cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
benlimanto
Flight Engineer
Flight Engineer
‎10-21-2022 04:20 AM
  • 1,204 Views

VSFTPD listen port to 2121 doesn't raise SELINUX Alert

Hello, as the title stated, I'm trying to figure out why VSFTPD listen_port to 2121 even not allowed on SELINUX port context, still allowed to run and allowed to be connected by other people.

 

The system is enforced, using RHEL 9 (on RHA VM Labs, on rha.ole.redhat.com), with ftp_port_t only allow port 21 for FTP.

 

Could anyone enlight me, why this is allowed, as we know SELINUX is there to prevent that, but on this case it isn't. I've tested it to other services like HTTPD/Apache, SSHD, it will raise error when it use un normal port. Thank you

Labels (4)
Labels
Join the discussion
2 Replies
EmanuelHaine
Flight Engineer
Flight Engineer
‎10-30-2022 02:39 PM
  • 1,146 Views

@benlimanto 

Is there any message on /var/log/audit/audit.log regarding this?

Please, also check if is there any output after running this command: "semanage permissive -l"

0 Kudos
benlimanto
Flight Engineer
Flight Engineer
‎10-30-2022 04:21 PM
  • 1,140 Views

There are none, last time I checked, it's on Virtual-Lab, I will try
again on Monday when I'm at Lab.

--
Regards,

Benyamin Limanto
sent from Fedora Linux Thunderbird on Thinkpad X220
0 Kudos
Join the discussion
You must log in to join this conversation.
Red Hat Learning Community

Red Hat

Learning Community

A collaborative learning environment, enabling open source skill development.

Red Hat Inc. Copyright ?2024 Red Hat, Inc. Privacy policy Terms of use