Omnis 10.1 headless on centos 8
Louis Kirouac
lkirouac at gmail.com
Mon Apr 26 19:33:01 UTC 2021
Hi again
I changed the file and directory permission to +x (execute), g+rw for the
whole omnis directory and files,
which is NOT seated in the www root directory.
Now the error I have has change, when i try to open osadmin.htm I get on
the web page:
Error
500 Internal Server Error - error occurred while connecting to OMNIS server
(Reported by OMNIS Apache module)
And if I Disable SELinux it works fine.
I can't find an error log entry either in the httpd or omins server logs !!!
Louis Kirouac
On Mon, 26 Apr 2021 at 15:14, Bruno Del Sol <bruno.delsol at bydesign.fr>
wrote:
> Salut Louis,
>
> I don't use selinux because i'm no sysadmin, so It is setup as permissive
> on the centos server I install.
>
> If the server is facing the internet, i do add other layers of security
> that are simpler to install and don't need
> management :
>
> - unattended-upgrades : automation of system updates
> see
> https://www.tecmint.com/dnf-automatic-install-security-updates-automatically-in-centos-8/
>
> - fail2ban : allow to jail boring ip that are constantly scanning ports
> and services
> see
> https://www.atlantic.net/vps-hosting/how-to-protect-apache-and-ssh-with-fail2ban-on-centos-8/
>
> - protect Apache against slowloris attacks with mod_qos (dnf install
> mod_qos)
> see
> https://www.acunetix.com/blog/articles/slow-http-dos-attacks-mitigate-apache-http-server/
> >
>
> As of today this is enough to keep these servers up and running 99% of the
> time.
>
>
> HTH
> Regards
> Bruno
>
> By Design
> http://www.bydesign.fr
> Bruno Del Sol
> bruno.delsol at bydesign.fr
> 46, rue de La Tour d'Auvergne
> 75009 Paris (France)
>
> Le 26/04/2021 à 19:09, Louis Kirouac a écrit :
> > Hi $all
> >
> > I upgraded my VM to Centos 8 and
> > installed omnis-headless-app-server-10.1-29237
> >
> > I used again Bruno's
> >
> https://github.com/brunobydesign/how-to-install-omnis-headless-on-debian-10
> > (Merci encore Bruno)
> >
> > I am able to open osadmin.htm IF I have SELinux disabled
> > but when it is set to:Enforcing
> > I get 403 error:
> > [Mon Apr 26 12:49:51.206320 2021] [core:error] [pid 2271:tid
> > 140119840319232] (13)Permission denied: [client 24.48.69.130:55831]
> > AH00035: access to /omnishtml/osadmin.htm denied (filesystem path
> > '/usr/local/omnisweb/omnis') because search permissions are missing on a
> > component of the path
> >
> > I set SELinux rules to :
> > /usr/local/omnisweb(/.*)? system_u:object_r:httpd_sys_content_t:s0
> >
> > Did anyone manage to make SELinux happy with Omnis headless on Centos 8
> ?
> >
> > ----
> >
> > I also get in the omnis log:
> >
> > {"thread":0,"when":"20210426
> > 12:25:41","type":"tracelog","length":74}libssl.so.1.0.0: cannot open
> shared
> > object file: No such file or directory
> >
> > Should I worry about it?
> >
> > Merci,
> > Thank you for your help
> >
> > Louis Kirouac
> > _____________________________________________________________
> > Manage your list subscriptions at http://lists.omnis-dev.com
> > Start a new message -> mailto:omnisdev-en at lists.omnis-dev.com
>
More information about the omnisdev-en
mailing list