MySQL [ERROR] Can't start server: Bind on TCP/IP port: Permission denied



Below is the error when I am trying to change the port of a MySQL server from 3306 to 3308.


MySQL [ERROR] Can't start server: Bind on TCP/IP port: Permission denied
[ERROR] Do you already have another mysqld server running on port: 3308?

I have not seen any MySQL instance already running with port 3308 .

After doing some troubleshooting i found that SELinux enabled on my server which is blocking this non-standard MySQL port 3308.



root@slave.1 $ cat /etc/sysconfig/selinux

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUXTYPE= can take one of three values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected.
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted


SELinux stands for Security-enhanced Linux. It is designed to protect the server against misconfigurations and/or compromised daemons. It put limits and instructs server daemons or programs what files they can access and what actions they can take by defining a security policy.
                        




  • We can disable SELinux temporary with the below command. (this does not require a server restart)


         sudo setenforce 0



  • For completely disable of SELinux set SELINUX=disabled in /etc/sysconfig/selinux config file.



  • So here without disabling the SELinux, I enabled 3308 port to make use of SELinux of features.

         semanage port -a -t mysqld_port_t -p tcp 3308


      After making the above security changes I'm able to start MySQL on non-standard port 3308


Comments

Popular posts from this blog

MySQL 5.7 GTID Replication steps