New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

LME won't install on CIS hardened server #520

Open

GRRLjay opened this issue Nov 22, 2024 · 1 comment

GRRLjay commented Nov 22, 2024

If users are running an Ubuntu 22.04 server hardened according to the CIS benchmark, the Ansible playbook won't get everything installed correctly.

Through trial and error I was able to determine that the following changes were necessary:

Loosen the UMASK in /etc/login.defs from the CIS recommended 027. Going back to the default 022 works.
Disable UFW during the install or determine which ports need to be opened for the install to complete successfully.

Maybe this is too specific to document, but now it's at least recorded in an issue.

github-project-automation bot added this to LME-Development

github-project-automation bot moved this to 🆕 Product Backlog in LME-Development

Collaborator

aarz-snl commented Nov 26, 2024 •

edited

Loading

IRT UMASK during the playbook we set the permissions for each directory.

Maybe the initial directory upon download of the source code is being set to 750?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment