Professional Documents
Culture Documents
# notice the '-permament' option (in order to save rule to survive during reboots)
firewall-cmd –permanent –add-service=http
firewall-cmd –reload
Besides firewall configuration for network-interacting services for all services being installed in
the system remember to enable it (to autostart after reboot) and also starting it up right after
the installation (services usually does not autostart as a part of installation process):
SELinux at the end of the exam should be enabled and set to enforcing mode. Therefore
always pay attention to this aspect of system configuration. The usual problem for
using SELinux is to find out what rule should be used. In order to simplify that a concept
of boolean settings is a part of SELinux. Below commands are listing all of them, grepping in
search for nfs (that we are interested in), then grepping again only for httpd service. At the end
we just enable proper boolean setting (notice -P flag to make it persistent).
Additional comment:
Apache knowledge is not in the requirements for the exam. However it is very popular server and
also serves additional purposes here - it gives an opportunity to use yum,
configure firewall with systemd service and finally configure SELinux.