[CentOS] Moving sshd listen port SOLVED

[Robert Moskowitz]

On 07/09/2014 02:58 PM, Reindl Harald wrote:
> Am 09.07.2014 20:45, schrieb Robert Moskowitz:
>> On 07/09/2014 02:36 PM, m.roth at 5-cent.us wrote:
>>> Mike McCarthy, W1NR wrote:
>>>> My COS6 server never required me to do that even though SELinux is
>>>> enabled there (I didn't even know it was until today). Before I even
>>>> posted the first help I tried the semanage command and found that it was
>>>> not installed so I assumed wrongly that SELinux was not enabled.
>>> <snip>
>>> Just remember, getenforce is the true answer.
>>>
>>>       mark, who really doesn't like selinux....*
>>>
>>> * One of my annual goals: fix selinux permissions to SHUT IT UP, even when
>>> most servers are in permissive mode.....
>> Doesn't permissive mode mean don't enforce but tell me what you would
>> not have liked?
> nothing else did he say  "if you don't want to told all the long the
> same in permissive mode just fix it"
>
>> Perhaps another mode is needed?  Quite mode?  And then maybe to
>> temporarily change it to permissive when you make a change?
> that mode is called "disabled" and exists

Dah.  Your right.  The only difference between disabled and permissive 
is all the noise you get.  But actually permissive can be a way to get 
info you need to create policies so you CAN run in enforcing.  I have 
some simple instructions here somewhere that I have used to create a few 
policies....

>
> there are 3 modes:
>
> * enforced (block and cry)
> * permissive (allow and cry)
> * disable (allow and shut up)
>
> what else do you need?
>