Differences

This shows you the differences between two versions of the page.

--- linux_wiki:network_services_overview_database_services [2016/09/28 22:39]
billdozor created
+++ linux_wiki:network_services_overview_database_services [2018/05/12 16:34]
billdozor [Use SELinux port labeling to allow services to use non-standard ports]
@@ Line 1: / Line 1: @@
-====== Network Services Overview Database Services ======
+====== Network Services Overview: Database Services ======
 **General Information**
-This page covers the Network Services objectives, specifically for <service-name>.
+This page covers the Network Services objectives, specifically for MariaDB.
 **Network Services Objectives**
@@ Line 12: / Line 12: @@
   * Configure the service for basic operation
   * Configure host-based and user-based security for the service
+----
+====== Lab Setup ======
+The following virtual machines will be used:
+  * server1.example.com (192.168.1.150) -> Perform any client testing here
+  * server2.example.com (192.168.1.151) -> Install the database here
 ----
@@ Line 19: / Line 27: @@
 Install the service
 <code bash>
-yum install <service-name>
+yum install mariadb mariadb-server
+</code>
+  * mariadb -> the client
+  * mariadb-server -> the server
+\\
+Documentation (what can go in the /etc/my.cnf config)
+<code bash>
+/usr/libexec/mysqld --verbose --help | less
+# then search for 'Variables'
+/Variables    <enter>
 </code>
@@ Line 32: / Line 51: @@
 ====== Use SELinux port labeling to allow services to use non-standard ports ======
-Configuring the <service-name> with a non standard port and allowing port access with selinux.
+Configuring the mariadb service with a non standard port and allowing port access with selinux.
-**NOTE**: "man semanage-port" has examples for allowing non-standard ports!
+  * Examples: "man semanage-port" has examples for allowing non-standard ports
+  * Tip: To see current port labels<code bash>semanage port -l | grep mysql</code>
+\\
+Edit the main config file
+<code bash>
+vim /etc/my.cnf
+port = 5502
+</code>
+  * port number selected randomly
+\\
+Open the firewall to the new port
+<code bash>
+firewall-cmd --permanent --add-port=5502/tcp
+firewall-cmd --reload
+</code>
+\\
+SELinux: Allow mariadb to use the new port
+<code bash>
+semanage port -a -t mysqld_port_t -p tcp 5502
+</code>
+\\
+Restart the service
+<code bash>
+systemctl restart mariadb
+</code>
+\\
+Remote clients would need to connect like this example (specifying a port)<code bash>mysql -h 192.168.1.151 --port=5502 -u root -p</code>
+  * -h 192.168.1.151  -> Remote hostname to connect to (can be an IP)
+  * --port=5502  -> Use this remote port
+  * -u root  -> Database username
+  * -p  -> Prompt for password
 ----
@@ Line 42: / Line 97: @@
 Check Current Service Status
 <code bash>
-systemctl status <service-name>
+systemctl status mariadb
 </code>
   * Also displays if the service is enabled or disabled
@@ Line 49: / Line 104: @@
 Enabling a service to start on boot
 <code bash>
-systemctl enable <service-name>
+systemctl enable mariadb
 </code>
@@ Line 58: / Line 113: @@
 Enable and Start the service
 <code bash>
-systemctl enable <service-name>
+systemctl enable mariadb
-systemctl start <service-name>
+systemctl start mariadb
 </code>
@@ Line 70: / Line 125: @@
 Allow access through the firewall
 <code bash>
-firewall-cmd --permanent --add-service=<service-name>
+firewall-cmd --permanent --add-service=mysql
 firewall-cmd --reload
 </code>