0

I installed and later removed the MongoDB server on a CentOS 7 box.

While cleaning up, I noticed that the ports assigned to MongoDB were still open. if I remember correctly, I was able to delete the main port (28017), but there are still two ranges defined:

$ sudo semanage port --list | grep mongo
mongod_port_t                  tcp      27017-27019, 28017-28019

When I try to remove the ranges, I get an error:

$ sudo semanage port -d -p tcp -t mongod_port_t 27017-27019
ValueError: Port tcp/27017-27019 is defined in policy, cannot be deleted
$ sudo semanage port -d -p tcp -t mongod_port_t 28017-28019
ValueError: Port tcp/28017-28019 is defined in policy, cannot be deleted

I have looked for any modules referring to MongoDB, but there does not seem to be anything there:

$ sudo semodule --list # => nothing mongo-related

Is there any way to find out in which policy the ports are defined? Or is there some other way to remove these ranges?

Thank you.

EK0
  • 235
  • 2
  • 8
  • There is no need to remove the SELinux port definitions. Why are you trying to do this? – Michael Hampton May 19 '15 at 15:24
  • I thought that the range definitions had been created by the MongoDB install. I now see that they were there before the install. If you add an answer to this effect I can mark it as correct. – EK0 May 28 '15 at 16:11

1 Answers1

0

The SELinux policy included with RHEL includes definitions for ports (not to mention policies and booleans) from hundreds of services, not all of which are installed of course. There is no need to remove them.

Michael Hampton
  • 244,070
  • 43
  • 506
  • 972