...
This can be done concurrently, independantly or after following the above guide to harden the omk modules and rest of the NMIS suite.
This has been tested on a Ubuntu 20.04/RHEL 8.8 installation installations running default service files and directory settings for nmis and omk modules from their respective installers. You will need to modify some commands into their respective RHEL/Centos counterparts in the above script and steps.
...
SYSTEMCTL Service File changes for NMIS
Code Block |
---|
sudo sed -i 's/\/var\/run/\/var\/run\/nmis9/' /etc/systemd/system/nmis9d.service
sudo sed -i 's/\[Service\]/\[Service\]\nPermissionsStartOnly\=true\nExecStartPre\=\/bin\/sh \-c \"mkdir \-p \/var\/run\/nmis9\/\"\nExecStartPre\=\/bin\/sh \-c \"chown nmis\.nmis \/var\/run\/nmis9\/\"\nExecStartPre\=\/bin\/sh \-c \"chmod 3700 \/var\/run\/nmis9\/\"/g' /etc/systemd/system/nmis9d.service
sudo sed -i 's/PIDFile=\/usr\/local\/nmis9\/var\/nmis_system\/nmisd.pid/PIDFile=\/var\/run\/nmis9\/nmis9d.pid/' /etc/systemd/system/nmis9d.service
sudo sed -i '/\[Service\]/a User=nmis\nGroup=nmis' /etc/systemd/system/nmis9d.service |
...