache ==== | ||
- | Ensure apache service always starts on boot. | + | Ensure apache service always starts on boot. |
sudo systemctl enable httpd.service | sudo systemctl enable httpd.service | ||
- | mod_rewrite must be enabled so the .htaccess file which locks down the ///data// directory can be executed. | + | mod_rewrite must be enabled so the .htaccess file which locks down the ///data// directory can be executed. |
- | Add the following | + | mod_rewrite is enabled by default on CentOS 7.x, if you need to re-enable it add the following line to a new .conf file and restart apache to load the mod_rewrite module |
echo LoadModule rewrite_module modules/ | echo LoadModule rewrite_module modules/ | ||
sudo systemctl restart httpd.service | sudo systemctl restart httpd.service | ||
Line 24: | Line 23: | ||
CentOS comes with SELinux enabled by default which prevents the apache user from writing to the Document Root and sub directories. | CentOS comes with SELinux enabled by default which prevents the apache user from writing to the Document Root and sub directories. | ||
- | Option 1 | + | === Option 1 === |
- | We will now modify | + | Switch |
sudo yum install policycoreutils-python | sudo yum install policycoreutils-python | ||
Line 31: | Line 30: | ||
- | Option 2 | + | === Option 2 === |
- | Modify context (conf & data directories) | + | Modify |
+ | |||
+ | sudo semanage fcontext -a -t httpd_sys_rw_content_t "/ | ||
+ | sudo semanage fcontext -a -t httpd_sys_rw_content_t "/ | ||
+ | sudo restorecon -Rv / | ||
+ | sudo restorecon -Rv / | ||
+ | |||
+ | Using the Wiki Upgrade Plugin & the Extension Manager \\ | ||
+ | To use the Wiki Upgrade Plugin & the Extension Manager with option 2 you also have to grant apache access to the network, otherwise you will get the error : **Could not connect Permission denied** | ||
+ | |||
+ | sudo setsebool -P httpd_can_network_connect on | ||
+ | |||
+ | check with '' | ||
+ | |||
+ | Allowing apache to send mail using postfix \\ | ||
+ | If you get error : **open / | ||
+ | |||
+ | sudo setsebool -P httpd_can_sendmail on | ||
+ | |||
+ | check with '' | ||
+ | |||
+ | Additionally you need to modify the SElinux context for the extension manager: | ||
+ | sudo semanage fcontext -a -t httpd_sys_rw_content_t "/ | ||
+ | sudo restorecon -Rv / | ||
+ | sudo semanage fcontext -a -t httpd_sys_rw_content_t "/ | ||
+ | sudo restorecon -Rv / | ||
+ | |||
+ | When using the Wiki Upgrade Plugin, temporary access is needed for all dokuwiki directories, | ||
+ | - Change the SElinux context for the dokuwiki folder:< | ||
+ | sudo semanage fcontext -a -t httpd_sys_rw_content_t "/ | ||
+ | sudo restorecon -Rv / | ||
+ | - Use the wiki upgrade plugin to perform the upgrade | ||
+ | - Remove the SElinux context from the dokuwiki folder:< | ||
+ | sudo semanage fcontext --delete "/ | ||
+ | sudo restorecon -Rv / | ||
- | sudo chcon -Rv --type=httpd_sys_rw_content_t / | + | === Troubleshooting === |
- | sudo chcon -Rv --type=httpd_sys_rw_content_t / | + | |
- | + | ||
- | sudo semanage fcontext -a -t httpd_sys_rw_content_t / | + | |
- | sudo semanage fcontext -a -t httpd_sys_rw_content_t / | + | |
- | sudo restorecon -v / | + | |
- | sudo restorecon -v / | + | |
+ | If a HTTP 500 error code is returned, maybe the SELinux context of the files in the / |
install/centos.1458135398.txt.gz · Last modified: 2016-03-16 14:36 by 24.78.88.211