This page is under construction
Executive Summary
SELinux
SELinux must run in Permissive mode. Otherwise, the Shibboleth SP Apache module will not be able to connect to the shibd socket, and mysqld will not be able to load in the shared library used by cams-ldap.
To set SELinux permissive mode at boot time, change the SELINUX setting in /etc/selinux/config:
| No Format |
|---|
SELINUX=permissive
|
To set permissive mode on the running system only:
| No Format |
|---|
# setenforce Permissive
|
Firewall
Make sure that the additional port used by the IdP are enabled in the firewall. Use the command "iptables --list -n --line-numbers" to determine the proper rule number; the following example assumes we are inserting rules beginning at number 36. Also replace 18.x.y.z with the appropriate IP address of the peer node in the cluster, not the local host.
...