RHEL 7

Note:Support for Red Hat Enterprise Linux (RHEL) 7 will be discontinued for the Software Vulnerability Manager On-Premises Edition system.

PHP 5.4 and mariaDB 5.5

yum install curl httpd mariadb-server ntp perl-Compress-Zlib php php-gd php-ldap php-mysql php-xml rpm-build policycoreutils-python haproxy 

PHP 7.2 and mariaDB 10.3

By default, RHEL 7 comes with PHP 5.4 and mariaDB 5.5. To add PHP 7.2 and mariaDB 10.3 repo follow the steps:

rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm

rpm -Uvh http://rpms.remirepo.net/enterprise/remi-release-7.rpm

yum -y install yum-utils

yum-config-manager --enable remi-php72

curl -sS https://downloads.mariadb.com/mariaDB/mariadb_repo_setup | sudo bash -s -- --mariadb-server-version="mariadb-10.3" --skip-eol-check 

yum -y update

yum clean all

Above steps will add PHP 7.2 and mariaDB 10.3 repo

yum -y install curl httpd mariaDB-server mariaDB-client ntp perl-Compress-Zlib php php-gd php-ldap php-mysqlnd php-pecl-zip php-xml rpm-build policycoreutils-python haproxy yum-cron 

 

set @@sql_mode = 'ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION'

 

Software Vulnerability Manager Software Installation

You can now install Software Vulnerability Manager using the command:

rpm -i csi-X.x.x.x.x86_64.rpm

After Software Vulnerability Manager is installed, run the command:

cd /usr/local/Secunia/csi/install

Disable the sample SSL file and restart httpd to reflect your changes using the commands:

echo "" > /etc/httpd/conf.d/ssl.conf

systemctl restart httpd.service

You can then execute the installer using the command:

./installationProcess.sh

When the installationProcess.sh is run, it will stop the httpd service, go through the installation/upgrade process, and Software Vulnerability Manager will be unavailable to Agents. Once the installation/upgrade process is complete, it will start the httpd service again.

If you answered yes to using SSL (HTTPS) during the installation, it is necessary to configure the firewall to accept incoming traffic on port 443 by issuing the following commands:

firewall-cmd --zone=public --add-service=https --permanent

firewall-cmd --reload

For further information regarding the setup of SSL, refer to SSL and LDAP Support.

If you answered no to using SSL (HTTPS) during the installation, it is necessary to configure the firewall to accept incoming traffic on port 80 by issuing the following commands:

firewall-cmd --zone=public --add-service=http --permanent

firewall-cmd –-reload

The installer prints out information on every step taken. You can customize your installation to specifically fit your Enterprise requirements.

Important:Software Vulnerability Manager Services and Cronjobs now run as a new csi7 user instead of as root. A csi7 user is created by the Application during installation/upgrade, and Software Vulnerability Manager Daemons and Cronjobs will run as the csi7 user instead of as root.

Important:If you want to access the database as a user other than “root”, you should create the user prior to the installation and enter that username and password in the configuration. The MySQL user needs to have all privileges, including the GRANT privilege, although the server administration privilege is not required.