SELinux and Squid - Non-default squid http_port (!=3128)
Thomas Springer
th.springer at gmx.net
Sun Aug 28 01:36:20 UTC 2005
=== Date : Sun, 28 Aug 2005 03:06:53 +0200
=== From : Øyvind Stegard
> Hi,
>
> I have a server box on which I haven't disabled selinux (for
> experimentation purposes =). I'd like to change the default port on
> which squid listens for HTTP requests. Changing it in the
> squid-config is trivial, but selinux then prevents squid from binding
> to the non-default port, I guess because it doesn't match what is set
> up in the selinux policy. Is there an easy way around this (except
> for not disabling selinux, I'm keeping it enabled to force myself to
> learn about it:). Do I have to recompile the selinux-policy (is this
> an easy thing to do?), just for this change ? Or can I just disable
> SELinux for squid only ?
>
> Øyvind.
Try this:
# /usr/bin/system-config-securitylevel
Find panel SELinux and change 'squid_allow_any' in category /Others.
But maybe i misinterpreted this key. You have to find out. Others will
probably have more knowledge on this topic and help you.
Get documentaton here:
http://www.redhat.com/docs/manuals/enterprise/
Thomas
More information about the fedora-list
mailing list