CentOS 7 Cannot delete ports defined for MongoDB

EK0 asked:

I installed and later removed the MongoDB server on a CentOS 7 box.

While cleaning up, I noticed that the ports assigned to MongoDB were still open. if I remember correctly, I was able to delete the main port (28017), but there are still two ranges defined:

$ sudo semanage port --list | grep mongo
mongod_port_t                  tcp      27017-27019, 28017-28019

When I try to remove the ranges, I get an error:

$ sudo semanage port -d -p tcp -t mongod_port_t 27017-27019
ValueError: Port tcp/27017-27019 is defined in policy, cannot be deleted
$ sudo semanage port -d -p tcp -t mongod_port_t 28017-28019
ValueError: Port tcp/28017-28019 is defined in policy, cannot be deleted

I have looked for any modules referring to MongoDB, but there does not seem to be anything there:

$ sudo semodule --list # => nothing mongo-related

Is there any way to find out in which policy the ports are defined? Or is there some other way to remove these ranges?

Thank you.

My answer:

The SELinux policy included with RHEL includes definitions for ports (not to mention policies and booleans) from hundreds of services, not all of which are installed of course. There is no need to remove them.

View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.