Redhat 8 in particular doesn't ship with a late enough version (it ships 7.2.x) for us - we require 7.4 at a minimum.
Redhat 8 also does not ship the libsodium library at all. Libsodium is used by PHP (amongst others) to provide encryption abilities - and we use this in Open-AudIT.
https://access.redhat.com/solutions/5284161
So, by default Open-AudIT 5.x uses the Remi repo for Redhat to get updated versions of PHP and a suitable libsodium.
Some customers are not permitted to allow external repositiories that are not Redhat controlled (or owned). Even though Remi works for Redhat and is their PHP packager and maintainer, his repository is not "official" and therefore not allowed on these servers.
What to do... what to do?
Well, you cou8ld always install Redhat 9 and use the default repo's. This will "just work" as Redhat 9 has a suitable version of PHP and does ship libsodium.
But what if you have to stay on Redhat 8?
Fear not, I have the answer. Below uses Redhat AppStream (for PHP), Fedora Repo (for libsodium, owned by Redhat) and PECL (official Redhat package).
Follow the bouncing ball below to get this working.
NOTE - This is designed for a new Redhat 8 server, not for upgrading your existing server. I have not attempted to install the dependencies over an existing set, but I think it should work.
As always - do not try this on your production machine. The best way is a new install of Redhat 8, or a clone of your production machine.
On the new server.
subscription-manager refresh dnf update dnf install @php:8.0 httpd dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm /usr/bin/crb enable dnf update dnf install mariadb-server nmap zip curl wget sshpass samba-client logrotate ipmitool net-snmp libnsl php-intl php-mysqlnd php-ldap php-process php-snmp libsodium php-pear php-devel libsodium-devel make perl-Crypt-CBC perl-Time-ParseDate screen pecl channel-update pecl.php.net pecl install libsodium echo 'extension=sodium.so' > /etc/php.d/20-sodium.ini systemctl restart php-fpm systemctl restart httpd systemctl restart mariadb wget https://dl-openaudit.opmantek.com/OAE-Linux-x86_64-release_5.1.0.run chmod +x OAE-Linux-x86_64-release_5.1.0.run
Once the installer is running, answer as below.
Have you successfully run yum update (y/n)? y Enable the EPEL and Remi (PHP) repositories (y/n)? n Open-AudIT requires the following packages which are not installed: php php-sodium The installer can use DNF to download and install these packages. Do you want to install these packages with DNF now (y/n)? n Should I set the default Open-AudIT root password to 'openauditrootuserpassword' (y/n)? y
On your existing production machine.
mysql -u root -popenauditrootuserpassword openaudit -e "DELETE FROM oa_user_sessions; DELETE FROM logs;" mysqldump -u root -popenauditrootuserpassword --extended-insert=FALSE --routines openaudit > /tmp/openaudit.sql scp YOUR_USERNAME@ORIGINAL_OPEN_AUDIT_SERVER:/tmp/openaudit.sql /usr/local/open-audit/ scp YOUR_USERNAME@ORIGINAL_OPEN_AUDIT_SERVER:/var/www/html/open-audit/custom_images/* /usr/local/open-audit/public/custom_images/ scp YOUR_USERNAME@ORIGINAL_OPEN_AUDIT_SERVER:/usr/local/open-audit/code_igniter/application/attachments/* /usr/local/open-audit/app/Attachments/ cat /usr/local/omk/conf/opLicense.json
On the new server.
cd /usr/local/open-audit mysql -u root -popenauditrootuserpassword -e "DROP DATABASE openaudit; CREATE DATABASE openaudit;" mysql -u root -popenauditrootuserpassword openaudit < openaudit.sql
Logon to the Open-AudIT GUI and upgrade the database.
Then add your license. Go to menu -> Licenses -> Manage Licenses. Copy the encrypted string for Open-AudIT from opLicense.json you cat'ed earlier (on the production machine).
And you're done.
Really, it is much easier to use Redhat 9 or allow Remi's repo, but in cases where that isn't possible you have the above.
And of course if you are a supported customer, we will walk you through it with a screen-share session if required.
Onwards and Upwards!