CentOS 7 Installation

Prerequisites

  • Web server (Apache/Nginx/Lighttpd) with SSL enabled.
  • MariaDB or MySQL >= 5
  • PHP >= 5.6 <= 7.0
  • PHP modules
    • Mysql
    • mcrypt
    • ldap (optional)
    • SimpleXML
    • XML
    • Curl
    • Json
    • GD
    • PDO
    • mbstring
  • The latest sysPass release https://github.com/nuxsmin/sysPass/releases

Installation

Packages installation

yum install httpd php-mysql php-pdo php-ldap php-gd php-pdo php-xml php-mbstring mariadb-server mariadb wget

In order to start and auto-start the Apache Web server:

systemctl enable httpd.service
systemctl start httpd.service

In order to start and auto-start the MariaDB server:

systemctl enable mariadb.service
systemctl start mariadb.service

We need to secure the MySQL installation:

/usr/bin/mysql_secure_installation

Installing EPEL repository for encryption module

Download and install the RPM for the EPEL repository:

wget http://dl.fedoraproject.org/pub/epel/beta/7/x86_64/epel-release-7-0.2.noarch.rpm
yum install epel-release-7-0.2.noarch.rpm
yum install php-mcrypt
systemctl restart httpd.service

Enable the firewall ports

Add firewall rules:

firewall-cmd --permanent --zone=public --add-service=http
firewall-cmd --permanent --zone=public --add-service=https
firewall-cmd --reload

Directories and permissions configuration:

Create a directory for the application in the webserver root:

mkdir /var/www/html/syspass

Copy and unzip the sysPass archive in the newly created directory:

cp sysPass.tar.gz /var/www/html/syspass
cd /var/www/html/syspass
tar xzf syspass.tar.gz

Change the owner of ‘syspass/config’ directory. It should be the same user that the web server runs:

chown apache /var/www/html/syspass/config
chmod 750 /var/www/html/syspass/config

Create an change the backup directory owner:

mkdir var/www/html/syspass/backup
chown apache /var/www/html/syspass/backup

Modifying SELinux

In order to allow sysPass to write its own configuration file and backups, we have two choices:

Note

Choose one of the options

  • Change the SELinux user and target context to make writable the config and backup directories:
chcon -R -t httpd_sys_rw_content_t /var/www/html/sysPass/config/
chcon -R -t httpd_sys_rw_content_t /var/www/html/sysPass/backup/
mkdir /var/www/html/sysPass/tmp && chcon -R -t httpd_sys_rw_content_t /var/www/html/sysPass/tmp
  • Disable SELinux by editing ‘/etc/sysconfig/selinux’ file, change the “SELINUX” variable value to “permissive” and reboot your system.

Environment configuration

Open the web browser and point to the URL:

https://IP_OR_SERVER_NAME/syspass/index.php

Note

Please, follow installer steps and after the successful finishing, you will be able to log into the application

To know how sysPass works, please see Application

Warning

It’s advisable to read the security recommendations on Security