This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
documentation:server-install-aducid [2018/11/08 00:59] mpospisek [File and directory preparation] |
documentation:server-install-aducid [2019/01/27 12:07] mpospisek [Installation] |
||
---|---|---|---|
Line 2: | Line 2: | ||
===== File and directory preparation ===== | ===== File and directory preparation ===== | ||
- | Directories for aducid-aaa-modules | + | **Prepare the aducid-aaa.service** |
+ | <sxh bash> | ||
+ | # --- AAA modules | ||
- | AAA modules need the following directories are created before installation: | + | mkdir -p / |
- | <codedoc code: | + | |
- | mkdir / | + | |
mkdir / | mkdir / | ||
mkdir / | mkdir / | ||
Line 14: | Line 14: | ||
mkdir / | mkdir / | ||
mkdir -p / | mkdir -p / | ||
- | </ | ||
- | Files for aducid-aaa-modules. **Please | + | # --- Files for aducid-aaa-modules. |
+ | # **Please | ||
- | <codedoc code: | + | # --- Export system variables |
- | vi / | + | # / |
- | </ | + | echo \ |
- | <sxh bash> | + | "#!/bin/bash |
- | #!/bin/bash | + | |
export OPENAAA_PROTOCOL=aaa | export OPENAAA_PROTOCOL=aaa | ||
export OPENAAA_HANDLER=/ | export OPENAAA_HANDLER=/ | ||
- | export OPENAAA_AUTHORITY=`hostname` | + | export OPENAAA_AUTHORITY=`hostname` |
- | </sxh> | + | " |
- | + | # --- Define the aducid-aaa.service | |
- | + | # / | |
- | <codedoc code: | + | echo \ |
- | vi / | + | "[Unit] |
- | </ | + | |
- | <sxh bash> | + | |
- | [Unit] | + | |
Description=The ADUCID AAA Module | Description=The ADUCID AAA Module | ||
After=network.target remote-fs.target nss-lookup.target | After=network.target remote-fs.target nss-lookup.target | ||
Line 46: | Line 42: | ||
[Install] | [Install] | ||
- | WantedBy=multi-user.target | + | WantedBy=multi-user.target |
- | </sxh> | + | " |
- | + | ||
- | <codedoc code: | + | # --- Create service files |
- | vi /etc/sysconfig/aducid-aaa | + | # /etc/sysconfig/aducid-aaa |
- | </ | + | echo \ |
- | <sxh bash; highlight: [25]> | + | " |
- | # | + | |
- | # This file can be used to set additional environment variables for | + | |
- | # the httpd process, or pass additional options to the httpd | + | |
- | # executable. | + | |
- | # | + | |
- | # Note: With previous versions of httpd, the MPM could be changed by | + | |
- | # editing an " | + | |
- | # variable is now ignored. | + | |
- | # choice of MPM can be changed by editing the configuration file | + | |
- | # /etc/httpd/conf.modules.d/ | + | |
- | # | + | |
- | # | + | |
- | # To pass additional options (for instance, -D definitions) to the | + | |
- | # httpd binary at startup, set OPTIONS here. | + | |
- | # | + | |
- | #OPTIONS= | + | |
- | # | + | |
- | # This setting ensures the httpd process is started in the "C" locale | + | |
- | # by default. | + | |
- | # case-sensitive string comparisons are performed in a different | + | |
- | # locale.) | + | |
- | # | + | |
- | OPENAAA_PROTOCOL=aaa | + | |
OPENAAA_HANDLER=/ | OPENAAA_HANDLER=/ | ||
- | OPENAAA_AUTHORITY=your.server.dnsname | + | OPENAAA_AUTHORITY=`hostname` |
+ | " > / | ||
</ | </ | ||
- | + | < | |
- | < | + | |
vi / | vi / | ||
</ | </ | ||
- | < | + | <sxh> |
#!/bin/bash -x | #!/bin/bash -x | ||
# | # | ||
Line 94: | Line 67: | ||
# Check that networking is up. | # Check that networking is up. | ||
. / | . / | ||
- | + | | |
- | + | ||
usage () | usage () | ||
{ | { | ||
Line 101: | Line 73: | ||
RETVAL=2 | RETVAL=2 | ||
} | } | ||
- | + | | |
- | + | ||
start () | start () | ||
{ | { | ||
Line 112: | Line 83: | ||
kill -9 `cat / | kill -9 `cat / | ||
} | } | ||
- | |||
restart () | restart () | ||
Line 119: | Line 89: | ||
start | start | ||
} | } | ||
- | + | | |
- | + | ||
case " | case " | ||
stop) stop ;; | stop) stop ;; | ||
Line 131: | Line 100: | ||
</ | </ | ||
+ | **Directory to import mypeig.aducid.com info** | ||
+ | <sxh> | ||
+ | mkdir -p ~/ | ||
+ | </ | ||
+ | Put the following files into the above directory and strip the " | ||
+ | * {{ : | ||
+ | * {{ : | ||
+ | <sxh> | ||
+ | cd ~/ | ||
+ | mv insert_home_aim_mypeig.sql.file insert_home_aim_mypeig.sql | ||
+ | mv mypeig.aducid.com.crt.file mypeig.aducid.com.crt | ||
+ | </ | ||
+ | |||
===== Installation ===== | ===== Installation ===== | ||
Line 141: | Line 123: | ||
Install and run the aducid-installer script | Install and run the aducid-installer script | ||
- | <codedoc code:bash> | + | <sxh> |
# in this directory, rpm files are located | # in this directory, rpm files are located | ||
cd / | cd / | ||
# find the exact filename using the TAB key in the command prompt | # find the exact filename using the TAB key in the command prompt | ||
- | yum localinstall aducid-repository- | + | yum localinstall aducid-repository-1.0-4.el7.centos.noarch.rpm |
# dtto as above | # dtto as above | ||
- | yum localinstall aducid-installer- | + | yum localinstall aducid-installer-4.1.0-1.rc1.el7.centos.noarch.rpm |
# now, the install script will be in the path (/ | # now, the install script will be in the path (/ | ||
aducid-installer | aducid-installer | ||
- | </codedoc> | + | </sxh> |
The aducid-installer script (see / | The aducid-installer script (see / | ||
Line 171: | Line 153: | ||
Other certificates used by ADUCID server are listed in / | Other certificates used by ADUCID server are listed in / | ||
- | <codedoc code:bash> | + | <sxh bash> |
PUBLIC_KEY=/ | PUBLIC_KEY=/ | ||
PRIVATE_KEY=/ | PRIVATE_KEY=/ | ||
- | </codedoc> | + | </sxh> |
It is recommended to restart the server after installation. | It is recommended to restart the server after installation. | ||
Line 183: | Line 165: | ||
postinstall checks | postinstall checks | ||
<codedoc code: | <codedoc code: | ||
- | orange-d3:~ root$ systemctl -l status | + | orange-d3:~ root$ systemctl -l status httpd.service |
- | ● httpd24-httpd.service - The Apache HTTP Server | + | ● httpd.service - The Apache HTTP Server |
- | | + | |
- | | + | |
- | Main PID: 913 (httpd) | + | Main PID: 4800 (httpd) |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | + | ||
- | Jun 25 23:03:03 orange-d3.aducid.com [1697]: msg: | + | |
- | Jun 25 23:03:03 orange-d3.aducid.com [1697]: msg: | + | |
- | Jun 25 23:03:03 orange-d3.aducid.com [1697]: msg: | + | |
- | Jun 25 23:03:03 orange-d3.aducid.com [1697]: msg: | + | |
- | Jun 25 23:03:03 orange-d3.aducid.com [1697]: msg: | + | |
- | Jun 25 23:03:03 orange-d3.aducid.com [1697]: msg: | + | |
- | Jun 25 23:03:03 orange-d3.aducid.com [1697]: id=a6ae3724b541fb22127a207882e99ee2d1b0c762922ceff78dd4839872a712ab hash=8112 index=0 | + | |
- | Jun 25 23:03:03 orange-d3.aducid.com [1697]: 127.0.0.1: | + | |
- | Jun 25 23:03:03 orange-d3.aducid.com [1697]: 127.0.0.1: | + | |
- | Jun 25 23:03:03 orange-d3.aducid.com [1697]: msg:alert write: | + | |
- | + | ||
- | # do not be confused with the following message: "The ADUCID Apache HTTP Server" | + | |
orange-d3:~ root$ systemctl -l status aducid-aaa.service | orange-d3:~ root$ systemctl -l status aducid-aaa.service | ||
- | ● aducid-aaa.service - The ADUCID | + | ● aducid-aaa.service - The ADUCID |
| | ||
| | ||
Line 270: | Line 240: | ||
Other log files: | Other log files: | ||
- | * AIM: / | + | | AIM | / |
- | | + | | tomcat9.service |
- | | + | | aducid-aaa.service |
- | * httpd24-httpd.service / | + | | httpd.service | /var/log/httpd/* | |
RPM Component summary | RPM Component summary | ||
- | aducid-configurator.rpm installation and config script | + | | aducid-configurator.rpm |
- | aducid-repository.rpm yum repository file | + | | aducid-repository.rpm | yum repository file | |
- | aducid-aaa-modules.rpm Apache settings for ADUCID components | + | | aducid-aaa-modules.rpm |
- | aim.rpm AIM and all basic components | + | | aim.rpm |
- | aducid-proof.rpm Identity | + | | aducid-proof.rpm |
- | aducid-demo.rpm Demo apps | + | |