CentOS 7 Installation¶
Prerequisites¶
- Web server (Apache/Nginx/Lighttpd) with SSL enabled.
- MariaDB or MySQL >= 5
- PHP >= 5.6 <= 7.0
- PHP modules
- Mysql
- mcrypt
- ldap (optional)
- SimpleXML
- XML
- Curl
- Json
- GD
- PDO
- mbstring
- The latest sysPass release https://github.com/nuxsmin/sysPass/releases
Installation¶
Packages installation
yum install httpd php-mysql php-pdo php-ldap php-gd php-pdo php-xml php-mbstring mariadb-server mariadb wget
In order to start and auto-start the Apache Web server:
systemctl enable httpd.service
systemctl start httpd.service
In order to start and auto-start the MariaDB server:
systemctl enable mariadb.service
systemctl start mariadb.service
We need to secure the MySQL installation:
/usr/bin/mysql_secure_installation
Installing EPEL repository for encryption module¶
Download and install the RPM for the EPEL repository:
wget http://dl.fedoraproject.org/pub/epel/beta/7/x86_64/epel-release-7-0.2.noarch.rpm
yum install epel-release-7-0.2.noarch.rpm
yum install php-mcrypt
systemctl restart httpd.service
Enable the firewall ports¶
Add firewall rules:
firewall-cmd --permanent --zone=public --add-service=http
firewall-cmd --permanent --zone=public --add-service=https
firewall-cmd --reload
Directories and permissions configuration:¶
Create a directory for the application in the webserver root:
mkdir /var/www/html/syspass
Copy and unzip the sysPass archive in the newly created directory:
cp sysPass.tar.gz /var/www/html/syspass
cd /var/www/html/syspass
tar xzf syspass.tar.gz
Change the owner of ‘syspass/config’ directory. It should be the same user that the web server runs:
chown apache /var/www/html/syspass/config
chmod 750 /var/www/html/syspass/config
Create an change the backup directory owner:
mkdir var/www/html/syspass/backup
chown apache /var/www/html/syspass/backup
Modifying SELinux¶
In order to allow sysPass to write its own configuration file and backups, we have two choices:
Note
Choose one of the options
- Change the SELinux user and target context to make writable the config and backup directories:
chcon -R -t httpd_sys_rw_content_t /var/www/html/sysPass/config/
chcon -R -t httpd_sys_rw_content_t /var/www/html/sysPass/backup/
mkdir /var/www/html/sysPass/tmp && chcon -R -t httpd_sys_rw_content_t /var/www/html/sysPass/tmp
- Disable SELinux by editing ‘/etc/sysconfig/selinux’ file, change the “SELINUX” variable value to “permissive” and reboot your system.
Environment configuration¶
Open the web browser and point to the URL:
https://IP_OR_SERVER_NAME/syspass/index.php
Note
Please, follow installer steps and after the successful finishing, you will be able to log into the application
To know how sysPass works, please see Application
Warning
It’s advisable to read the security recommendations on Security