Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
documentation:server-install-aducid [2018/11/08 01:04]
mpospisek [Compoment log checks]
documentation:server-install-aducid [2019/01/27 12:07] (current)
mpospisek [Installation]
Line 2: Line 2:
 ===== File and directory preparation ===== ===== File and directory preparation =====
  
-Directories for aducid-aaa-modules+**Prepare the aducid-aaa.service** 
 +<sxh bash> 
 +--- AAA modules ​need the following directories are created before installation:​
  
-AAA modules need the following directories are created before installation:​ +mkdir -p /​opt/​aaa/​install
-<codedoc code:​bash>​ +
-mkdir /​opt/​aaa/​install+
 mkdir /​opt/​aaa/​logs mkdir /​opt/​aaa/​logs
 mkdir /​opt/​aaa/​conf mkdir /​opt/​aaa/​conf
Line 14: Line 14:
 mkdir /​opt/​aaa/​bin mkdir /​opt/​aaa/​bin
 mkdir -p /​usr/​lib64/​openaaa/​modules mkdir -p /​usr/​lib64/​openaaa/​modules
-</​codedoc>​ 
  
-Files for aducid-aaa-modules. **Please ​adjust ​your server hostname in these files, as indicated.**+# --- Files for aducid-aaa-modules. ​ 
 +**Please ​check your server hostname in these files, as indicated.**
  
-<codedoc code:​bash>​ +# --- Export system variables 
-vi /​etc/​profile.d/​openaaa.sh +/​etc/​profile.d/​openaaa.sh 
-</​codedoc>​ +echo \ 
-<sxh bash> +"#!/bin/bash
-#!/bin/bash+
 export OPENAAA_PROTOCOL=aaa export OPENAAA_PROTOCOL=aaa
 export OPENAAA_HANDLER=/​usr/​local/​bin/​aducid export OPENAAA_HANDLER=/​usr/​local/​bin/​aducid
-export OPENAAA_AUTHORITY=`hostname` +export OPENAAA_AUTHORITY=`hostname`  
-</sxh>+" ​/​etc/​profile.d/​openaaa.sh ​
  
- +# --- Define the aducid-aaa.service 
-  +/​usr/​lib/​systemd/​system/​aducid-aaa.service 
-<codedoc code:​bash>​ +echo \ 
-vi /​usr/​lib/​systemd/​system/​aducid-aaa.service +"[Unit]
-</​codedoc>​ +
-<sxh bash> +
-[Unit]+
 Description=The ADUCID AAA Module Description=The ADUCID AAA Module
 After=network.target remote-fs.target nss-lookup.target After=network.target remote-fs.target nss-lookup.target
Line 46: Line 42:
    
 [Install] [Install]
-WantedBy=multi-user.target +WantedBy=multi-user.target  
-</sxh +" ​>/usr/lib/​systemd/​system/​aducid-aaa.service 
-  + 
-<codedoc code:​bash>​ +--- Create service files 
-vi /etc/sysconfig/aducid-aaa +# /etc/sysconfig/aducid-aaa 
-</​codedoc>​ +echo \ 
-<sxh bash; highlight: [25]> +"​OPENAAA_PROTOCOL=aaa
-+
-# This file can be used to set additional environment variables for +
-# the httpd process, or pass additional options to the httpd +
-# executable+
-# +
-Note: With previous versions of httpd, the MPM could be changed by +
-# editing an "​HTTPD"​ variable here.  With the current version, that +
-# variable is now ignored. ​ The MPM is a loadable module, and the +
-# choice of MPM can be changed by editing the configuration file +
-# /etc/httpd/conf.modules.d/​00-mpm.conf. +
-# +
-+
-# To pass additional options (for instance, -D definitions) to the +
-# httpd binary at startup, set OPTIONS here. +
-+
-#OPTIONS= +
-+
-# This setting ensures the httpd process is started in the "C" locale +
-# by default. ​ (Some modules will not behave correctly if +
-# case-sensitive string comparisons are performed in a different +
-# locale.) +
-+
-OPENAAA_PROTOCOL=aaa+
 OPENAAA_HANDLER=/​usr/​local/​bin/​aducid OPENAAA_HANDLER=/​usr/​local/​bin/​aducid
-OPENAAA_AUTHORITY=your.server.dnsname+OPENAAA_AUTHORITY=`hostname`  
 +" > /​etc/​sysconfig/​aducid-aaa
 </​sxh>​ </​sxh>​
-  +<​codedoc>​
-<​codedoc ​code:bash>+
 vi /​opt/​aaa/​bin/​aducid-aaa.sh vi /​opt/​aaa/​bin/​aducid-aaa.sh
 </​codedoc>​ </​codedoc>​
-<​sxh ​bash>+<sxh>
 #!/bin/bash -x #!/bin/bash -x
 # #
Line 94: Line 67:
 # Check that networking is up. # Check that networking is up.
 . /​etc/​sysconfig/​network . /​etc/​sysconfig/​network
-  +  ​
- +
 usage () usage ()
 { {
Line 101: Line 73:
         RETVAL=2         RETVAL=2
 } }
-  +  ​
- +
 start () start ()
 { {
Line 112: Line 83:
 kill -9 `cat /​var/​run/​aaad.pid` kill -9 `cat /​var/​run/​aaad.pid`
 } }
-  
    
 restart () restart ()
Line 119: Line 89:
         start         start
 } }
-  +  ​
- +
 case "​$1"​ in case "​$1"​ in
     stop) stop ;;     stop) stop ;;
Line 131: Line 100:
 </​sxh>​ </​sxh>​
  
 +**Directory to import mypeig.aducid.com info**
 +<sxh>
 +mkdir -p ~/​psqltools/​myPEIG
 +</​sxh>​
 +Put the following files into the above directory and strip the "​.file"​ extension:
 +  * {{ :​documentation:​install:​insert_home_aim_mypeig.sql.file |insert_home_aim_mypeig.sql.file}}
 +  * {{ :​documentation:​install:​mypeig.aducid.com.crt.file |mypeig.aducid.com.crt.file}}
 +<sxh>
 +cd ~/​psqltools/​myPEIG ​
 +mv insert_home_aim_mypeig.sql.file insert_home_aim_mypeig.sql
 +mv mypeig.aducid.com.crt.file mypeig.aducid.com.crt
 +</​sxh>​
  
 + 
 ===== Installation ===== ===== Installation =====
  
Line 141: Line 123:
  
 Install and run the aducid-installer script Install and run the aducid-installer script
-<codedoc code:bash>+<sxh>
 # in this directory, rpm files are located # in this directory, rpm files are located
 cd /​media/​ADUCID/​repository/​el7/​x86_64 cd /​media/​ADUCID/​repository/​el7/​x86_64
 # find the exact filename using the TAB key in the command prompt # find the exact filename using the TAB key in the command prompt
-yum localinstall aducid-repository-+yum localinstall aducid-repository-1.0-4.el7.centos.noarch.rpm
 # dtto as above # dtto as above
-yum localinstall aducid-installer- ​  +yum localinstall aducid-installer-4.1.0-1.rc1.el7.centos.noarch.rpm ​  ​
 # now, the install script will be in the path (/​usr/​local/​bin),​ invoke it # now, the install script will be in the path (/​usr/​local/​bin),​ invoke it
 aducid-installer aducid-installer
-</codedoc>+</sxh>
  
 The aducid-installer script (see /​usr/​local/​bin/​aducid-installer.sh) asks about AIM server parameters: The aducid-installer script (see /​usr/​local/​bin/​aducid-installer.sh) asks about AIM server parameters:
Line 183: Line 165:
 postinstall checks postinstall checks
 <codedoc code:​bash>​ <codedoc code:​bash>​
-orange-d3:~ root$ systemctl -l status ​httpd24-httpd.service +orange-d3:~ root$ systemctl -l status httpd.service 
-● httpd24-httpd.service - The Apache HTTP Server +● httpd.service - The Apache HTTP Server 
-   ​Loaded:​ loaded (/​usr/​lib/​systemd/​system/​httpd24-httpd.service;​ enabled; vendor preset: disabled) +   ​Loaded:​ loaded (/​usr/​lib/​systemd/​system/​httpd.service;​ enabled; vendor preset: disabled) 
-   ​Active:​ active (running) since Mon 2018-06-25 22:54:51 CEST9min ago +   ​Active:​ active (running) since Wed 2018-11-07 23:11:21 CET2h 50min ago 
- Main PID: 913 (httpd) + Main PID: 4800 (httpd) 
-   ​Status:​ "Total requests: ​11; Idle/Busy workers 100/​0;​Requests/​sec:​ 0.0187; Bytes served/​sec: ​ ​37 ​B/​sec"​ +   ​Status:​ "Total requests: ​38; Idle/Busy workers 100/​0;​Requests/​sec:​ 0.00373; Bytes served/​sec: ​  7 B/​sec"​ 
-   ​CGroup:​ /​system.slice/​httpd24-httpd.service +   ​CGroup:​ /​system.slice/​httpd.service 
-           ​├─ ​913 /​opt/​rh/​httpd24/​root/​usr/​sbin/​httpd -DFOREGROUND +           ​├─4800 /​usr/​sbin/​httpd -DFOREGROUND 
-           ​├─1129 /​opt/​rh/​httpd24/​root/​usr/​sbin/​httpd -DFOREGROUND +           ​├─4801 /​usr/​sbin/​httpd -DFOREGROUND 
-           ​├─1130 /​opt/​rh/​httpd24/​root/​usr/​sbin/​httpd -DFOREGROUND +           ​├─4802 /​usr/​sbin/​httpd -DFOREGROUND 
-           ​├─1131 /​opt/​rh/​httpd24/​root/​usr/​sbin/​httpd -DFOREGROUND +           ​├─4803 /​usr/​sbin/​httpd -DFOREGROUND 
-           ​├─1132 /​opt/​rh/​httpd24/​root/​usr/​sbin/​httpd -DFOREGROUND +           ​├─4804 /​usr/​sbin/​httpd -DFOREGROUND 
-           ​├─1133 /​opt/​rh/​httpd24/​root/​usr/​sbin/​httpd -DFOREGROUND +           ​├─4806 /​usr/​sbin/​httpd -DFOREGROUND 
-           ​└─1697 /​opt/​rh/​httpd24/​root/​usr/​sbin/​httpd -DFOREGROUND +           ​└─5528 /​usr/​sbin/​httpd -DFOREGROUND 
-  +
-Jun 25 23:03:03 orange-d3.aducid.com [1697]: msg:​accept:​SSLv3 read certificate verify A +
-Jun 25 23:03:03 orange-d3.aducid.com [1697]: msg:​accept:​SSLv3 read finished A +
-Jun 25 23:03:03 orange-d3.aducid.com [1697]: msg:​accept:​SSLv3 write change cipher spec A +
-Jun 25 23:03:03 orange-d3.aducid.com [1697]: msg:​accept:​SSLv3 write finished A +
-Jun 25 23:03:03 orange-d3.aducid.com [1697]: msg:​accept:​SSLv3 flush data +
-Jun 25 23:03:03 orange-d3.aducid.com [1697]: msg:​negotiate:​SSL negotiation finished successfully +
-Jun 25 23:03:03 orange-d3.aducid.com [1697]: id=a6ae3724b541fb22127a207882e99ee2d1b0c762922ceff78dd4839872a712ab hash=8112 index=0 +
-Jun 25 23:03:03 orange-d3.aducid.com [1697]: 127.0.0.1:​8888 sent 94 byte(s) +
-Jun 25 23:03:03 orange-d3.aducid.com [1697]: 127.0.0.1:​8888 recv 168 byte(s) +
-Jun 25 23:03:03 orange-d3.aducid.com [1697]: msg:alert write:​warning:​close notify +
-  +
-# do not be confused with the following message: "The ADUCID Apache HTTP Server"​+
 orange-d3:~ root$ systemctl -l status aducid-aaa.service orange-d3:~ root$ systemctl -l status aducid-aaa.service
-● aducid-aaa.service - The ADUCID ​Apache HTTP Server+● aducid-aaa.service - The ADUCID ​AAA Module
    ​Loaded:​ loaded (/​usr/​lib/​systemd/​system/​aducid-aaa.service;​ enabled; vendor preset: disabled)    ​Loaded:​ loaded (/​usr/​lib/​systemd/​system/​aducid-aaa.service;​ enabled; vendor preset: disabled)
    ​Active:​ active (running) since Mon 2018-06-25 22:54:50 CEST; 11min ago    ​Active:​ active (running) since Mon 2018-06-25 22:54:50 CEST; 11min ago
  • documentation/server-install-aducid.1541639064.txt.gz
  • Last modified: 2018/11/08 01:04
  • by mpospisek