Documentation for SELinux package (#2401)
This commit is contained in:
parent
8eec53f8b8
commit
cbb800cdba
|
@ -25,6 +25,7 @@ LemonLDAP::NG provides packages for Red Hat/Centos 7:
|
|||
- lemonldap-ng-fastcgi-server: FastCGI server needed to use Nginx
|
||||
- lemonldap-ng-nginx: contains Nginx configuration and dependencies
|
||||
- lemonldap-ng-uwsgi-app: contains Uwsgi application
|
||||
- lemonldap-ng-selinux: contains the SELinux policy for httpd
|
||||
- perl-Lemonldap-NG-Common: CPAN - Shared modules
|
||||
- perl-Lemonldap-NG-Handler: CPAN - Handler modules
|
||||
- perl-Lemonldap-NG-Manager: CPAN - Manager modules
|
||||
|
@ -124,6 +125,9 @@ If the packages are stored in a yum repository:
|
|||
|
||||
yum install lemonldap-ng
|
||||
|
||||
# If you use SELinux
|
||||
yum install lemonldap-ng-selinux
|
||||
|
||||
You can also use yum on local RPMs file:
|
||||
|
||||
::
|
||||
|
|
|
@ -42,6 +42,8 @@ CentOS / RHEL
|
|||
yum update
|
||||
yum install epel-release
|
||||
yum install lemonldap-ng
|
||||
# If you use SELinux
|
||||
yum install lemonldap-ng-selinux
|
||||
|
||||
SSO domain configuration
|
||||
------------------------
|
||||
|
|
|
@ -4,11 +4,27 @@ SELinux
|
|||
To make LemonLDAP::NG work with SELinux, you may need to set up some
|
||||
options.
|
||||
|
||||
SELinux policy package
|
||||
----------------------
|
||||
|
||||
If you are using a RPM distribution and Apache as the web server, you need to
|
||||
install the ``lemonldap-ng-selinux`` package to configure SELinux context correctly ::
|
||||
|
||||
yum install lemonldap-ng-selinux
|
||||
|
||||
.. note::
|
||||
On CentOS 8 and Fedora, this is done automatically
|
||||
|
||||
This package will not configure SELinux booleans, please read the next sections to see which booleans you need to enable manually
|
||||
|
||||
Disk cache (sessions an configuration)
|
||||
--------------------------------------
|
||||
|
||||
You need to set the correct context on the cache directory
|
||||
|
||||
.. deprecated:: 2.0.10
|
||||
this is now done by the ``lemonldap-ng-selinux`` package
|
||||
|
||||
::
|
||||
|
||||
semanage fcontext --add -t httpd_cache_t -f a '/var/cache/lemonldap-ng(/.*)?'
|
||||
|
|
|
@ -23,6 +23,7 @@ backups and a rollback plan ready!
|
|||
- New dependency: IO::Socket::Timeout
|
||||
- TOTP check tolerates forward AND backward clock drift (totp2fRange)
|
||||
- Avoid assignment in expressions option is disabled by default
|
||||
- RHEL/CentOS SELinux users should install the new ``lemonldap-ng-selinux`` package to fix `an issue with the new default cache directory <https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/2401>`__
|
||||
|
||||
2.0.9
|
||||
-----
|
||||
|
|
Loading…
Reference in New Issue
Block a user