Difference between revisions of "Install CentOS7"

From Mumble Wiki
Jump to: navigation, search
(Added a little prompt for someone to help flesh out the documentation with regards to SELinux. I've spent too many hours fighting SELinux to bother with it anymore.)
(Setting PIDFile in the murmur.service causes warnings in journalctl on start (it's already defined in murmur.ini anyway))
Line 41: Line 41:
 
User=murmur
 
User=murmur
 
Type=forking
 
Type=forking
PIDFile=/var/run/murmur/murmur.pid
 
 
ExecStart=/usr/local/murmur/murmur.x86 -ini /etc/murmur.ini
 
ExecStart=/usr/local/murmur/murmur.x86 -ini /etc/murmur.ini
  

Revision as of 23:12, 30 May 2016

Installation of murmur server on CentOS 7 (RHEL 7) using the static mumble server.

Install

Download the static murmur server. Then run the following commands to install:

tar -vxjf ./murmur-static_x86-1.2.8.tar.bz2
sudo mkdir /usr/local/murmur
sudo cp -r ./murmur-static_x86-1.2.8/* /usr/local/murmur/
sudo cp ./murmur-static_x86-1.2.8/murmur.ini /etc/murmur.ini

Now create the murmur user and group, data directory, and logging directory:

sudo groupadd -r murmur
sudo useradd -r -g murmur -m -d /var/lib/murmur -s /sbin/nologin murmur
sudo mkdir /var/log/murmur
sudo chown murmur:murmur /var/log/murmur
sudo chmod 0770 /var/log/murmur

System Configuration

Murmur.ini

Make sure that the following settings are configured correctly in /etc/murmur.ini:

logfile=/var/log/murmur/murmur.log
pidfile=/var/run/murmur/murmur.pid
# Reminder: When changing the port that murmur will listen to you will need to also update the firewall.
# Update the firewall by editing /etc/firewalld/services/murmur.xml
# Then run "sudo firewall-cmd --reload"
port=64738
# Comment out the following setting since the service will already be executing as the correct user:
# uname=murmur

Allow to run as a background process

Create a systemd unit file so that the murmur service can be managed by the operating system. Using your text editor of choice, create the file '/etc/systemd/system/murmur.service' (Requires root). Copy and paste the following:

[Unit]
Description=Mumble Server (Murmur)
Requires=network-online.target
After=network-online.target mariadb.service time-sync.target

[Service]
User=murmur
Type=forking
ExecStart=/usr/local/murmur/murmur.x86 -ini /etc/murmur.ini

[Install]
WantedBy=multi-user.target

On modern systems /var/run is discarded after reboot. To regenerate the pid directory for murmur, create the configuration file '/etc/tmpfiles.d/murmur.conf' as root and copy and paste:

d /var/run/murmur 775 murmur murmur

Firewall

Setup firewalld so that it allows the service to listen to TCP/UDP. If you adjusted murmur.ini so that it listens to a non-default port, then you will need to change this step to reflect your modifications. As root, create the configuration file '/etc/firewalld/services/murmur.xml' and copy and paste:

<?xml version="1.0" encoding="utf-8"?>
<service>
        <short>Murmur</short>
        <description>Mumble Server (Murmur)</description>
        <port protocol="tcp" port="64738" /><!-- Reminder: Update /etc/murmur.ini so that it uses the same ports -->
        <port protocol="udp" port="64738" />
</service>

Then add the firewall rule to the default zone and then reload:

sudo firewall-cmd --permanent --add-service=murmur
sudo firewall-cmd --reload

SELinux

Note: The steps outlined here will probably make security folks cringe. If anyone has the time and patience to figure out SELinux, please consider updating this document with a proper solution.

SELinux by default will prevent murmur from functioning correctly. The quick and easy solution is to simply disable it. To disable temporarily (until the next reboot), run:

sudo setenforce 0

To disable permanently (after the next reboot), edit '/etc/sysconfig/selinux' and change the "SELINUX" line to:

SELINUX=disabled

Finishing up

Update your system so that it is ready to start the murmur service:

sudo systemd-tmpfiles --create /etc/tmpfiles.d/
sudo systemctl daemon-reload

To temporarily start the murmur service (until the next reboot), run:

sudo systemctl start murmur.service

To tell the system to autostart the murmur service (this will NOT immediately start murmur, instead it will start on the next reboot):

sudo systemctl enable murmur.service