It’s been years since anyone shared how to install/configure Lucee when SELinux is enabled, and the process has changed a bit since then, so I figured I would share what I learned when I QA tested my Lucee ‘Upgrade in Progress’ Toolkit for Apache.
Problem: Lucee installer configures old SysVinit boot launcher which is prevented by SELinux due to lucee_ctl containing su.
Solution: Switch to systemd service.
sudo systemctl disable lucee_ctl
sudo rm /etc/init.d/lucee_ctl
sudo nano /etc/systemd/system/lucee.service
Contents of /etc/systemd/system/lucee.service (scroll to see all):
[Unit]
Description=Lucee CFML Engine
After=network.target
Wants=network.target
[Service]
Type=forking
User=lucee
Group=lucee
WorkingDirectory=/opt/lucee/tomcat
Environment=JAVA_HOME=/opt/lucee/jre
Environment=CATALINA_HOME=/opt/lucee/tomcat
Environment=CATALINA_BASE=/opt/lucee/tomcat
Environment=CATALINA_TMPDIR=/opt/lucee/tomcat/temp
Environment=CATALINA_PID=/opt/lucee/tomcat/work/tomcat.pid
ExecStart=/opt/lucee/tomcat/bin/startup.sh
ExecStop=/opt/lucee/tomcat/bin/shutdown.sh -force
# Why 143? https://slugcat.systems/post/24-10-04-10-successfully-failed-systemd/
SuccessExitStatus=143
Restart=on-failure
TimeoutSec=60
[Install]
WantedBy=multi-user.target
sudo systemctl daemon-reload
sudo systemctl enable --now lucee
# reboot
sudo systemctl status lucee
sudo /opt/lucee/lucee_ctl status