Red HatThis forum is for the discussion of Red Hat Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I'm playing with the RHEL7 RC (I know the RHEL7 GA is there, but CentOS 7 is not) and I'm coming across some problems with firewalld.
I wanted to install the HAProxy package and set up the firewall configuration.
But there is no HAProxy/firewalld configuration, I had to create it myself!
In addition, I discovered that all the firewalld service configurations are in the firewalld package (they are stored in /usr/lib/firewalld/services) and not in each package: the HAProxy package should contain its own firewalld configuration but this is not the case!
Finally, there seems to be no SELinux contexts associated with these firewalld service configurations.
I have no idea how this behaves in case of SELinux relabel!
This is pretty strange!
Has anybody got some clue about this?
I'm playing with the RHEL7 RC (I know the RHEL7 GA is there, but CentOS 7 is not) and I'm coming across some problems with firewalld.
I wanted to install the HAProxy package and set up the firewall configuration. But there is no HAProxy/firewalld configuration, I had to create it myself!
Right...including a base configuration would tell everyone who had RHEL7 what is done for everyone else, and expose vulnerabilities. By making you create a configuration, the system winds up being more secure.
Quote:
In addition, I discovered that all the firewalld service configurations are in the firewalld package (they are stored in /usr/lib/firewalld/services) and not in each package: the HAProxy package should contain its own firewalld configuration but this is not the case! Finally, there seems to be no SELinux contexts associated with these firewalld service configurations. I have no idea how this behaves in case of SELinux relabel! This is pretty strange!
Has anybody got some clue about this?
Since you're using RHEL, you're also paying for support; have you contacted them with your questions, or read the release notes on RHEL7? As JohnVV said, it's only a release candidate, but given what they did (and why), it's a good thing. Should make things better, I think, except for people who just want to get a 'certification', since they sample test/questions won't match for a good while.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
