hans/Nominatim
1
0
Fork 1
mirror of https://github.com/osm-search/Nominatim.git synced 2026-02-26 11:08:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

CentOS: move SELinux setup step so it can install in /srv

Browse Source
This commit is contained in:
marc tobias
2018-02-27 17:02:37 +01:00
parent c3e5654113
commit b303c785e9
2 changed files with 20 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
Vagrantfile vendored
View File

@@ -37,7 +37,8 @@ Vagrant.configure("2") do |config|
sub.vm.provision :shell do |s| sub.vm.provision :shell do |s|
s.path = "vagrant/Install-on-Centos-7.sh" s.path = "vagrant/Install-on-Centos-7.sh"
s.privileged = false s.privileged = false
s.args = [checkout] s.args = "yes"
sub.vm.synced_folder ".", "/vagrant", disabled: true
end end
end end

32
vagrant/Install-on-Centos-7.sh
View File

@@ -52,8 +52,8 @@
# we assume this user is called nominatim and the installation will be in # we assume this user is called nominatim and the installation will be in
# /srv/nominatim. To create the user and directory run: # /srv/nominatim. To create the user and directory run:
# #
sudo mkdir -p /opt/nominatim #DOCS: sudo useradd -d /srv/nominatim -s /bin/bash -m nominatim sudo mkdir -p /srv/nominatim #DOCS: sudo useradd -d /srv/nominatim -s /bin/bash -m nominatim
sudo chown vagrant /opt/nominatim #DOCS: sudo chown vagrant /srv/nominatim #DOCS:
# #
# You may find a more suitable location if you wish. # You may find a more suitable location if you wish.
# #
@@ -61,7 +61,7 @@ sudo chown vagrant /opt/nominatim #DOCS:
# user name and home directory now like this: # user name and home directory now like this:
# #
export USERNAME=vagrant #DOCS: export USERNAME=nominatim export USERNAME=vagrant #DOCS: export USERNAME=nominatim
export USERHOME=/opt/nominatim #DOCS: export USERHOME=/srv/nominatim export USERHOME=/srv/nominatim
# #
# **Never, ever run the installation as a root user.** You have been warned. # **Never, ever run the installation as a root user.** You have been warned.
# #
@@ -126,17 +126,6 @@ sudo sed -i 's:#.*::' /etc/httpd/conf.d/nominatim.conf #DOCS:
sudo systemctl enable httpd sudo systemctl enable httpd
sudo systemctl restart httpd sudo systemctl restart httpd
#
# Adding SELinux Security Settings
# --------------------------------
#
# It is a good idea to leave SELinux enabled and enforcing, particularly
# with a web server accessible from the Internet. At a minimum the
# following SELinux labeling should be done for Nominatim:
sudo semanage fcontext -a -t httpd_sys_content_t "$USERHOME/Nominatim/(website|lib|settings)(/.*)?"
sudo semanage fcontext -a -t lib_t "$USERHOME/build/module/nominatim.so"
sudo restorecon -R -v $USERHOME/Nominatim
# #
# Installing Nominatim # Installing Nominatim
@@ -171,6 +160,21 @@ fi #DOCS:
cmake $USERHOME/Nominatim cmake $USERHOME/Nominatim
make make
#
# Adding SELinux Security Settings
# --------------------------------
#
# It is a good idea to leave SELinux enabled and enforcing, particularly
# with a web server accessible from the Internet. At a minimum the
# following SELinux labeling should be done for Nominatim:
sudo semanage fcontext -a -t httpd_sys_content_t "$USERHOME/Nominatim/(website|lib|settings)(/.*)?"
sudo semanage fcontext -a -t httpd_sys_content_t "$USERHOME/build/(website|lib|settings)(/.*)?"
sudo semanage fcontext -a -t lib_t "$USERHOME/build/module/nominatim.so"
sudo restorecon -R -v $USERHOME/Nominatim
sudo restorecon -R -v $USERHOME/build
# You need to create a minimal configuration file that tells nominatim # You need to create a minimal configuration file that tells nominatim
# the name of your webserver user and the URL of the website: # the name of your webserver user and the URL of the website: