3.3.7 Configuring SELinux-related settings (for Linux)
This section describes the procedure for running the JP1/AJS3 CSA Web Application Server in an environment where SELinux is enabled on Linux 8 or later.
This procedure assumes that both root and non-root users operate as unrestricted SELinux users (unconfined_u). If you use an SELinux user other than unconfined_u, you must take appropriate measures at your own responsibility.
Note that the semanage fcontext and restorecon commands are used to configure and remove security context settings.
When SELinux is enabled, the context type of the file used to start or stop the JP1/AJS3 CSA HTTP Server service and the JP1/AJS3 CSA Web Application Server service must be set to bin_t.
The procedure is as follows.
# semanage fcontext -a -t bin_t '/etc/opt/jp1ajs3csa/jajs_csa' # semanage fcontext -a -t bin_t '/etc/opt/jp1ajs3csa/jajs_csa_stop' # restorecon -F /etc/opt/jp1ajs3csa/jajs_csa # restorecon -F /etc/opt/jp1ajs3csa/jajs_csa_stop # semanage fcontext -a -t bin_t '/etc/rc.d/init.d/jp1ajs3csa' # restorecon -F /etc/rc.d/init.d/jp1ajs3csa