Book Image

Red Hat Enterprise Linux Server Cookbook

By : Jakub Gaj, Leemans
5 (1)
Book Image

Red Hat Enterprise Linux Server Cookbook

5 (1)
By: Jakub Gaj, Leemans

Overview of this book

Dominating the server market, the Red Hat Enterprise Linux operating system gives you the support you need to modernize your infrastructure and boost your organization’s efficiency. Combining both stability and flexibility, RHEL helps you meet the challenges of today and adapt to the demands of tomorrow. This practical Cookbook guide will help you get to grips with RHEL 7 Server and automating its installation. Designed to provide targeted assistance through hands-on recipe guidance, it will introduce you to everything you need to know about KVM guests and deploying multiple standardized RHEL systems effortlessly. Get practical reference advice that will make complex networks setups look like child’s play, and dive into in-depth coverage of configuring a RHEL system. Also including full recipe coverage of how to set up, configuring, and troubleshoot SELinux, you’ll also discover how secure your operating system, as well as how to monitor it.
Table of Contents (12 chapters)
11
Index

Configuring SELinux port definitions


SELinux also controls access to your TCP/IP ports. If your application is confined by SELinux, it will also deny access to your ports when starting up the application.

This recipe will show you how to detect which ports are used by a particular SELinux type and change it.

How to do it…

Let's allow the HTTP daemon to listen on the nonstandard port 82 through the following steps:

  1. First, look for the ports that are accessed by HTTP via these commands:

    ~# semanage port -l |grep http
    http_cache_port_t              tcp      8080, 8118, 8123, 10001-10010
    http_cache_port_t              udp      3130
    http_port_t                    tcp      80, 81, 443, 488, 8008, 8009, 8443, 9000
    pegasus_http_port_t            tcp      5988
    pegasus_https_port_t           tcp      5989
    ~#
    

    The SELinux port assignment we're looking for is http_port_t. As you can see, only the displayed ports (80, 81, 443, 488, 8008, 8009, 8443, and 9000) are allowed to be used to listen on by any process...