|
|
9a887f8 |
Using bitcoind on Fedora, CentOS and Red Hat Enterprise Linux
|
|
|
9a887f8 |
=============================================================
|
|
|
9a887f8 |
|
|
|
9a887f8 |
SELinux
|
|
|
9a887f8 |
-------
|
|
|
9a887f8 |
|
|
|
9a887f8 |
This build of bitcoind includes an SELinux policy which restricts access to the
|
|
|
9a887f8 |
system Bitcoin wallet and database files. The effect of this policy is twofold:
|
|
|
9a887f8 |
|
|
|
9a887f8 |
1. Confined system services and users cannot read the Bitcoin wallet or
|
|
|
9a887f8 |
database files.
|
|
|
9a887f8 |
2. The Bitcoin daemon itself cannot read any other file on the system.
|
|
|
9a887f8 |
|
|
|
9a887f8 |
Note well that unconfined users and services are subject only to discretionary
|
|
|
9a887f8 |
access controls, i.e. standard Unix permissions. Confining your users, and
|
|
|
9a887f8 |
running no unconfined services, is strongly recommended. See the Red Hat
|
|
|
9a887f8 |
Enterprise Linux SELinux Guide for further details on SELinux.
|
|
|
9a887f8 |
|
|
|
9a887f8 |
To repair incorrect SELinux contexts, run the command:
|
|
|
9a887f8 |
|
|
|
9a887f8 |
restorecon -r -v /etc/bitcoin /var/lib/bitcoin
|
|
|
9a887f8 |
|
|
|
9a887f8 |
Default Paths
|
|
|
9a887f8 |
-------------
|
|
|
9a887f8 |
|
|
|
9a887f8 |
This bulid of bitcoind is installed to FHS-compliant paths and reads its
|
|
|
9a887f8 |
configuration files, wallet and database from standard paths. These differ from
|
|
|
9a887f8 |
the upstream defaults:
|
|
|
9a887f8 |
|
|
|
9a887f8 |
* The configuration file is located at /etc/bitcoin/bitcoin.conf
|
|
|
9a887f8 |
* All other data, including the wallet, is stored in /var/lib/bitcoin
|
|
|
9a887f8 |
|
|
|
9a887f8 |
Configuration
|
|
|
9a887f8 |
-------------
|
|
|
9a887f8 |
|
|
|
9a887f8 |
There is no configuration file installed by default, and bitcoind runs fine
|
|
|
9a887f8 |
without one. However, in order to use the bitcoin-cli to communicate with
|
|
|
9a887f8 |
bitcoind, you must create a bitcoin.conf file and set an rpcpassword in it.
|
|
|
9a887f8 |
The bitcoin.conf file must be readable only by users who are authorized to
|
|
|
9a887f8 |
use the bitcoin-cli command; you must do this yourself by adding users to the
|
|
|
9a887f8 |
bitcoin group or creating other appropriate groups.
|
|
|
9a887f8 |
|
|
|
9a887f8 |
A sample configuration file is available in /usr/share/doc/bitcoin-server-*.
|
|
|
9a887f8 |
|
|
|
9a887f8 |
The bitcoin.conf file should be readable only by users authorized to
|
|
|
9a887f8 |
communicate with bitcoind; if you have added authorized users to the bitcoin
|
|
|
9a887f8 |
group, then these commands should be sufficient:
|
|
|
9a887f8 |
|
|
|
9a887f8 |
chown -R bitcoin.bitcoin /etc/bitcoin
|
|
|
9a887f8 |
chmod -R u+rw,g+r,o= /etc/bitcoin
|
|
|
9a887f8 |
|
|
|
9a887f8 |
Berkeley DB
|
|
|
9a887f8 |
-----------
|
|
|
9a887f8 |
|
|
|
9a887f8 |
On all platforms, including RHEL/CentOS/Fedora and the upstream build, bitcoin
|
|
|
9a887f8 |
uses Berkeley DB 4.8.
|
|
|
9a887f8 |
Oracle makes clear that binary compatibility is not guaranteed even between minor
|
|
|
9a887f8 |
releases of Berkeley DB. This has implications if you move your wallet to and
|
|
|
9a887f8 |
from a system with a different Berkeley DB version.
|
|
|
9a887f8 |
|
|
|
9a887f8 |
It is strongly recommended that if you change Berkeley DB versions you first
|
|
|
9a887f8 |
dump your wallet from the old system into a text file, and then import the
|
|
|
9a887f8 |
wallet into the new system.
|
|
|
9a887f8 |
|
|
|
9a887f8 |
To dump or import a wallet from a Bitcoin daemon, you will need to use the
|
|
|
9a887f8 |
bitcoin-cli utility.
|
|
|
9a887f8 |
|
|
|
9a887f8 |
To dump your wallet on the old system, enter the command:
|
|
|
9a887f8 |
|
|
|
9a887f8 |
bitcoin-cli dumpwallet path/to/filename.txt
|
|
|
9a887f8 |
|
|
|
9a887f8 |
Copy filename.txt from the old system to the new system, being aware that it
|
|
|
9a887f8 |
is not encrypted and taking appropriate precautions.
|
|
|
9a887f8 |
|
|
|
9a887f8 |
To import your wallet on the new system, enter the command:
|
|
|
9a887f8 |
|
|
|
9a887f8 |
bitcoin-cli importwallet path/to/filename.txt
|
|
|
9a887f8 |
|
|
|
9a887f8 |
Bitcoin will automatically begin rescanning the block chain after the import is
|
|
|
9a887f8 |
complete. The rescan will take several minutes, depending on the speed of the
|
|
|
9a887f8 |
system's CPU and hard drives.
|