SELinux

Install Howto for EL9 works just fine with SELinux enabled (enforcing mode)
The only problem is with PM2 service - we need it to run XorMon NG on system boot

All these commands must be executed using root account!
  • Create pm2-xormon.service 
    env PATH=$PATH:/usr/bin /home/xormon/xormon-ng/server-nest/node_modules/pm2/bin/pm2 startup systemd -u xormon --hp /home/xormon
  • SELinux prevents PM2 service to be run, we must enable executing pm2 script 
    # set the context for pm2 binary
semanage fcontext -a -t bin_t "/home/xormon/xormon-ng/server-nest/node_modules/pm2/bin/pm2" 

# check context
semanage fcontext --list | grep 'pm2'

# apply changes 
restorecon -v /home/xormon/xormon-ng/server-nest/node_modules/pm2/bin/pm2 > /dev/null
  • SELinux prevents service PID in user HOMEDIR, this override for pm2-xormon.service solves that placing PID in /run/xormon 
    
mkdir /etc/systemd/system/pm2-xormon.service.d

cat > /etc/systemd/system/pm2-xormon.service.d/override.conf << EOF
[Service]
ExecStartPre=+/bin/mkdir -p /run/xormon
ExecStartPre=+/bin/chown xormon:xormon /run/xormon
Environment=PM2_PID_FILE_PATH=/run/xormon/pm2.pid
PIDFile=/run/xormon/pm2.pid
EOF
  • Reload service configuration and finally enable and run XorMon NG service 
    systemctl daemon-reload
systemctl enable pm2-xormon.service --now