Moodle on Centos or Red Hat 7 (with SELinux!)

Why the need for another 'Installing Moodle' guide? Two reasons, Systemd and SELinux.
The steps are presented as a Bash script, which may be run on a virgin system, installing a complete working Moodle stack in one go, including enforcing SELinux.

In addition to the absolute basics it also includes adding ClamAV virus for file uploads and Memcached for sessions and 'MUC'.

It does not cover any extras you will need to get your site up to production, e.g. securing your database or updating your virus definitions automatically. Neither does it do any extra PHP configuration (upload limits, execution time etc.) or any extra complexities that might be desirable. For all of this you should goto docs.moodle.org.

Comments

  1. Hi,

    your script works like a charm on Centos 7 minimal install, but SELINUX is driving me CRAZY... I'm trying to authenticate against an LDAP Server so I reinstalled php_ldap, configured this but SE Linux blocks my attempt to do a LDAP authentication...

    Error is:
    type=AVC msg=audit(1445443071.092:399): avc: denied { name_connect } for pid=1890 comm="httpd" dest=389 scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:object_r:ldap_port_t:s0 tclass=tcp_socket type=SYSCALL msg=audit(1445443071.092:399): arch=c000003e syscall=42 success=noexit=-13 a0=c a1=7fa6b062b370 a2=10 a3=0 items=0 ppid=1123 pid=1890 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="httpd" exe="/usr/sbin/httpd" subj=system_u:system_r:httpd_t:s0 key=(null)

    I'm new to selinux (and I clearly understand its necessity) but I have no idea, which bool to set to allow httpd to state LDAP queries...

    Can you help me out?

    Thanks and Keep up the good work...

    best regards...

    ReplyDelete
  2. And here is the solution...

    I've just entered the following:

    setsebool -P httpd_can_network_connect=1

    and now it is working like a charm, even with ldap authentication...

    Keep up the good work!

    ReplyDelete
    Replies
    1. Great stuff, glad you found it useful.

      Delete

Post a Comment

Popular posts from this blog

Raspberry Pi A2DP Bluetooth Audio Receiver

Blocking Adverts from the Roku Menu