Difference between revisions of "Install CentOS7"

From Mumble Wiki
Jump to: navigation, search
(Change reference of "mysql" to "mariadb" because CentOS 7 has switched over.)
(Added a little prompt for someone to help flesh out the documentation with regards to SELinux. I've spent too many hours fighting SELinux to bother with it anymore.)
Line 71: Line 71:
  
 
=== SELinux ===
 
=== SELinux ===
 +
'''Note''': The steps outlined here will probably make security folks cringe.  If anyone has the time and patience to figure out SELinux, please consider updating this document with a proper solution.
 +
 
SELinux by default will prevent murmur from functioning correctly.  The quick and easy solution is to simply disable it.  To disable temporarily (until the next reboot), run:
 
SELinux by default will prevent murmur from functioning correctly.  The quick and easy solution is to simply disable it.  To disable temporarily (until the next reboot), run:
 
<pre>
 
<pre>
Line 79: Line 81:
 
SELINUX=disabled
 
SELINUX=disabled
 
</pre>
 
</pre>
 +
 
=== Finishing up ===
 
=== Finishing up ===
 
Update your system so that it is ready to start the murmur service:
 
Update your system so that it is ready to start the murmur service:

Revision as of 13:37, 1 September 2015

Installation of murmur server on CentOS 7 (RHEL 7) using the static mumble server.

Install

Download the static murmur server. Then run the following commands to install:

tar -vxjf ./murmur-static_x86-1.2.8.tar.bz2
sudo mkdir /usr/local/murmur
sudo cp -r ./murmur-static_x86-1.2.8/* /usr/local/murmur/
sudo cp ./murmur-static_x86-1.2.8/murmur.ini /etc/murmur.ini

Now create the murmur user and group, data directory, and logging directory:

sudo groupadd -r murmur
sudo useradd -r -g murmur -m -d /var/lib/murmur -s /sbin/nologin murmur
sudo mkdir /var/log/murmur
sudo chown murmur:murmur /var/log/murmur
sudo chmod 0770 /var/log/murmur

System Configuration

Murmur.ini

Make sure that the following settings are configured correctly in /etc/murmur.ini:

logfile=/var/log/murmur/murmur.log
pidfile=/var/run/murmur/murmur.pid
# Reminder: When changing the port that murmur will listen to you will need to also update the firewall.
# Update the firewall by editing /etc/firewalld/services/murmur.xml
# Then run "sudo firewall-cmd --reload"
port=64738
# Comment out the following setting since the service will already be executing as the correct user:
# uname=murmur

Allow to run as a background process

Create a systemd unit file so that the murmur service can be managed by the operating system. Using your text editor of choice, create the file '/etc/systemd/system/murmur.service' (Requires root). Copy and paste the following:

[Unit]
Description=Mumble Server (Murmur)
Requires=network-online.target
After=network-online.target mariadb.service time-sync.target

[Service]
User=murmur
Type=forking
PIDFile=/var/run/murmur/murmur.pid
ExecStart=/usr/local/murmur/murmur.x86 -ini /etc/murmur.ini

[Install]
WantedBy=multi-user.target

On modern systems /var/run is discarded after reboot. To regenerate the pid directory for murmur, create the configuration file '/etc/tmpfiles.d/murmur.conf' as root and copy and paste:

d /var/run/murmur 775 murmur murmur

Firewall

Setup firewalld so that it allows the service to listen to TCP/UDP. If you adjusted murmur.ini so that it listens to a non-default port, then you will need to change this step to reflect your modifications. As root, create the configuration file '/etc/firewalld/services/murmur.xml' and copy and paste:

<?xml version="1.0" encoding="utf-8"?>
<service>
        <short>Murmur</short>
        <description>Mumble Server (Murmur)</description>
        <port protocol="tcp" port="64738" /><!-- Reminder: Update /etc/murmur.ini so that it uses the same ports -->
        <port protocol="udp" port="64738" />
</service>

Then add the firewall rule to the default zone and then reload:

sudo firewall-cmd --permanent --add-service=murmur
sudo firewall-cmd --reload

SELinux

Note: The steps outlined here will probably make security folks cringe. If anyone has the time and patience to figure out SELinux, please consider updating this document with a proper solution.

SELinux by default will prevent murmur from functioning correctly. The quick and easy solution is to simply disable it. To disable temporarily (until the next reboot), run:

sudo setenforce 0

To disable permanently (after the next reboot), edit '/etc/sysconfig/selinux' and change the "SELINUX" line to:

SELINUX=disabled

Finishing up

Update your system so that it is ready to start the murmur service:

sudo systemd-tmpfiles --create /etc/tmpfiles.d/
sudo systemctl daemon-reload

To temporarily start the murmur service (until the next reboot), run:

sudo systemctl start murmur.service

To tell the system to autostart the murmur service (this will NOT immediately start murmur, instead it will start on the next reboot):

sudo systemctl enable murmur.service