Book Image

Red Hat Enterprise Linux Server Cookbook

By : Jakub Gaj, William Leemans
Book Image

Red Hat Enterprise Linux Server Cookbook

By: Jakub Gaj, William Leemans

Overview of this book

Dominating the server market, the Red Hat Enterprise Linux operating system gives you the support you need to modernize your infrastructure and boost your organization’s efficiency. Combining both stability and flexibility, RHEL helps you meet the challenges of today and adapt to the demands of tomorrow. This practical Cookbook guide will help you get to grips with RHEL 7 Server and automating its installation. Designed to provide targeted assistance through hands-on recipe guidance, it will introduce you to everything you need to know about KVM guests and deploying multiple standardized RHEL systems effortlessly. Get practical reference advice that will make complex networks setups look like child’s play, and dive into in-depth coverage of configuring a RHEL system. Also including full recipe coverage of how to set up, configuring, and troubleshoot SELinux, you’ll also discover how secure your operating system, as well as how to monitor it.

Related Content you might be interested in

Current Title:

Small book image
Red Hat Enterprise Linux Server Cookbook
Jakub Gaj | William Leemans
Dec, 2015 | 250 pages
No titles found
Table of Contents (17 chapters)
Red Hat Enterprise Linux Server Cookbook
Red Hat Enterprise Linux Server Cookbook
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Working with KVM Guests
Working with KVM Guests
Introduction
Installing and configuring a KVM
Configuring resources
Building guests
Adding CPUs on the fly
Adding RAM on the fly
Adding disks on the fly
Moving disks to another storage
Moving VMs
Backing up your VM metadata
2
Deploying RHEL "En Masse"
Deploying RHEL "En Masse"
Introduction
Creating a kickstart file
Publishing your kickstart file using httpd
Deploying a system using PXE
Deploying a system using a custom boot ISO file
3
Configuring Your Network
Configuring Your Network
Introduction
Creating a VLAN interface
Creating a teamed interface
Creating a bridge
Configuring IPv4 settings
Configuring your DNS resolvers
Configuring static network routes
4
Configuring Your New System
Configuring Your New System
Introduction
The systemd service and setting runlevels
Starting and stopping systemd services
Configuring the systemd journal for persistence
Monitoring services using journalctl
Configuring logrotate
Managing time
Configuring your boot environment
Configuring smtp
5
Using SELinux
Using SELinux
Introduction
Changing file contexts
Configuring SELinux booleans
Configuring SELinux port definitions
Troubleshooting SELinux
Creating SELinux policies
Applying SELinux policies
6
Orchestrating with Ansible
Orchestrating with Ansible
Introduction
Install Ansible
Configuring the Ansible inventory
Creating a template for a kickstart file
Creating a playbook to deploy a new VM with kickstart
Creating a playbook to perform system configuration tasks
Troubleshooting Ansible
7
Puppet Configuration Management
Puppet Configuration Management
Introduction
Installing and configuring Puppet Master
Installing and configuring the Puppet agent
Defining a simple module to configure time
Defining nodes and node grouping
Deploying modules to single nodes and node groups
8
Yum and Repositories
Yum and Repositories
Introduction
Managing yum history
Creating a copy of an RHN repository
Configuring additional repositories
Setting up yum to automatically update
Configuring logrotate for yum
Recovering from a corrupted RPM database
9
Securing RHEL 7
Securing RHEL 7
Introduction
Installing and configuring IPA
Securing the system login
Configuring privilege escalation with sudo
Secure the network with firewalld
Using kdump and SysRq
Using ABRT
Auditing the system
10
Monitoring and Performance Tuning
Monitoring and Performance Tuning
Introduction
Tuning your system's performance
Setting up PCP – Performance Co-Pilot
Monitoring basic system performance
Monitoring CPU performance
Monitoring RAM performance
Monitoring storage performance
Monitoring network performance
Index
Index

Configuring SELinux port definitions

SELinux also controls access to your TCP/IP ports. If your application is confined by SELinux, it will also deny access to your ports when starting up the application.

This recipe will show you how to detect which ports are used by a particular SELinux type and change it.

How to do it…

Let's allow the HTTP daemon to listen on the nonstandard port 82 through the following steps:

  1. First, look for the ports that are accessed by HTTP via these commands:

    ~# semanage port -l |grep http
http_cache_port_t              tcp      8080, 8118, 8123, 10001-10010
http_cache_port_t              udp      3130
http_port_t                    tcp      80, 81, 443, 488, 8008, 8009, 8443, 9000
pegasus_http_port_t            tcp      5988
pegasus_https_port_t           tcp      5989
~#

    The SELinux port assignment we're looking for is http_port_t. As you can see, only the displayed ports (80, 81, 443, 488, 8008, 8009, 8443, and 9000) are allowed to be used to listen on by any process...

Previous Section
End of Section 5
Next Section