AIX

Procedure expects Apache 2.4.40+ installed via yum/dnf from Linux Tool box.
  • Install Apache if it is not already there
    yum install httpd
    
  • Enable CGI-BIN API (it is hashed by default) in /opt/freeware/etc/httpd/conf/httpd.conf
    <IfModule mpm_prefork_module>
            LoadModule cgi_module /opt/freeware/lib/httpd/modules/mod_cgi.so
    </IfModule>
    
  • Place there LPAR2RRD cfg (it supposes that install home will be in /home/lpar2rrd/lpar2rrd)
    Append it to /opt/freeware/etc/httpd/conf/httpd.conf
    AddHandler cgi-script .cgi
    #
    # LPAR2RRD
    #
    Alias /lpar2rrd  "/home/lpar2rrd/lpar2rrd/www/"
    <Directory "/home/lpar2rrd/lpar2rrd/www/">
        AllowOverride AuthConfig FileInfo
        Options -Indexes
        Options FollowSymLinks
        AuthType basic
        AuthName "LPAR2RRD authorization"
        Require valid-user
    </Directory>
    # CGI-BIN
    ScriptAlias /lpar2rrd-cgi/ "/home/lpar2rrd/lpar2rrd/lpar2rrd-cgi/"
    <Directory "/home/lpar2rrd/lpar2rrd/lpar2rrd-cgi">
        AllowOverride AuthConfig FileInfo
        SetHandler cgi-script
        Options ExecCGI FollowSymLinks
        AuthName "LPAR2RRD authorization"
        AuthType basic
        Require valid-user
    </Directory>
    
    KeepAlive On
    KeepAliveTimeout 5
    TimeOut 1200
    
  • Apache restart
    /opt/freeware/sbin/apachectl restart
    
  • Make sure apache starts after the OS boot

  • Enable authorization in LPAR2RRD after its installation (i.e. next tab, now such directories do not exist)
    # su - lpar2rrd
    umask 022
    cd /home/lpar2rrd/lpar2rrd
    cp html/.htaccess www
    cp html/.htaccess lpar2rrd-cgi
    
  • Test web pages
    Point your web browser to http://<your lpar2rrd host>/lpar2rrd/ as soon as you configure LPAR2RRD


Red Hat, CentOS, Rocky Linux ...

  • Install Apache if it is not already there
    yum install httpd
    
  • Append at the end of /etc/httpd/conf/httpd.conf following
    Alias /lpar2rrd  "/home/lpar2rrd/lpar2rrd/www"
    #
    # LPAR2RRD
    #
    <Directory "/home/lpar2rrd/lpar2rrd/www/">
        AllowOverride AuthConfig FileInfo
        Options -Indexes
        Options FollowSymLinks
        AuthType basic
        AuthName "LPAR2RRD authorization"
        Require valid-user
    </Directory>
    
    # CGI-BIN
    ScriptAlias /lpar2rrd-cgi/ "/home/lpar2rrd/lpar2rrd/lpar2rrd-cgi/"
    <Directory "/home/lpar2rrd/lpar2rrd/lpar2rrd-cgi">
        AllowOverride AuthConfig FileInfo
        SetHandler cgi-script
        Options ExecCGI FollowSymLinks
        AuthType basic
        AuthName "LPAR2RRD authorization"
        Require valid-user
    </Directory>
    
    KeepAlive On
    KeepAliveTimeout 5
    TimeOut 1200
    
  • Edit /etc/httpd/conf.modules.d/00-mpm.conf, enable mpm_prefork_module, diasble mpm_event_module
    LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
    #LoadModule mpm_event_module modules/mod_mpm_event.so
    
  • Apache restart under root
    apachectl restart
    
  • Make sure apache starts after the OS boot
    systemctl enable httpd.service
    
  • Enable authorization in LPAR2RRD after its installation (i.e. next tab, now such directories do not exist)
    # su - lpar2rrd
    umask 022
    cd /home/lpar2rrd/lpar2rrd
    cp html/.htaccess www
    cp html/.htaccess lpar2rrd-cgi
    
  • Test web pages
    Point your web browser to http://<your lpar2rrd host>/lpar2rrd/ as soon as you configure LPAR2RRD

  • If you have firewall enabled then enable LPAR2RRD communication by:
    firewall-cmd --add-service=http --permanent
    firewall-cmd --add-service=https --permanent
    firewall-cmd --add-port=8162/tcp --permanent
    
    firewall-cmd --reload
    
  • You might need to disable SElinux
    You must do it in case you get either "(13)Permission denied:" or "AH00132: file permissions deny server access" in Apache error_log.
    You have 2 options:
    • Disable SELinux only for Apache
      Step 1. Query for the Boolean value you need to change:
      # getsebool -a | grep httpd_dis
        httpd_disable_trans --> off
      
      Step 2. Disable the SELinux protection:
      # setsebool -P httpd_disable_trans=1
      
      Step 3. Verify that the Boolean has changed:
      # getsebool -a | grep httpd_dis
        httpd_disable_trans --> on
      
    • Globally disable SELinux
      # setenforce Permissive
      # vi /etc/sysconfig/selinux
        SELINUX=disabled
      
    Follow SELinux configuration in case you want to enable SELinux only for LPAR2RRD

Debian, Ubuntu ...

  • Install Apache if it is nit already there
    # apt-get install httpd
    
  • Enable CGI-BIN and optionally even SSL if it is required
    # a2enmod cgi
    # a2enmod ssl
    
  • Append this at the end of /etc/apache2/apache2.conf
    AddHandler cgi-script .sh
    #
    # LPAR2RRD
    #
    Alias /lpar2rrd  "/home/lpar2rrd/lpar2rrd/www/"
    <Directory "/home/lpar2rrd/lpar2rrd/www/">
        AllowOverride AuthConfig FileInfo
        Options -Indexes
        Options FollowSymLinks
        AuthType basic
        AuthName "LPAR2RRD authorization"
        Require valid-user
    </Directory>
    # CGI-BIN
    ScriptAlias /lpar2rrd-cgi/ "/home/lpar2rrd/lpar2rrd/lpar2rrd-cgi/"
    <Directory "/home/lpar2rrd/lpar2rrd/lpar2rrd-cgi">
        AllowOverride AuthConfig FileInfo
        SetHandler cgi-script
        Options ExecCGI FollowSymLinks
        AuthType basic
        AuthName "LPAR2RRD authorization"
        Require valid-user
    </Directory>
    
    KeepAlive On
    KeepAliveTimeout 5
    TimeOut 1200
    
  • Apache restart
    apachectl restart
    
  • Make sure apache starts after the OS boot
    systemctl start apache2.service
    
  • Enable authorization in LPAR2RRD after its installation (i.e. next tab, now such directories do not exist)
    # su - lpar2rrd
    umask 022
    cd /home/lpar2rrd/lpar2rrd
    cp html/.htaccess www
    cp html/.htaccess lpar2rrd-cgi
    
  • Test web pages
    Point your web browser to http://<your lpar2rrd host>/lpar2rrd/ as soon as you configure LPAR2RRD

  • If you have firewall enabled then enable LPAR2RRD communication by:
    firewall-cmd --add-service=http --permanent
    firewall-cmd --add-service=https --permanent
    firewall-cmd --add-port=8162/tcp --permanent
    
    firewall-cmd --reload
    
  • You might need to disable SElinux
    You must do it in case you get either "(13)Permission denied:" or "AH00132: file permissions deny server access" in Apache error_log.
    You have 2 options:
    • Disable SELinux only for Apache
      Step 1. Query for the Boolean value you need to change:
      # getsebool -a | grep httpd_dis
        httpd_disable_trans --> off
      
      Step 2. Disable the SELinux protection:
      # setsebool -P httpd_disable_trans=1
      
      Step 3. Verify that the Boolean has changed:
      # getsebool -a | grep httpd_dis
        httpd_disable_trans --> on
      
    • Globally disable SELinux
      # setenforce Permissive
      # vi /etc/sysconfig/selinux
        SELINUX=disabled
      
    Follow SELinux configuration in case you want to enable SELinux only for LPAR2RRD

SuSE

  • Append at the end of /etc/apache2/httpd.conf following
    AddHandler cgi-script .sh
    #
    # LPAR2RRD
    #
    Alias /lpar2rrd  "/home/lpar2rrd/lpar2rrd/www/"
    <Directory "/home/lpar2rrd/lpar2rrd/www/">
        AllowOverride AuthConfig FileInfo
        Options -Indexes
        Options FollowSymLinks
        AuthType basic
        AuthName "LPAR2RRD authorization"
        Require valid-user
    </Directory>
    # CGI-BIN
    ScriptAlias /lpar2rrd-cgi/ "/home/lpar2rrd/lpar2rrd/lpar2rrd-cgi/"
    <Directory "/home/lpar2rrd/lpar2rrd/lpar2rrd-cgi">
        AllowOverride AuthConfig FileInfo
        SetHandler cgi-script
        Options ExecCGI FollowSymLinks
        AuthType basic
        AuthName "LPAR2RRD authorization"
        Require valid-user
    </Directory>
    
    KeepAlive On
    KeepAliveTimeout 5
    TimeOut 1200
    
  • Make sure apache starts after the OS boot

  • Enable authorization in LPAR2RRD after its installation (i.e. next tab, now such directories do not exist)
    # su - lpar2rrd
    umask 022
    cd /home/lpar2rrd/lpar2rrd
    cp html/.htaccess www
    cp html/.htaccess lpar2rrd-cgi
    
  • Test web pages
    Point your web browser to http://<your lpar2rrd host>/lpar2rrd/ as soon as you configure LPAR2RRD


  • If you have firewall enabled then enable LPAR2RRD communication by:
    firewall-cmd --add-service=http --permanent
    firewall-cmd --add-service=https --permanent
    firewall-cmd --add-port=8162/tcp --permanent
    
    firewall-cmd --reload
    

Troubleshooting

Apache error_log

When LPAR2RRD application is not reachable via the web server, check Apache error log for new errors under root user
  • AIX
    cd /opt/freeware/etc/httpd/logs
    tail error_log
    
  • Linux:
    cd /etc/httpd/logs/
    tail error_log
    
  • "(13)Permission denied:" or "AH00132: file permissions deny server access"
    Solution:
    Problem either with SELinux (check above per OS settings) or Apache user does not have read access to LPAR2RRD web /home/lpar2rrd/lpar2rrd/www
    Make sure that all subdirectories in the path are readable for apache user (ps -ef| egrep "httpd|apache")

  • AH01257: unable to connect to cgi daemon after multiple tries
    AH01630: client denied by server configuration
    Solution:
    Enable mpm_prefork_module and disable mpm_event_module in /etc/httpd/conf.modules.d/00-mpm.conf
    LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
    #LoadModule mpm_event_module modules/mod_mpm_event.so
    
  • AH01220: Timeout waiting for output from CGI script
    Solution:
    Apache default timeout is 1 minute what might not be enhough for longer reports, increase it by adding this at the end of httpd.conf
    KeepAlive On
    KeepAliveTimeout 5
    TimeOut 1200
    

Apache access_log (ssl_error_log)

Check also access_log or ssl_error_log if there are new entries when you try to reach the web via the browser, if do not then either:
  • Apache is not running, no any process is listed
    ps -ef| egrep "httpd|apache"| grep -v grep
    
  • Firewall on the LPAR2RRD host blocking it, disable it
    firewall-cmd --add-service=http --permanent
    firewall-cmd --add-service=https --permanent
    firewall-cmd --add-port=8162/tcp --permanent
    
    firewall-cmd --reload
    
  • Company's network/firewall blocking it, check with your security team