DokuWiki

It's better when it's simple

User Tools

Site Tools

Trace: fedora
install:fedora

Table of Contents

Fedora Package

DokuWiki is available in the Fedora repositories. These instructions are written for Fedora 19, there may be differences for other versions. Do 

dnf install httpd php dokuwiki dokuwiki-selinux

The package dokuwiki-selinux is necessary for the Configuration Manager of DokuWiki to work. It configures SELinux to allow dokuwiki to write to its configuration.

Package details are available at https://admin.fedoraproject.org/pkgdb/package/rpms/dokuwiki/

httpd

Apache HTTP Server, named httpd in Fedora, is not enabled by default. Since Fedora is systemd-based you may start it with 

systemctl start httpd.service

And you may enable it for automatic startup at system boot with 

systemctl enable httpd.service

To disable or to stop httpd, just use the commands “disable” and “stop”.

DokuWiki should be accessible at http://localhost/dokuwiki now.

Configuration

The basic configuration just lets you create and edit pages, but doesn't allow you to login and use the Configuration Manager!

The configuration resides in /etc/dokuwiki. local.php contains your local configuration, dokuwiki.php contains dokuwikis defaults and should be left alone. The Configuration Manager also writes to local.php.

To enable login, edit /etc/dokuwiki/local.php and set 

$conf['useacl'] = 1;
$conf['superuser'] = '@admin';

This enables ACL (Access Control) and gives all members of the group “admin” superuser rights.

Now add a new user to users.auth.php: 

admin:21232f297a57a5a743894a0e4a801fc3:Admin:example@example.com:admin

The user is named “admin” with password “admin” and is member of the group “admin”, which has superuser rights.

You can now login as user “admin” and use DokuWikis admin tools to configure it, to add new users and the like.

Paths

DokuWiki /usr/share/dokuwiki
Configuration /etc/dokuwiki
Data directory /var/lib/dokuwiki/data

Allowing access

Once this is installed, you should be able to access this on your local machine. A problem may arise when you try to access it through a network. This has to do with the config settings of Dokuwiki, to change them, Navigate to /etc/httpd/conf.d/ and there should be a file named dokuwiki.conf.

  • For Fedora versions earlier than 18 (Apache 2.2): Edit the file and find the line that says “Allow 127.0.0.1 only” and change it to say “Allow from All”.
  • For Fedora 18 and later (Apache 2.4): Edit the file and find the line that says “Require local” and change it to say “Require all granted”.

Save the file and restart the Apache HTTP Server with the systemd user space utility systemctl: 

systemctl restart httpd.service

It should now allow remote requests to the site. Depending on your setup, you may have to allow incoming http(s) traffic in you firewall though.

SELinux

SELinux is pre-installed on Fedora. 

SELinux is preventing /usr/sbin/httpd from write access on the file /etc/dokuwiki/users.auth.php

If you want to allow httpd to have write access on the file /etc/dokuwiki/users.auth.php, then change the “label” of that file:

  1. As root do:
    semanage fcontext -a -t FILE_TYPE '/etc/dokuwiki/users.auth.php'


    FILE_TYPE is one of the following strings:
    abrt_retrace_spool_t, afs_cache_t, anon_inodefs_t, dirsrv_config_t, dirsrv_var_log_t, dirsrv_var_run_t, dirsrvadmin_config_t, dirsrvadmin_tmp_t, httpd_apcupsd_cgi_rw_content_t, httpd_awstats_rw_content_t, httpd_bugzilla_rw_content_t, httpd_cache_t, httpd_collectd_rw_content_t, httpd_cvs_rw_content_t, httpd_dirsrvadmin_rw_content_t, httpd_dspam_rw_content_t, httpd_git_rw_content_t, httpd_lock_t, httpd_man2html_rw_content_t, httpd_mediawiki_rw_content_t, httpd_mojomojo_rw_content_t, httpd_munin_rw_content_t, httpd_mythtv_rw_content_t, httpd_nagios_rw_content_t, httpd_nutups_cgi_rw_content_t, httpd_openshift_rw_content_t, httpd_prewikka_rw_content_t, httpd_smokeping_cgi_rw_content_t, httpd_squid_rw_content_t, httpd_squirrelmail_t, httpd_sys_rw_content_t, httpd_tmp_t, httpd_tmpfs_t, httpd_user_rw_content_t, httpd_var_lib_t, httpd_var_run_t, httpd_w3c_validator_rw_content_t, httpd_webalizer_rw_content_t, httpd_zoneminder_rw_content_t, initrc_tmp_t, jetty_cache_t, jetty_log_t, jetty_var_lib_t, jetty_var_run_t, krb5_host_rcache_t, passenger_tmp_t, passenger_var_run_t, pki_ra_etc_rw_t, pki_ra_log_t, pki_ra_var_lib_t, pki_tps_etc_rw_t, pki_tps_log_t, pki_tps_var_lib_t, puppet_tmp_t, squirrelmail_spool_t, systemd_passwd_var_run_t, user_cron_spool_t, zarafa_var_lib_t, zoneminder_var_lib_t.

  2. Then execute
    restorecon -v '/etc/dokuwiki/users.auth.php'

Solution

(at least for 2013-08-09 Fedora 19 “Schrödinger's Cat') As root do: 

semanage fcontext -a -t httpd_mediawiki_rw_content_t '/etc/dokuwiki'
restorecon -v '/etc/dokuwiki'
semanage fcontext -a -t httpd_mediawiki_rw_content_t '/etc/dokuwiki/users.auth.php'
restorecon -v '/etc/dokuwiki/users.auth.php'
semanage fcontext -a -t httpd_mediawiki_rw_content_t '/etc/dokuwiki/local.php'
restorecon -v '/etc/dokuwiki/local.php'

Solution 2

I'm not a SELinux or Fedora expert, but thanks to people from the #selinux Freenode IRC channel I managed to fix the problem in the following way: 

# semanage fcontext -a -t httpd_sys_rw_content_t '/etc/dokuwiki(/.*)?'
# restorecon -v '/etc/dokuwiki' -R

Tried with Fedora 20 on 2014-02-17.

Solution 3

The Fedora dokuwiki-selinux-20230404a-4.fc40.noarch package's postinstall-script adds the following fcontext policy entries: 

semanage fcontext -a -t httpd_sys_rw_content_t '/etc/dokuwiki(/.*)?'
semanage fcontext -a -t httpd_sys_content_t '/usr/share/dokuwiki(/.*)?'
semanage fcontext -a -t httpd_sys_rw_content_t '/usr/share/dokuwiki/lib/plugins(/.*)?'
restorecon -R '/etc/dokuwiki'
restorecon -R '/usr/share/dokuwiki'

In addition, The Fedora dokuwiki package places the data subdirectory in /var/lib/dokuwiki, which has the following policy: 

$ ls -laZ /var/lib/dokuwiki/
total 12
drwxr-xr-x.  3 root   root   system_u:object_r:httpd_sys_rw_content_t:s0 4096 Apr 26 15:28 .
drwxr-xr-x. 28 root   root   system_u:object_r:var_lib_t:s0              4096 Apr 26 15:28 ..
drwxr-xr-x. 13 apache apache system_u:object_r:httpd_sys_rw_content_t:s0 4096 Apr 26 15:28 data

Based on the above, the following policies should be needed when installing dokuwiki from the original tarball under /srv/http/wiki.example.net/: 

semanage fcontext -a -t httpd_sys_content_t '/srv/http/wiki.example.net(/.*)?'
semanage fcontext -a -t httpd_sys_rw_content_t '/srv/http/wiki.example.net/conf(/.*)?'
semanage fcontext -a -t httpd_sys_rw_content_t '/srv/http/wiki.example.net/data(/.*)?'
semanage fcontext -a -t httpd_sys_rw_content_t '/srv/http/wiki.example.net/lib/plugins(/.*)?'

Solution 4

The chcon command changes the SELinux context for files temporary. These changes do not survive a file system relabel, or the restorecon command. 

  chcon -t httpd_sys_rw_content_t /etc/dokuwiki/ -R
  chcon -t httpd_sys_content_t /usr/share/dokuwiki/ -R
  chcon -t httpd_sys_rw_content_t /usr/share/dokuwiki/lib/plugins/ -R

You can restore default SELinux context for this files by running: 

  restorecon -R '/etc/dokuwiki/'
  restorecon -R '/usr/share/dokuwiki/'
  restorecon -R '/usr/share/dokuwiki/lib/plugins/'

Install the package downloaded from the website

See this wiki page on how to install DokuWiki with nginx on Fedora 29

install/fedora.txt · Last modified: 2024-04-26 17:03 by 2a02:8012:102b:0:120b:db7:2bbd:6bc
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki

Global DokuWiki Links