[LON-CAPA-cvs] cvs: doc /build RHEL7_install.frag

raeburn raeburn at source.lon-capa.org
Sat Mar 13 15:58:10 EST 2021 

raeburn		Sat Mar 13 20:58:10 2021 EDT

  Modified files:              
    /doc/build	RHEL7_install.frag 
  Log:
  - Either firewalld or iptables can be used with LON-CAPA 2.11.3.
  - system-config-firewall-tui available from rhel-7-server-optional-rpms repo.
  
  
Index: doc/build/RHEL7_install.frag
diff -u doc/build/RHEL7_install.frag:1.4 doc/build/RHEL7_install.frag:1.5
--- doc/build/RHEL7_install.frag:1.4	Tue Dec  3 00:46:07 2019
+++ doc/build/RHEL7_install.frag	Sat Mar 13 20:58:10 2021
@@ -89,9 +89,22 @@
 </p>
 <h3>Firewall Configuration</h3>
 <p>
-LON-CAPA uses the traditional iptables package instead of the recent Firewalld, included for the
-first time with RHEL7.  Accordingly, you should install iptables-services, disable firewalld,
-and enable iptables.  
+Starting with LON-CAPA 2.11.3 you have the option of using either firewalld or iptables to
+manage the Firewall on your RHEL7 server/VM, as both are compatible with LON-CAPA's
+port management.</p>
+<p>Enable access to standard web server ports (i.e., http and https) as follows if using
+firewalld:</p>
+<pre>
+systemctl enable firewalld
+systemctl start firewalld
+firewall-cmd --zone=public --permanent --add-service=http
+firewall-cmd --zone=public --permanent --add-service=https
+firewall-cmd --reload
+</pre>
+<p>If you prefer to use the traditional iptables package instead of the default firewalld,
+you will need to install iptables-services, disable firewalld, enable iptables, and then
+use the system-config-firewall-tui tool to configure the Firewall.
+</p>
 <pre>
 yum install iptables-services
 systemctl mask firewalld
@@ -100,13 +113,26 @@
 systemctl stop firewalld
 systemctl start iptables
 systemctl start ip6tables
+</pre>
+<p>
+If you have a subscription to Red Hat you can use subscription-manager to enable the
+rhel-7-server-optional-rpms, and then install system-config-firewall-tui.
+</p>
+<pre>
+subscription-manager repos --enable rhel-7-server-optional-rpms
+yum install system-config-firewall-tui
+</pre>
+<p>If your server/VM does not currently have a Red Hat subscription you can install wget,
+then download system-config-firewall-tui from the LON-CAPA installation site and install it.
+</p> 
+<pre> 
 yum install wget
 rpm --import http://install.loncapa.org/versions/redhat/RPM-GPG-KEY-loncapa
 wget http://install.loncapa.org/versions/redhat/7Server/system-config-firewall-tui-1.2.29-10.el7.noarch.rpm
 yum localinstall system-config-firewall-tui-1.2.29-10.el7.noarch.rpm
 </pre>
 <p>
-The system-config-firewall-tui tool should be used to configure the Firewall.
+If using iptables, use the system-config-firewall-tui tool to configure the Firewall.
 </p>
 <pre>
 system-config-firewall-tui
@@ -139,6 +165,7 @@
 Retrieve the rhel7_loncapa_yum file from the LON-CAPA install site:
 </p>
 <pre>
+yum install wget
 wget http://install.loncapa.org/versions/redhat/7Server/rhel7_loncapa_yum.conf
 </pre>
 <p>

More information about the LON-CAPA-cvs mailing list