dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Documentation for SELinux package (#2401)

Browse Source
This commit is contained in:
Maxime Besson 2020-12-16 16:25:50 +01:00
parent 8eec53f8b8
commit cbb800cdba
4 changed files with 23 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
doc/sources/admin/installrpm.rst
View File

@ -25,6 +25,7 @@ LemonLDAP::NG provides packages for Red Hat/Centos 7:
- lemonldap-ng-fastcgi-server: FastCGI server needed to use Nginx - lemonldap-ng-fastcgi-server: FastCGI server needed to use Nginx
- lemonldap-ng-nginx: contains Nginx configuration and dependencies - lemonldap-ng-nginx: contains Nginx configuration and dependencies
- lemonldap-ng-uwsgi-app: contains Uwsgi application - lemonldap-ng-uwsgi-app: contains Uwsgi application
- lemonldap-ng-selinux: contains the SELinux policy for httpd
- perl-Lemonldap-NG-Common: CPAN - Shared modules - perl-Lemonldap-NG-Common: CPAN - Shared modules
- perl-Lemonldap-NG-Handler: CPAN - Handler modules - perl-Lemonldap-NG-Handler: CPAN - Handler modules
- perl-Lemonldap-NG-Manager: CPAN - Manager modules - perl-Lemonldap-NG-Manager: CPAN - Manager modules
@ -124,6 +125,9 @@ If the packages are stored in a yum repository:
yum install lemonldap-ng yum install lemonldap-ng
# If you use SELinux
yum install lemonldap-ng-selinux
You can also use yum on local RPMs file: You can also use yum on local RPMs file:
:: ::

2
doc/sources/admin/quickstart.rst
View File

@ -42,6 +42,8 @@ CentOS / RHEL
yum update yum update
yum install epel-release yum install epel-release
yum install lemonldap-ng yum install lemonldap-ng
# If you use SELinux
yum install lemonldap-ng-selinux
SSO domain configuration SSO domain configuration
------------------------ ------------------------

16
doc/sources/admin/selinux.rst
View File

@ -4,11 +4,27 @@ SELinux
To make LemonLDAP::NG work with SELinux, you may need to set up some To make LemonLDAP::NG work with SELinux, you may need to set up some
options. options.
SELinux policy package
----------------------
If you are using a RPM distribution and Apache as the web server, you need to
install the ``lemonldap-ng-selinux`` package to configure SELinux context correctly ::
yum install lemonldap-ng-selinux
.. note::
On CentOS 8 and Fedora, this is done automatically
This package will not configure SELinux booleans, please read the next sections to see which booleans you need to enable manually
Disk cache (sessions an configuration) Disk cache (sessions an configuration)
-------------------------------------- --------------------------------------
You need to set the correct context on the cache directory You need to set the correct context on the cache directory
.. deprecated:: 2.0.10
this is now done by the ``lemonldap-ng-selinux`` package
:: ::
semanage fcontext --add -t httpd_cache_t -f a '/var/cache/lemonldap-ng(/.*)?' semanage fcontext --add -t httpd_cache_t -f a '/var/cache/lemonldap-ng(/.*)?'

1
doc/sources/admin/upgrade_2_0_x.rst
View File

@ -23,6 +23,7 @@ backups and a rollback plan ready!
- New dependency: IO::Socket::Timeout - New dependency: IO::Socket::Timeout
- TOTP check tolerates forward AND backward clock drift (totp2fRange) - TOTP check tolerates forward AND backward clock drift (totp2fRange)
- Avoid assignment in expressions option is disabled by default - Avoid assignment in expressions option is disabled by default
- RHEL/CentOS SELinux users should install the new ``lemonldap-ng-selinux`` package to fix `an issue with the new default cache directory <https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/2401>`__
2.0.9 2.0.9
----- -----