TEXT   20

AWS AMI Stage

Guest on 21st August 2022 08:17:12 AM

  1. Pre-Configured AWS AMI for Stage
  2.  
  3. (Last Updated 20200918)
  4.  
  5.  
  6. This contains Pre-Reqs for Cache / HS / HSRM
  7.  
  8. (User Accounts, OS Settings, FIPs, etc...)
  9.  
  10.  
  11. CSP and Apache Configs for Different Components
  12.  
  13. (HSRM DB, HSIE DB, HSRM App, Edge, AGW, HC)
  14.  
  15.  
  16. Verifying Components:
  17.  
  18. [jhipp@gov-tic-stage-ma01b ~]$ ssh 10.247.127.70
  19. FIPS mode initialized
  20.  
  21. Last login: Fri Sep 18 15:03:47 2020 from gov-tic-stage-ma01b
  22.  
  23. [jhipp@gov-tic-stage-hsrm-ami ~]$ hostname
  24. gov-tic-stage-hsrm-ami
  25.  
  26. [jhipp@gov-tic-stage-hsrm-ami ~]$ cat /etc/redhat-release
  27. Red Hat Enterprise Linux Server release 7.8 (Maipo)
  28.  
  29. [jhipp@gov-tic-stage-hsrm-ami ~]$ df -h
  30. Filesystem                                     Size  Used Avail Use% Mounted on
  31. devtmpfs                                        16G     0   16G   0% /dev
  32. tmpfs                                           16G  496K   16G   1% /dev/shm
  33. tmpfs                                           16G   17M   16G   1% /run
  34. tmpfs                                           16G     0   16G   0% /sys/fs/cgroup
  35. /dev/nvme0n1p2                                  30G  2.9G   28G  10% /
  36. /dev/mapper/opt_pool-opt_pool_vg                50G   11G   40G  21% /opt
  37. /dev/mapper/jrn_pool-jrn_logs                   50G  2.6G   48G   6% /logs
  38. /dev/mapper/jrn_pool-altjrn_logs                50G   33M   50G   1% /altlogs
  39. /dev/mapper/var_pool-var_pool_vg               100G  1.7G   99G   2% /var
  40. /dev/mapper/log_grp-XFS_intersystems           500G  345G  156G  69% /intersystems
  41. fs-c832f0c9.efs.us-gov-west-1.amazonaws.com:/  8.0E  2.9G  8.0E   1% /intersystems/VAHSRM001/web
  42. tmpfs
  43.                                          3.1G     0  3.1G   0% /run/user/1001
  44. [jhipp@gov-tic-stage-hsrm-ami ~]$ nproc
  45. 8
  46.  
  47. [jhipp@gov-tic-stage-hsrm-ami ~]$ free -h
  48.               total        used        free      shared  buff/cache   available
  49. Mem:            30G        4.3G         25G         17M        198M         25G
  50. Swap:            9G          0B          9G
  51.  
  52. [jhipp@gov-tic-stage-hsrm-ami ~]$ timedatectl
  53.       Local time: Fri 2020-09-18 16:06:08 EDT
  54.   Universal time: Fri 2020-09-18 20:06:08 UTC
  55.         RTC time: Fri 2020-09-18 20:06:07
  56.        Time zone: America/New_York (EDT, -0400)
  57.      NTP enabled: yes
  58. NTP synchronized: yes
  59.  RTC in local TZ: no
  60.       DST active: yes
  61.  Last DST change: DST began at
  62.                   Sun 2020-03-08 01:59:59 EST
  63.                   Sun 2020-03-08 03:00:00 EDT
  64.  Next DST change: DST ends (the clock jumps one hour backwards) at
  65.                   Sun 2020-11-01 01:59:59 EDT
  66.                   Sun 2020-11-01 01:00:00 EST
  67.  
  68. [jhipp@gov-tic-stage-hsrm-ami ~]$ cat /etc/hosts
  69. 127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
  70. ::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
  71.  
  72. 10.247.127.4    gov-tic-stage-hsrmiweb01a
  73. 10.247.127.5    gov-tic-stage-hsrmeweb01a
  74. 10.247.127.36   gov-tic-stage-hsrmapp01a
  75. 10.247.127.68   gov-tic-stage-hsrmdb01a
  76. 10.247.127.6    gov-tic-stage-hsiexweb01a
  77. 10.247.127.42   gov-tic-stage-hsieagw01a
  78. 10.247.127.69   gov-tic-stage-hsiedb01a
  79. 10.247.127.37   gov-tic-stage-hsieedge01a
  80. 10.247.127.20   gov-tic-stage-hsrmiweb01b
  81. 10.247.127.21   gov-tic-stage-hsrmeweb01b
  82. 10.247.127.52   gov-tic-stage-hsrmapp01b
  83. 10.247.127.84   gov-tic-stage-hsrmdb01b
  84. 10.247.127.22   gov-tic-stage-hsiexweb01b
  85. 10.247.127.58   gov-tic-stage-hsieagw01b
  86. 10.247.127.85   gov-tic-stage-hsiedb01b
  87. 10.247.127.53   gov-tic-stage-hsieedge01b
  88. 10.247.127.86   gov-tic-stage-ma01b
  89. 10.247.127.69   gov-tic-stage-hsiedb01a.ccra.va.gov
  90. 10.247.127.85   gov-tic-stage-hsiedb01b.ccra.va.gov
  91. 10.247.127.37   gov-tic-stage-hsieedge01a.ccra.va.gov
  92. 10.247.127.53   gov-tic-stage-hsieedge01b.ccra.va.gov
  93. 10.247.127.68   gov-tic-stage-hsrmdb01a.ccra.va.gov
  94. 10.247.127.84   gov-tic-stage-hsrmdb01b.ccra.va.gov
  95. 10.247.127.36   gov-tic-stage-hsrmapp01a.ccra.va.gov
  96. 10.247.127.52   gov-tic-stage-hsrmapp01b.ccra.va.gov
  97.  
  98. 10.247.185.4 gov-tic-stage-hsrmiweb01c
  99. 10.247.185.5 gov-tic-stage-hsrmeweb01c
  100. 10.247.185.6 gov-tic-stage-hsiexweb01c
  101. 10.247.185.68 gov-tic-stage-hsrmdb01c
  102. 10.247.185.69 gov-tic-stage-hsiedb01c
  103. 10.247.185.36 gov-tic-stage-hsieagw01c
  104. 10.247.185.37 gov-tic-stage-hsrmapp01c
  105. 10.247.185.38 gov-tic-stage-hsieedge01c
  106. 10.247.127.110 fs-c832f0c9.efs.us-gov-west-1.amazonaws.com
  107.  
  108. [jhipp@gov-tic-stage-hsrm-ami ~]$ cat /etc/resolv.conf
  109. # Generated by NetworkManager
  110. nameserver 10.247.127.2
  111.  
  112. [jhipp@gov-tic-stage-hsrm-ami ~]$ rpm -qa |wc -l
  113. 596
  114.  
  115. [jhipp@gov-tic-stage-hsrm-ami ~]$ sudo -i
  116.  
  117. [root@gov-tic-stage-hsrm-ami ~]# ls -l /home/
  118. total 0
  119. drwx------. 4 ansible     ansible     146 Sep 16 11:10 ansible
  120. drwx------. 5 cacheusr    cacheusr    135 Sep 16 11:10 cacheusr
  121. drwx------. 4 ec2-user    ec2-user    111 Sep 14 22:52 ec2-user
  122. drwx------. 2 iscagent    iscagent     62 Sep 16 11:10 iscagent
  123. drwx------. 3 jenkins     jenkins     111 Sep 16 11:10 jenkins
  124. drwx------. 6 jhipp       jhipp       188 Sep 18 15:24 jhipp
  125. drwx------. 3 secscan     secscan      95 Sep 16 11:10 secscan
  126. drwx------. 2 soconnor    soconnor     83 Sep 16 11:10 soconnor
  127. drwx------. 5 swalasavage swalasavage 248 Sep 16 11:10 swalasavage
  128.  
  129. [root@gov-tic-stage-hsrm-ami ~]# ls -l /home/cacheusr/.ssh
  130. total 16
  131. -rw-------. 1 cacheusr cacheusr  757 Sep 16 11:10 authorized_keys
  132. -rw-------. 1 cacheusr cacheusr 3272 Sep 16 11:10 id_rsa
  133. -rw-r--r--. 1 cacheusr cacheusr  757 Sep 16 11:10 id_rsa.pub
  134. -rw-r--r--. 1 cacheusr cacheusr  569 Sep 16 11:10 known_hosts
  135.  
  136. [root@gov-tic-stage-hsrm-ami ~]# tail /etc/passwd
  137. tss:x:59:59:Account used by the trousers package to sandbox the tcsd daemon:/dev/null:/sbin/nologin
  138. tcpdump:x:72:72::/:/sbin/nologin
  139. abrt:x:173:173::/etc/abrt:/sbin/nologin
  140. cacheusr:x:1003:1003::/home/cacheusr:/bin/bash
  141. iscagent:x:1004:1004::/home/iscagent:/bin/bash
  142. swalasavage:x:1005:1005::/home/swalasavage:/bin/bash
  143. secscan:x:1006:1006::/home/secscan:/bin/bash
  144. ansible:x:1008:1008::/home/ansible:/bin/bash
  145. jenkins:x:1016:1016::/home/jenkins:/bin/bash
  146. soconnor:x:1020:1020::/home/soconnor:/bin/bash
  147.  
  148. [root@gov-tic-stage-hsrm-ami ~]# tail /etc/sudoers
  149. # %users  localhost=/sbin/shutdown -h now
  150.  
  151. ## Read drop-in files from /etc/sudoers.d (the # here does not mean a comment)
  152. #includedir /etc/sudoers.d
  153. ec2-user        ALL=(ALL)       NOPASSWD: ALL
  154. jhipp        ALL=(ALL)       NOPASSWD: ALL
  155. swalasavage     ALL=(ALL)       NOPASSWD: ALL
  156. secscan         ALL=(ALL)       NOPASSWD: ALL
  157. ansible      ALL=(ALL)    NOPASSWD: ALL
  158. jenkins        ALL=(ALL)       NOPASSWD: ALL
  159.  
  160. [root@gov-tic-stage-hsrm-ami ~]# ls -l /root
  161. total 52
  162. -rw-------. 1 root root 7489 Jun 18  2019 anaconda-ks.cfg
  163. -rwxr-xr-x. 1 root root 9207 Sep  4  2018 automated-hs-snapshot.sh
  164. drwxr-xr-x. 2 root root   65 Sep 16 11:11 ccra_install
  165. -rw-------. 1 root root 6752 Jun 18  2019 original-ks.cfg
  166. -rwxr-xr-x. 1 root root 8992 Aug 16  2018 take-manual-hs-snapshot.sh
  167. -rwxr-xr-x. 1 root root 9142 Jun 25 16:56 weekly-hs-snapshot.sh
  168.  
  169. [root@gov-tic-stage-hsrm-ami ~]# cat /etc/fstab
  170.  
  171. #
  172. # /etc/fstab
  173. # Created by anaconda on Tue Jun 18 16:54:51 2019
  174. #
  175. # Accessible filesystems, by reference, are maintained under '/dev/disk'
  176. # See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
  177. #
  178. UUID=a1228fd4-9288-4db2-8fd0-69dab79ccfda /                       xfs     defaults        0 0
  179. /dev/var_pool/var_pool_vg /var xfs defaults 0 0
  180. /dev/opt_pool/opt_pool_vg /opt xfs defaults 0 0
  181. /dev/log_grp/XFS_intersystems                   /intersystems   xfs     defaults        0 1
  182. /dev/mapper/jrn_pool-jrn_logs                   /logs           xfs     defaults        0 1
  183. /dev/mapper/jrn_pool-altjrn_logs                /altlogs        xfs     defaults        0 1
  184. fs-c832f0c9.efs.us-gov-west-1.amazonaws.com:/ /intersystems/VAHSRM001/web nfs4 nosharecache,context="system_u:object_r:httpd_sys_rw_content_t:s0",defaults,_netdev,nofail,x-systemd.automount 0 0
  185. /opt/swapfile   swap    swap    defaults        0 0
  186.  
  187. [root@gov-tic-stage-hsrm-ami ~]# cat /etc/fstab |egrep "UUID|swap"
  188. UUID=a1228fd4-9288-4db2-8fd0-69dab79ccfda /                       xfs     defaults        0 0
  189. /opt/swapfile   swap    swap    defaults        0 0
  190.  
  191. [root@gov-tic-stage-hsrm-ami ~]# ls -l /usr/lib64 |grep libssl
  192. -rwxr-xr-x.  1 root root   370584 Dec  6  2019 libssl3.so
  193. lrwxrwxrwx.  1 root root       12 Sep 16 13:27 libssl.so -> libssl.so.10
  194. lrwxrwxrwx.  1 root root       16 Sep 15 19:14 libssl.so.10 -> libssl.so.1.0.2k
  195. -rwxr-xr-x.  1 root root   470360 Apr  9  2019 libssl.so.1.0.2k
  196.  
  197. [root@gov-tic-stage-hsrm-ami ~]# ls -l /usr/lib64 |grep libcrypto
  198. lrwxrwxrwx.  1 root root       15 Sep 16 13:27 libcrypto.so -> libcrypto.so.10
  199. lrwxrwxrwx.  1 root root       19 Sep 15 19:14 libcrypto.so.10 -> libcrypto.so.1.0.2k
  200. -rwxr-xr-x.  1 root root  2521008 Apr  9  2019 libcrypto.so.1.0.2k
  201.  
  202. [root@gov-tic-stage-hsrm-ami ~]# cat /proc/sys/crypto/fips_enabled
  203. 1
  204.  
  205. [root@gov-tic-stage-hsrm-ami ~]# cat /etc/sysctl.conf
  206. # sysctl settings are defined through files in
  207. # /usr/lib/sysctl.d/, /run/sysctl.d/, and /etc/sysctl.d/.
  208. #
  209. # Vendors settings live in /usr/lib/sysctl.d/.
  210. # To override a whole file, create a new file with the same in
  211. # /etc/sysctl.d/ and put new settings there. To override
  212. # only specific settings, add a file with a lexically later
  213. # name in /etc/sysctl.d/ and put new settings there.
  214. #
  215. # For more information, see sysctl.conf(5) and sysctl.d(5).
  216. vm.nr_hugepages = 2000
  217. vm.swappiness = 5
  218. kernel.sem = 250     32000   32      256
  219. net.ipv4.ip_local_reserved_ports = 56000,56999
  220.  
  221. [root@gov-tic-stage-hsrm-ami ~]# cat /proc/meminfo |grep Hugepagesize
  222. Hugepagesize:       2048 kB
  223.  
  224. [root@gov-tic-stage-hsrm-ami ~]# cat /etc/security/limits.conf |grep -v "#"
  225.  
  226. *               soft    core            unlimited
  227. *               hard    core            unlimited
  228.  
  229. [root@gov-tic-stage-hsrm-ami ~]# ulimit -a
  230. core file size          (blocks, -c) unlimited
  231. data seg size           (kbytes, -d) unlimited
  232. scheduling priority             (-e) 0
  233. file size               (blocks, -f) unlimited
  234. pending signals                 (-i) 124631
  235. max locked memory       (kbytes, -l) 64
  236. max memory size         (kbytes, -m) unlimited
  237. open files                      (-n) 1024
  238. pipe size            (512 bytes, -p) 8
  239. POSIX message queues     (bytes, -q) 819200
  240. real-time priority              (-r) 0
  241. stack size              (kbytes, -s) 8192
  242. cpu time               (seconds, -t) unlimited
  243. max user processes              (-u) 124631
  244. virtual memory          (kbytes, -v) unlimited
  245. file locks                      (-x) unlimited
  246.  
  247. [root@gov-tic-stage-hsrm-ami ~]# ls -l /opt
  248. total 10485760
  249. drwxr-xr-x. 5 apache apache          43 Apr 19  2019 cspgateway
  250. drwxr-xr-x. 3 apache apache          24 Sep 18 14:56 cspgateway-hc
  251. drwxr-xr-x. 3 apache apache          24 Sep 18 14:49 cspgateway-hsieagw
  252. drwxr-xr-x. 3 apache apache          24 Sep 18 14:50 cspgateway-hsiedb
  253. drwxr-xr-x. 3 apache apache          24 Sep 18 14:50 cspgateway-hsieedge
  254. drwxr-xr-x. 3 apache apache          24 Sep 18 14:39 cspgateway-hsrmapp
  255. drwxr-xr-x. 3 apache apache          24 Sep 18 14:40 cspgateway-hsrmdb
  256. -rw-------. 1 root   root   10737418240 Sep 16 12:26 swapfile
  257.  
  258. [root@gov-tic-stage-hsrm-ami ~]# ls -l /opt/cspgateway/
  259. total 4
  260. drwxr-xr-x. 2 root   root     23 Apr 19  2019 apache
  261. drwxr-xr-x. 3 apache apache 4096 Sep 19  2019 bin
  262. drwxr-xr-x. 2 root   root     61 Apr 19  2019 docs
  263.  
  264. [root@gov-tic-stage-hsrm-ami ~]# ls -l /opt/cspgateway-*
  265. /opt/cspgateway-hc:
  266. total 0
  267. drwxr-xr-x. 5 apache apache 58 Dec 13  2018 cspgateway
  268.  
  269. /opt/cspgateway-hsieagw:
  270. total 0
  271. drwxr-xr-x. 4 apache apache 28 Aug 29  2019 cspgateway
  272.  
  273. /opt/cspgateway-hsiedb:
  274. total 0
  275. drwxr-xr-x. 3 apache apache 17 May 23  2018 cspgateway
  276.  
  277. /opt/cspgateway-hsieedge:
  278. total 0
  279. drwxr-xr-x. 3 apache apache 17 May 23  2018 cspgateway
  280.  
  281. /opt/cspgateway-hsrmapp:
  282. total 0
  283. drwxr-xr-x. 5 apache apache 43 Apr 15  2019 cspgateway
  284.  
  285. /opt/cspgateway-hsrmdb:
  286. total 0
  287. drwxr-xr-x. 5 apache apache 43 Apr 19  2019 cspgateway
  288.  
  289. [root@gov-tic-stage-hsrm-ami ~]# ls -l /etc/httpd
  290. total 0
  291. drwxrwxr-x. 2 apache apache  45 Sep 16 15:23 ccra-conf.d
  292. drwxr-xr-x. 2 root   root    37 Sep 16 15:24 conf
  293. drwxr-xr-x. 2 root   root   147 Sep 16 15:24 conf.d
  294. drwxr-xr-x. 2 root   root   192 Sep 16 10:23 conf.modules.d
  295. lrwxrwxrwx. 1 root   root    19 Sep 16 10:23 logs -> ../../var/log/httpd
  296. lrwxrwxrwx. 1 root   root    29 Sep 16 10:23 modules -> ../../usr/lib64/httpd/modules
  297. d-wxrw--wt. 2 apache apache 231 Dec 19  2019 pki
  298. lrwxrwxrwx. 1 root   root    10 Sep 16 10:23 run -> /run/httpd
  299. drwxr-xr-x. 2 apache apache  65 Jul 16  2018 saml2
  300.  
  301. [root@gov-tic-stage-hsrm-ami ~]# ls -l /etc/ |grep httpd
  302. drwxr-xr-x.  8 root root      135 Sep 16 15:20 httpd
  303. drwxr-xr-x.  3 root root       19 Sep 18 15:26 httpd-hc
  304. drwxr-xr-x.  3 root root       19 Sep 18 15:11 httpd-hsieagw
  305. drwxr-xr-x.  3 root root       19 Sep 18 15:11 httpd-hsiedb
  306. drwxr-xr-x.  3 root root       19 Sep 18 15:12 httpd-hsieedge
  307. drwxr-xr-x.  3 root root       19 Sep 18 15:12 httpd-hsrmapp
  308. drwxr-xr-x.  3 root root       19 Sep 18 15:17 httpd-hsrmdb
  309.  
  310. [root@gov-tic-stage-hsrm-ami ~]# ls -l /etc/httpd-*
  311. /etc/httpd-hc:
  312. total 0
  313. drwxr-xr-x. 6 root root 111 Apr  7 02:33 httpd
  314.  
  315. /etc/httpd-hsieagw:
  316. total 0
  317. drwxr-xr-x. 7 root root 139 Sep 18 15:34 httpd
  318.  
  319. /etc/httpd-hsiedb:
  320. total 0
  321. drwxr-xr-x. 7 root root 139 Apr  7 03:37 httpd
  322.  
  323. /etc/httpd-hsieedge:
  324. total 0
  325. drwxr-xr-x. 7 root root 139 Apr  7 03:37 httpd
  326.  
  327. /etc/httpd-hsrmapp:
  328. total 0
  329. drwxr-xr-x. 8 root root 152 Apr  7 03:34 httpd
  330.  
  331. /etc/httpd-hsrmdb:
  332. total 0
  333. drwxr-xr-x. 8 root root 135 Sep 16 15:20 httpd
  334.  
  335. [root@gov-tic-stage-hsrm-ami ~]# ls -l /intersystems/
  336. total 0
  337. drwxr-xr-x. 6 root root 234 Sep 18 10:53 HSAP-2017.2.2.865.3.19231-hscore15.032-b9688.19231-lnxrhx64
  338. drwxrwxr-x. 6 root root  49 Feb  4  2020 VAHSRM001
  339.  
  340. [root@gov-tic-stage-hsrm-ami ~]# ls -l /intersystems/VAHSRM001/
  341. total 12
  342. drwxrwxr-x. 33 root     cacheusr 4096 Sep  5  2019 db
  343. drwxr-xr-x.  2 cacheusr cacheusr  135 Feb  4  2020 pki
  344. drwxrwxr-x. 16 root     cacheusr 4096 Sep 18 14:56 sys
  345. drwxrwxrwx. 12 cacheusr cacheusr 6144 Sep  6 15:40 web
  346.  
  347. [root@gov-tic-stage-hsrm-ami ~]# ls -l /intersystems/VAHSRM001/sys/cache.cpf*
  348. -rw-rw-r--. 1 root cacheusr 79548 Jul  9 14:07 /intersystems/VAHSRM001/sys/cache.cpf
  349. -rw-rw-r--. 1 root cacheusr 48031 Sep 18 14:56 /intersystems/VAHSRM001/sys/cache.cpf.hc
  350. -rw-rw-r--. 1 root cacheusr 56656 Sep 18 14:48 /intersystems/VAHSRM001/sys/cache.cpf.hsieagw
  351. -rw-rw-r--. 1 root cacheusr 73356 Sep 18 14:48 /intersystems/VAHSRM001/sys/cache.cpf.hsiedb
  352. -rw-rw-r--. 1 root cacheusr 67227 Sep 18 14:48 /intersystems/VAHSRM001/sys/cache.cpf.hsieedge
  353. -rw-r--r--. 1 root cacheusr 59179 Sep 18 14:38 /intersystems/VAHSRM001/sys/cache.cpf.hsrmapp
  354. -rw-r--r--. 1 root cacheusr 79548 Sep 18 10:54 /intersystems/VAHSRM001/sys/cache.cpf.hsrmdb
  355.  
  356. [root@gov-tic-stage-hsrm-ami ~]# sestatus
  357. SELinux status:                 enabled
  358. SELinuxfs mount:                /sys/fs/selinux
  359. SELinux root directory:         /etc/selinux
  360. Loaded policy name:             targeted
  361. Current mode:                   enforcing
  362. Mode from config file:          enforcing
  363. Policy MLS status:              enabled
  364. Policy deny_unknown status:     allowed
  365. Max kernel policy version:      31
  366.  
  367. [root@gov-tic-stage-hsrm-ami ~]# ls -l /etc/selinux/targeted/contexts/files/
  368. total 1840
  369. -rw-r--r--. 1 root root  384579 Sep 18 10:59 file_contexts
  370. -rw-r--r--. 1 root root 1416154 Sep 18 10:59 file_contexts.bin
  371. -rw-r--r--. 1 root root   13406 Sep 18 10:59 file_contexts.homedirs
  372. -rw-r--r--. 1 root root   45577 Sep 18 10:59 file_contexts.homedirs.bin
  373. -rw-r--r--. 1 root root    1109 Sep 18 10:59 file_contexts.local
  374. -rw-r--r--. 1 root root    3714 Sep 18 10:59 file_contexts.local.bin
  375. -rw-r--r--. 1 root root       0 Sep 18 10:59 file_contexts.subs
  376. -rw-r--r--. 1 root root     514 May 21 12:21 file_contexts.subs_dist
  377. -rw-r--r--. 1 root root     139 May 21 12:21 media
  378.  
  379. [root@gov-tic-stage-hsrm-ami ~]# semanage -o
  380. boolean -D
  381. login -D
  382. interface -D
  383. user -D
  384. port -D
  385. node -D
  386. fcontext -D
  387. module -D
  388. ibendport -D
  389. ibpkey -D
  390. boolean -m -1 httpd_can_network_connect
  391. port -a -t http_port_t -r 's0' -p tcp 1972
  392. fcontext -a -f a -t httpd_sys_rw_content_t -r 's0' '/intersystems/VAHSRM001/web(/.*)?'
  393. fcontext -a -f a -t httpd_modules_t -r 's0' '/opt/cspgateway/bin/CSPa24.so'
  394. fcontext -a -f a -t httpd_modules_t -r 's0' '/opt/cspgateway/bin/CSPa24Sys.so'
  395. fcontext -a -f a -t httpd_log_t -r 's0' '/opt/cspgateway/bin/CSP.log'
  396. fcontext -a -f a -t httpd_sys_rw_content_t -r 's0' '/opt/cspgateway/bin/CSP.ini'
  397. fcontext -a -f a -t httpd_sys_rw_content_t -r 's0' '/opt/cspgateway/bin/CSPRT.ini'
  398. fcontext -a -f a -t httpd_sys_rw_content_t -r 's0' 'web'
  399. fcontext -a -f a -t httpd_sys_content_t -r 's0' '/intersystems/VAHSRM001/sys/csp(/.*)?'
  400. fcontext -a -f a -t httpd_modules_t -r 's0' '/opt/cspgateway/bin/CSPa2.so'
  401. fcontext -a -f a -t httpd_modules_t -r 's0' '/opt/cspgateway/bin/CSPa2Sys.so'
  402. fcontext -a -f a -t httpd_modules_t -r 's0' '/opt/cspgateway/bin/CSPa22.so'
  403. fcontext -a -f a -t httpd_modules_t -r 's0' '/opt/cspgateway/bin/CSPa22Sys.so'
  404. fcontext -a -f a -t bin_t -r 's0' '/opt/cspgateway/bin'
  405. fcontext -a -f a -t bin_t -r 's0' '/opt/cspgateway/bin/'
  406. fcontext -a -f a -t httpd_sys_rw_content_t -r 's0' '/opt/cspgateway/bin/CSP.log(/.*)?'
  407.  
  408. [root@gov-tic-stage-hsrm-ami ~]# cd /intersystems/HSAP-2017.2.2.865.3.19231-hscore15.032-b9688.19231-lnxrhx64/
  409.  
  410. [root@gov-tic-stage-hsrm-ami HSAP-2017.2.2.865.3.19231-hscore15.032-b9688.19231-lnxrhx64]# ls -l
  411. total 876
  412. -rwxr-xr-x.  1 root root    504 Aug 29  2019 cinstall
  413. -rwxr-xr-x.  1 root root     61 Aug 29  2019 cinstall_client
  414. -rwxr-xr-x.  1 root root    587 Aug 29  2019 cinstall_silent
  415. -rwxr-xr-x.  1 root root 840059 Aug 29  2019 copyright.pdf
  416. -rwxr-xr-x.  1 root root   6212 Aug 29  2019 cplatname
  417. drwxr-xr-x. 17 root root    230 Sep 18 10:53 dist
  418. drwxr-xr-x.  5 root root     49 Aug 29  2019 docs
  419. -rwxr-xr-x.  1 root root   2935 Aug 29  2019 kitlist
  420. -rwxr-xr-x.  1 root root   7639 Aug 29  2019 lgpl.txt
  421. -rwxr-xr-x.  1 root root  11358 Aug 29  2019 LICENSE
  422. -rwxr-xr-x.  1 root root    512 Aug 29  2019 NOTICE
  423. drwxr-xr-x. 92 root root   4096 Aug 29  2019 package
  424. drwxr-xr-x.  3 root root     22 Sep 18 10:53 tools

Raw Paste


Login or Register to edit or fork this paste. It's free.