How do I install OpenAM with Apache Web Policy Agent 4.x on Red Hat Enterprise Linux or CentOS configured with SELinux?

Preparing for a successful install

The following tools are used in this process:

• SELinux troubleshooting tool - displays all the violations that have been logged to the /var/log/audit/audit.log file along with possible solutions. When SELinux is in Enforcing mode, all configured parameters are enforced and any violations are logged to the /var/log/audit/audit.log file.
• GUI configuration tool - provides useful utilities for operating and managing SELinux, including restorecon. The restorecon utility enables you to restore a file's default SELinux security contexts.

To prepare for a successful install:

1. Install these tools using the following terminal command:  yum install setroubleshoot policycoreutils-gui
2. Enable communication between Apache and Tomcat using the following terminal commands: # setsebool -P httpd_can_network_connect on # setsebool -P httpd_can_network_relay on
3. Change the default SELinux type context for files in the directory with agent configuration files, such as /opt/web_agent, with the following command if installing the Apache Web Policy Agent: restorecon -v /opt/web_agents/apache22_agent/lib/*
4. Identify and diagnose any other SELinux issues that may exist on your system using the following command: sealert -b /var/log/audit/audit.log The SELinux Alert Browser is displayed.
5. Click Troubleshoot to display all the logged alerts along with suggested solutions.
6. Implement the suggested solutions or similar to resolve all the logged alerts. You can now proceed to install OpenAM and the Apache Web Policy Agent.

See Also

Permission denied when starting Apache Web Policy Agent 4.x on Red Hat Enterprise Linux or CentOS system configured with SELinux

OpenAM Web Policy Agent Release Notes › Limitations

Security-Enhanced Linux User Guide

SELinux

Related Training

N/A

Related Issue Tracker IDs

N/A