linux_wiki:network_services_overview_database_services

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

linux_wiki:network_services_overview_database_services [2016/10/01 15:42]
billdozor [Configure the service for basic operation] 		linux_wiki:network_services_overview_database_services [2019/05/25 23:50]
Line 1: Line 1:
-====== Network Services Overview Database Services ====== 
- 
-**General Information** 
- 
-This page covers the Network Services objectives, specifically for <service-name> 
- 
-**Network Services Objectives** 
-  * Install the packages needed to provide the service 
-  * Configure SELinux to support the service 
-  * Use SELinux port labeling to allow services to use non-standard ports 
-  * Configure the service to start when the system is booted 
-  * Configure the service for basic operation 
-  * Configure host-based and user-based security for the service 
- 
----- 
- 
-====== Install the packages needed to provide the service ====== 
- 
-Install the service 
-<code bash> 
-yum install mariadb mariadb-server 
-</code> 
-  * mariadb -> the client 
-  * mariadb-server -> the server 
- 
----- 
- 
-====== Configure SELinux to support the service ====== 
- 
-  * Service agnostic -> [[linux_wiki:set_enforcing_and_permissive_modes_for_selinux|Ensure SELinux is running and enabled (RHCSA objective)]]. 
- 
----- 
- 
-====== Use SELinux port labeling to allow services to use non-standard ports ====== 
- 
-Configuring the mariadb service with a non standard port and allowing port access with selinux. 
- 
-  * Examples: "man semanage-port" has examples for allowing non-standard ports 
-  * Tip: To see current port labels<code bash>semanage port -l | grep mariadb</code> 
- 
-\\ 
-Edit the main config file 
-<code bash> 
-vim /etc/my.cnf 
- 
-port = 5502 
-</code> 
-  * port number selected randomly 
- 
-\\ 
-Open the firewall to the new port 
-<code bash> 
-firewall-cmd --permanent --add-port=5502/tcp 
-firewall-cmd --reload 
-</code> 
- 
-\\ 
-SELinux: Allow mariadb to use the new port 
-<code bash> 
-semanage port -a -t mysqld_port_t 5502 -p tcp 
-</code> 
- 
-\\ 
-Restart the service 
-<code bash> 
-systemctl restart mariadb 
-</code> 
- 
----- 
- 
-====== Configure the service to start when the system is booted ====== 
- 
-Check Current Service Status 
-<code bash> 
-systemctl status mariadb 
-</code> 
-  * Also displays if the service is enabled or disabled 
- 
-\\ 
-Enabling a service to start on boot 
-<code bash> 
-systemctl enable mariadb 
-</code> 
- 
----- 
- 
-====== Configure the service for basic operation ====== 
- 
-Enable and Start the service 
-<code bash> 
-systemctl enable mariadb 
-systemctl start mariadb 
-</code> 
- 
----- 
- 
-====== Configure host-based and user-based security for the service ====== 
- 
-===== Firewall ===== 
- 
-Allow access through the firewall 
-<code bash> 
-firewall-cmd --permanent --add-service=<service-name> 
-firewall-cmd --reload 
-</code> 
- 
-===== Host Based ===== 
- 
- 
-===== User Based ===== 
- 
----- 
  
  • linux_wiki/network_services_overview_database_services.txt
  • Last modified: 2019/05/25 23:50
  • (external edit)