The commands are for CentOS, but should work on Fedora and RedHat.
If semanage is not installed refer to
You would typically use this along with the systems firewall to allow a port through. Guide for
firewalld and iptables. If you change it in the firewall and fail to add/edit it in semanage you can potentially get weird behavior like sshd not wanting to start after changing the port.
Add port semanage port -a -t ssh_port_t tcp 2222
The above command allows the sshd service to start, using port 2222.
List allowed ports semanage port -l
You can use grep to filter the results
[admin@localhost ~]# semanage port -l | grep ssh
ssh_port_t tcp 2222, 22
Delete port semanage port -d -p tcp 2222
semanage port -a -t snmp_port_t tcp 2222
Posted in CentOS, Command Line, Fedora, Linux |
Tagged firewall, firewalld, iptables, port, selinux, semanage, snmp, ssh |
semanage is part of the policycoreutils-python package, as is seen when you run “yum provides semanage”. So you need to install the package to get the semanage functionality.
yum install policycoreutils-python
You should be good to go.
If your having issues in the LibreNMS web interface changing a devices IP address or you can’t add a new one because it says it can’t ping the device, it is probably because SELinux is causing issues.
As far as changing a devices ip address, it looks like SELinux is not allowing Apache write access to the /opt/librenms/rrd directory
Temporary fix is to run
You can permenatly disable SElinux by opening up “/etc/selinux/config” and changing “SELINUX=enforcing” to “SELINUX=disabled” and rebooting.
You can manually edit the SELinux config file in /etc/selinux/config and change the variable SELINUX=enforcing to disabled
or you can use this little command
sed -i.bak -e 's/^SELINUX=.*/SELINUX=disabled/g' /etc/selinux/config
You can enable SELinux manually the same as above but set SELINUX=disabled to SELINUX=enforcing
sed -i.bak -e 's/^SELINUX=.*/SELINUX=enforcing/g' /etc/selinux/config