AIX

Procedure expects Apache 2.4.40+ installed via yum/dnf from Linux Tool box.

• Install Apache if it is not already there

  yum install httpd
  

• Enable CGI-BIN API (it is hashed by default) in /opt/freeware/etc/httpd/conf/httpd.conf

  <IfModule mpm_prefork_module>>
          LoadModule cgi_module /opt/freeware/lib/httpd/modules/mod_cgi.so
  </IfModule>
  

• Place there LPAR2RRD cfg (it supposes that install home will be in /home/lpar2rrd/lpar2rrd)
  Append it to /opt/freeware/etc/httpd/conf/httpd.conf

  AddHandler cgi-script .cgi
  #
  # LPAR2RRD
  #
  Alias /lpar2rrd  "/home/lpar2rrd/lpar2rrd/www/"
  <Directory "/home/lpar2rrd/lpar2rrd/www/">
      AllowOverride AuthConfig FileInfo
      Options -Indexes
      Options FollowSymLinks
      AuthType basic
      AuthName "LPAR2RRD authorization"
      Require valid-user
  </Directory>
  # CGI-BIN
  ScriptAlias /lpar2rrd-cgi/ "/home/lpar2rrd/lpar2rrd/lpar2rrd-cgi/"
  <Directory "/home/lpar2rrd/lpar2rrd/lpar2rrd-cgi">
      AllowOverride AuthConfig FileInfo
      SetHandler cgi-script
      Options ExecCGI FollowSymLinks
      AuthName "LPAR2RRD authorization"
      AuthType basic
      Require valid-user
  </Directory>
  
  KeepAlive On
  KeepAliveTimeout 5
  TimeOut 1200
  

• Apache restart
  

  /opt/freeware/sbin/apachectl restart
  

• Make sure apache starts after the OS boot
  
  
• Enable authorization in LPAR2RRD after its installation

  # su - lpar2rrd
  umask 022
  cd /home/lpar2rrd/lpar2rrd
  cp html/.htaccess www
  cp html/.htaccess lpar2rrd-cgi
  

• Test web pages
  Point your web browser to http://<your lpar2rrd host>/lpar2rrd/ as soon as you configure LPAR2RRD
  
  
  

Red Hat, CentOS, Rocky Linux ...

• Install Apache if it is not already there

  yum install httpd
  

• Append at the end of /etc/httpd/conf/httpd.conf following

  Alias /lpar2rrd  "/home/lpar2rrd/lpar2rrd/www"
  #
  # LPAR2RRD
  #
  <Directory "/home/lpar2rrd/lpar2rrd/www/">
      AllowOverride AuthConfig FileInfo
      Options -Indexes
      Options FollowSymLinks
      AuthType basic
      AuthName "LPAR2RRD authorization"
      Require valid-user
  </Directory>
  
  # CGI-BIN
  ScriptAlias /lpar2rrd-cgi/ "/home/lpar2rrd/lpar2rrd/lpar2rrd-cgi/"
  <Directory "/home/lpar2rrd/lpar2rrd/lpar2rrd-cgi">
      AllowOverride AuthConfig FileInfo
      SetHandler cgi-script
      Options ExecCGI FollowSymLinks
      AuthType basic
      AuthName "LPAR2RRD authorization"
      Require valid-user
  </Directory>
  
  KeepAlive On
  KeepAliveTimeout 5
  TimeOut 1200
  

• Edit /etc/httpd/conf.modules.d/00-mpm.conf, enable mpm_prefork_module, diasble mpm_event_module

  LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
  #LoadModule mpm_event_module modules/mod_mpm_event.so
  

• Apache restart under root
  

  apachectl restart
  

• Make sure apache starts after the OS boot

  systemctl enable httpd.service
  

• Enable authorization in LPAR2RRD after its installation

  # su - lpar2rrd
  umask 022
  cd /home/lpar2rrd/lpar2rrd
  cp html/.htaccess www
  cp html/.htaccess lpar2rrd-cgi
  

• Test web pages
  Point your web browser to http://<your lpar2rrd host>/lpar2rrd/ as soon as you configure LPAR2RRD
  
  
• If you have firewall enabled then enable LPAR2RRD communication by:

  firewall-cmd --add-service=http --permanent
  firewall-cmd --add-service=https --permanent
  firewall-cmd --add-port=8162/tcp --permanent
  
  firewall-cmd --reload
  

• You might need to disable SElinux
  You must do it in case you get either "(13)Permission denied:" or "AH00132: file permissions deny server access" in Apache error_log.
  You have 2 options:
  
  • Disable SELinux only for Apache

    Step 1. Query for the Boolean value you need to change:
    # getsebool -a | grep httpd_dis
      httpd_disable_trans --> off
    
    Step 2. Disable the SELinux protection:
    # setsebool -P httpd_disable_trans=1
    
    Step 3. Verify that the Boolean has changed:
    # getsebool -a | grep httpd_dis
      httpd_disable_trans --> on
    

  • Globally disable SELinux

    # setenforce Permissive
    # vi /etc/sysconfig/selinux
      SELINUX=disabled
    

  Follow SELinux configuration in case you want to enable SELinux only for LPAR2RRD
  
  

Debian, Ubuntu ...

• Install Apache if it is nit already there

  # apt-get install httpd
  

• Enable CGI-BIN and optionally even SSL if it is required

  # a2enmod cgi
  # a2enmod ssl
  

• Append this at the end of /etc/apache2/apache2.conf

  AddHandler cgi-script .sh
  #
  # LPAR2RRD
  #
  Alias /lpar2rrd  "/home/lpar2rrd/lpar2rrd/www/"
  <Directory "/home/lpar2rrd/lpar2rrd/www/">
      AllowOverride AuthConfig FileInfo
      Options -Indexes
      Options FollowSymLinks
      AuthType basic
      AuthName "LPAR2RRD authorization"
      Require valid-user
  </Directory>
  # CGI-BIN
  ScriptAlias /lpar2rrd-cgi/ "/home/lpar2rrd/lpar2rrd/lpar2rrd-cgi/"
  <Directory "/home/lpar2rrd/lpar2rrd/lpar2rrd-cgi">
      AllowOverride AuthConfig FileInfo
      SetHandler cgi-script
      Options ExecCGI FollowSymLinks
      AuthType basic
      AuthName "LPAR2RRD authorization"
      Require valid-user
  </Directory>
  
  KeepAlive On
  KeepAliveTimeout 5
  TimeOut 1200
  

• Apache restart
  

  apachectl restart
  

• Make sure apache starts after the OS boot

  systemctl start apache2.service
  

• Enable authorization in LPAR2RRD after its installation

  # su - lpar2rrd
  umask 022
  cd /home/lpar2rrd/lpar2rrd
  cp html/.htaccess www
  cp html/.htaccess lpar2rrd-cgi
  

• Test web pages
  Point your web browser to http://<your lpar2rrd host>/lpar2rrd/ as soon as you configure LPAR2RRD
  
  
• If you have firewall enabled then enable LPAR2RRD communication by:

  firewall-cmd --add-service=http --permanent
  firewall-cmd --add-service=https --permanent
  firewall-cmd --add-port=8162/tcp --permanent
  
  firewall-cmd --reload
  

• You might need to disable SElinux
  You must do it in case you get either "(13)Permission denied:" or "AH00132: file permissions deny server access" in Apache error_log.
  You have 2 options:
  
  • Disable SELinux only for Apache

    Step 1. Query for the Boolean value you need to change:
    # getsebool -a | grep httpd_dis
      httpd_disable_trans --> off
    
    Step 2. Disable the SELinux protection:
    # setsebool -P httpd_disable_trans=1
    
    Step 3. Verify that the Boolean has changed:
    # getsebool -a | grep httpd_dis
      httpd_disable_trans --> on
    

  • Globally disable SELinux

    # setenforce Permissive
    # vi /etc/sysconfig/selinux
      SELINUX=disabled
    

  Follow SELinux configuration in case you want to enable SELinux only for LPAR2RRD
  
  

SuSE

• Append at the end of /etc/apache2/httpd.conf following

  AddHandler cgi-script .sh
  #
  # LPAR2RRD
  #
  Alias /lpar2rrd  "/home/lpar2rrd/lpar2rrd/www/"
  <Directory "/home/lpar2rrd/lpar2rrd/www/">
      AllowOverride AuthConfig FileInfo
      Options -Indexes
      Options FollowSymLinks
      AuthType basic
      AuthName "LPAR2RRD authorization"
      Require valid-user
  </Directory>
  # CGI-BIN
  ScriptAlias /lpar2rrd-cgi/ "/home/lpar2rrd/lpar2rrd/lpar2rrd-cgi/"
  <Directory "/home/lpar2rrd/lpar2rrd/lpar2rrd-cgi">
      AllowOverride AuthConfig FileInfo
      SetHandler cgi-script
      Options ExecCGI FollowSymLinks
      AuthType basic
      AuthName "LPAR2RRD authorization"
      Require valid-user
  </Directory>
  
  KeepAlive On
  KeepAliveTimeout 5
  TimeOut 1200
  

• Make sure apache starts after the OS boot
  
  
• Enable authorization in LPAR2RRD after its installation

  # su - lpar2rrd
  umask 022
  cd /home/lpar2rrd/lpar2rrd
  cp html/.htaccess www
  cp html/.htaccess lpar2rrd-cgi
  

• Test web pages
  Point your web browser to http://<your lpar2rrd host>/lpar2rrd/ as soon as you configure LPAR2RRD
  
  
  
• If you have firewall enabled then enable LPAR2RRD communication by:

  firewall-cmd --add-service=http --permanent
  firewall-cmd --add-service=https --permanent
  firewall-cmd --add-port=8162/tcp --permanent
  
  firewall-cmd --reload
  

Troubleshooting

Apache error_log

When LPAR2RRD application is not reachable via the web server, check Apache error log for new errors under root user

• AIX
  

  cd /opt/freeware/etc/httpd/logs
  tail error_log
  

• Linux:
  

  cd /etc/httpd/logs/
  tail error_log
  

• "(13)Permission denied:" or "AH00132: file permissions deny server access"
  Solution:
  Problem either with SELinux (check above per OS settings) or Apache user does not have read access to LPAR2RRD web /home/lpar2rrd/lpar2rrd/www
  Make sure that all subdirectories in the path are readable for apache user (ps -ef| egrep "httpd|apache")
  
  
• AH01257: unable to connect to cgi daemon after multiple tries
  AH01630: client denied by server configuration
  Solution:
  Enable mpm_prefork_module and disable mpm_event_module in /etc/httpd/conf.modules.d/00-mpm.conf

  LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
  #LoadModule mpm_event_module modules/mod_mpm_event.so
  

• AH01220: Timeout waiting for output from CGI script
  Solution:
  Apache default timeout is 1 minute what might not be enhough for longer reports, increase it by adding this at the end of httpd.conf

  KeepAlive On
  KeepAliveTimeout 5
  TimeOut 1200
  

Apache access_log (ssl_error_log)

Check also access_log or ssl_error_log if there are new entries when you try to reach the web via the browser, if do not then either:

• Apache is not running, no any process is listed

  ps -ef| egrep "httpd|apache"| grep -v grep
  

• Firewall on the LPAR2RRD host blocking it, disable it
  

  firewall-cmd --add-service=http --permanent
  firewall-cmd --add-service=https --permanent
  firewall-cmd --add-port=8162/tcp --permanent
  
  firewall-cmd --reload
  

• Company's network/firewall blocking it, check with your security team