Bug 234126
Summary: | selinux does not allow squid to bind reserved/privileged network ports | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 5 | Reporter: | Thorsten Schlichting <schlichting> |
Component: | selinux-policy | Assignee: | Daniel Walsh <dwalsh> |
Status: | CLOSED NOTABUG | QA Contact: | |
Severity: | low | Docs Contact: | |
Priority: | medium | ||
Version: | 5.0 | ||
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2007-03-27 13:49:38 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Thorsten Schlichting
2007-03-27 09:03:58 UTC
If you want to change the http port in selinux, you would execute semanage port -a -t http_port_t -p tcp 81 This would then define port 81 to a port that squid can listen too. I suspect the SElinux type in the comment is incorrect, http_cache_port_t seems more accurate for RHEL5. e.g. semanage port -a -t http_cache_port_t -p tcp 80 However, running that command returns the following error /usr/sbin/semanage: Port tcp/80 already defined semanage port -d -p tcp 80 /usr/sbin/semanage: Port tcp/80 is defined in policy, cannot be deleted Well he stated he wanted to use port 81. |