[openstack-dev] [devstack][keystone] (98)Address already in use: make_sock: could not bind to address [::]:5000 & 0.0.0.0:5000

Rich Megginson rmeggins at redhat.com
Thu Jul 17 14:23:46 UTC 2014


On 07/16/2014 10:40 PM, Joe Jiang wrote:
> Hi all,
> Thanks for your responds.
>
> I try to running # sudo semanage port -l|grep 5000 in my envrionment 
> and get same infomation.
> >> ...
> >> commplex_main_port_t tcp 5000
> >> commplex_main_port_t udp 5000
> then, I wanna remove this port(5000) from SELinux policy rules list 
> use this command(semanage port -d -p tcp -t commplex_port_t 5000),
> the console echo is "/usr/sbin/semanage: Port tcp/5000 is defined in 
> policy, cannot be deleted", and 'udp/5000' is same reply.
> Some sounds[1] say, this port is declared in the corenetwork source 
> policy which is compiled in the base module.
> So, Have to recompile selinux module?

I think that's the only way to do it if you want to relabel port 5000.


>
>
> Thanks.
> Joe.
>
> [1]
> http://www.redhat.com/archives/fedora-selinux-list/2009-September/msg00056.html
>
>
>
>
>
> >> Another problem with port 5000 in Fedora, and probably more recent
> >> versions of RHEL, is the selinux policy:
> >>
> >> # sudo semanage port -l|grep 5000
> >> ...
> >> commplex_main_port_t tcp 5000
> >> commplex_main_port_t udp 5000
> >>
> >> There is some service called "commplex" that has already "claimed" port
> >> 5000 for its use, at least as far as selinux goes.
>
>
>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20140717/8213879a/attachment.html>


More information about the OpenStack-dev mailing list