All Linux HowTo's

Permitting Apache to use non-standard ports with SELinux

SELinux permits specified program to use specified ports. We must tell SELinux to permit programs to use non-standard ports if we intend to do something abnormal. For example, if we wanted to run Apache on port 81, we’d have to tell SELinux to permit that. Otherwise we’d get errors. When we manipulate SELinux rules, the process can take some time so don’t stress.

Permit Apache to listen on port 81:

semanage port -a -t http_port_t -p tcp 81

You can confirm the above using the following command:

semanage port -l | grep http_port_t 

Here is some sample output:

http_port_t                    tcp      81, 80, 443, 488, 8008, 8009, 8443

So you can see from the above output that Apache is able to listen on several ports. That doesn’t mean Apache ‘will’ listen on those ports but simply that SELinux will permit it.

Similar Posts:

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.