version 1.3, 2021/03/09 13:49:36
|
version 1.4, 2021/03/17 17:03:32
|
Line 84 There are a few steps that require comme
|
Line 84 There are a few steps that require comme
|
IP address. When configuring your network card, be sure to unselect |
IP address. When configuring your network card, be sure to unselect |
the DHCP option and enter in your network information.</dd> |
the DHCP option and enter in your network information.</dd> |
<dt>Software</dt> |
<dt>Software</dt> |
<dd>Click the "Customize Now" radio button and for a minimal install uncheck all packages except "Base" in the Base System category. If you leave other packages checked in any of the other categories, you'll need additional ISO CDs.</dd> |
<dd>Click the "Customize Now" radio button and select a minimal install. |
</dl> |
</dl> |
<p> |
<p> |
Finish installing your server, reboot it, and log in as root. |
Finish installing your server, reboot it, and log in as root. |
</p> |
</p> |
<h3>Firewall and SELinux Configuration</h3> |
<h3>Firewall and SELinux Configuration</h3> |
<p> |
<p> |
The first time you log-in, the Setup Agent will be displayed. (If you exit it early you can enter it again by running the command |
Starting with LON-CAPA 2.11.3 you have the option of using either firewalld or iptables to |
|
manage the Firewall on your CentOS 7 server/VM, as both are compatible with LON-CAPA's |
|
port management.</p> |
|
<p>Enable access to standard web server ports (i.e., http and https) as follows, if |
|
using firewalld::</p> |
|
<pre> |
|
systemctl enable firewalld |
|
systemctl start firewalld |
|
firewall-cmd --zone=public --permanent --add-service=http |
|
firewall-cmd --zone=public --permanent --add-service=https |
|
firewall-cmd --reload |
|
</pre> |
|
<p>If you prefer to use the traditional iptables package instead of the default firewalld, |
|
you will need to install iptables-services, disable firewalld, enable iptables, and then |
|
use the system-config-firewall-tui tool to configure the Firewall. |
</p> |
</p> |
<pre> |
<pre> |
setup |
yum install iptables-services |
|
systemctl mask firewalld |
|
systemctl enable iptables |
|
systemctl enable ip6tables |
|
systemctl stop firewalld |
|
systemctl start iptables |
|
systemctl start ip6tables |
</pre> |
</pre> |
<p> |
<p> |
This tool should be used to configure the Firewall and SELinux. |
Install the system-config-firewall-tui package and configure the Firewall. |
</p> |
</p> |
|
<pre> |
|
yum install system-config-firewall-tui |
|
system-config-firewall-tui |
|
</pre> |
<ol> |
<ol> |
<li>Select Security Level: Enabled, and Customize, to allow |
<li>Select Security Level: Enabled, and Customize, to allow |
incoming: SSH (remote login), WWW (HTTP) and secure WWW |
incoming: SSH (remote login), WWW (HTTP) and secure WWW |
(HTTPS). |
(HTTPS). |
</li> |
</li> |
<li>Set SELinux to Disabled.</li> |
|
<li>Select OK, and then Quit</li> |
<li>Select OK, and then Quit</li> |
</ol> |
</ol> |
|
|
Line 128 Reboot your system before continuing wit
|
Line 151 Reboot your system before continuing wit
|
Retrieve the scientific_loncapa_yum.conf file from the LON-CAPA install site: |
Retrieve the scientific_loncapa_yum.conf file from the LON-CAPA install site: |
</p> |
</p> |
<pre> |
<pre> |
|
yum install wget |
wget http://install.loncapa.org/versions/scientific/7/scientific7_loncapa_yum.conf |
wget http://install.loncapa.org/versions/scientific/7/scientific7_loncapa_yum.conf |
</pre> |
</pre> |
<p> |
<p> |
Line 159 The list of enabled repos should be as f
|
Line 183 The list of enabled repos should be as f
|
<tr><td>sl-security/x86_64</td><td>Scientific Linux 7x - x86_64 - security updates</td></tr> |
<tr><td>sl-security/x86_64</td><td>Scientific Linux 7x - x86_64 - security updates</td></tr> |
</table> |
</table> |
|
|
|
<h3>Configure SELinux</h3> |
|
<p> |
|
The default Scientific Linux 7 installation includes SELinux enabled. Until such time as an SELinux security policy has been created for LON-CAPA, SELinux should be disabled. |
|
Retrieve the loncapa_selinux_config file from the LON-CAPA install site: |
|
</p> |
|
<pre> |
|
wget http://install.loncapa.org/versions/scientific/7/loncapa_selinux_config |
|
</pre> |
|
<p> |
|
Install the selinux config file |
|
</p> |
|
<pre> |
|
mv /etc/selinux/config /etc/selinux/config.backup |
|
mv loncapa_selinux_config /etc/selinux/config |
|
reboot |
|
</pre> |
|
|
<h2>5. <a name="ilc">Installing LON-CAPA</a></h2> |
<h2>5. <a name="ilc">Installing LON-CAPA</a></h2> |
<h3>Import the LON-CAPA encryption key</h3> |
<h3>Import the LON-CAPA encryption key</h3> |
<pre>rpm --import http://install.loncapa.org/versions/scientific/RPM-GPG-KEY-loncapa</pre> |
<pre>rpm --import http://install.loncapa.org/versions/scientific/RPM-GPG-KEY-loncapa</pre> |
Line 259 for it to function at all. Below is a l
|
Line 300 for it to function at all. Below is a l
|
To configure and install LON-CAPA, execute the following commands: |
To configure and install LON-CAPA, execute the following commands: |
</p> |
</p> |
<pre> |
<pre> |
cd /root/loncapa-X.Y.Z (X.Y.Z should correspond to a version number like '2.11.1') |
cd /root/loncapa-X.Y.Z (X.Y.Z should correspond to a version number like '2.11.1') |
./UPDATE |
./UPDATE |
</pre> |
</pre> |
<p> |
<p> |
Line 288 will be apparent at this step.
|
Line 329 will be apparent at this step.
|
</p> |
</p> |
<pre> |
<pre> |
/etc/init.d/loncontrol start |
/etc/init.d/loncontrol start |
/etc/init.d/httpd start |
systemctl start httpd |
</pre> |
</pre> |
<p> |
<p> |
If you receive warnings when starting the httpd about missing perl modules, |
If you receive warnings when starting the httpd about missing perl modules, |