Re: [users@httpd] Stupid question time - VirtualHost
Maybe related to using a name instead of an ip address with Listen directive. IMO using names with Listen directive is a terrible idea, documentation of Listen directive specifies you should use ip address too. Is that name correctly resolving to the specific ip address in the system? El mar., 5 feb. 2019 a las 17:57, Jeff Cauhape () escribió: > > Ok. I changed the port number in httpd.conf to something I know won’t work, > and attempted a restart of apache. > > > > [root@web1e conf]# apachectl start > > Job for httpd.service failed because the control process exited with error > code.See "systemctl status httpd.service" and > "journalctl -xe" for details. > > > > [root@web1e conf]# systemctl status httpd.service > > ● httpd.service - The Apache HTTP Server > >Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor > preset: disabled) > >Active: failed (Result: exit-code) since Tue 2019-02-05 08:51:13 PST; 1min > 46s ago > > Docs: man:httpd(8) > >man:apachectl(8) > > Process: 16769 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited, > status=1/FAILURE) > > Process: 13948 ExecReload=/usr/sbin/httpd $OPTIONS -k graceful > (code=exited, status=0/SUCCESS) > > Process: 16768 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND > (code=exited, status=1/FAILURE) > > Main PID: 16768 (code=exited, status=1/FAILURE) > > > > Feb 05 08:51:13 web1e.detr.nv systemd[1]: Starting The Apache HTTP Server... > > Feb 05 08:51:13 web1e.detr.nv httpd[16768]: (13)Permission denied: AH00072: > make_sock: could not ...082 ß The significant error. > > > >The full message is “(13) Permission > denied: AH00072: make sock: could not bind to address 10.xxx.xxx.xx:1082” > > > > Feb 05 08:51:13 web1e.detr.nv httpd[16768]: no listening sockets available, > shutting down > > Feb 05 08:51:13 web1e.detr.nv httpd[16768]: AH00015: Unable to open logs > > Feb 05 08:51:13 web1e.detr.nv systemd[1]: httpd.service: main process exited, > code=exited, statu...LURE > > Feb 05 08:51:13 web1e.detr.nv kill[16769]: kill: cannot find process "" > > Feb 05 08:51:13 web1e.detr.nv systemd[1]: httpd.service: control process > exited, code=exited status=1 > > Feb 05 08:51:13 web1e.detr.nv systemd[1]: Failed to start The Apache HTTP > Server. > > Feb 05 08:51:13 web1e.detr.nv systemd[1]: Unit httpd.service entered failed > state. > > Feb 05 08:51:13 web1e.detr.nv systemd[1]: httpd.service failed. > > Hint: Some lines were ellipsized, use -l to show in full. > > > > > > Jeffrey Cauhape – IT Professional III – Linux and Solaris Administrator > > Nevada Department of Employment, Training and Rehabilitation > > (775) 684-3804 (office) jpcauh...@detr.nv.gov > > > > From: Frank Gingras [mailto:thu...@apache.org] > Sent: Monday, February 4, 2019 4:35 PM > To: users@httpd.apache.org > Subject: Re: [users@httpd] Stupid question time - VirtualHost > > > > Depending on the error returned by the OS, httpd can't do much in some cases. > It would be useful if you were to share the verbatim error, as a start. > > > > On Mon, 4 Feb 2019 at 13:17, Jeff Cauhape wrote: > > Yes, it was the Secure Linux preventing the use of the port. I wonder if the > error message should be broadened to include > the possibility that security policies are not allowing it's use, rather than > just assuming that the port is not available because > it's already in use. > > I added the port to the security policy with this command: > > # semanage port -a -t http_port_t -p tcp 280 > > I had already added the port to the firewall > > [root@web1e conf]# firewall-cmd --info-zone=public > > public (active) > target: default > ... > services: dhcpv6-client https http ssh > ports: 9100/tcp 9101/tcp ... 280/tcp > ... > > Jeffrey Cauhape – IT Professional III – Linux and Solaris Administrator > Nevada Department of Employment, Training and Rehabilitation > (775) 684-3804 (office) jpcauh...@detr.nv.gov > > -Original Message- > From: Jeff Cauhape [mailto:jpcauh...@detr.nv.gov] > Sent: Monday, February 4, 2019 8:29 AM > To: users@httpd.apache.org > Subject: RE: [users@httpd] Stupid question time - VirtualHost > > Luca, > > Thanks for the suggestion. It looks like we may have stumbled over the Secure > Linux policy settings. I'll know more later this morning. I'll post a follow > up when I figure it out. > > Thanks, > > Jeffrey Cauhape – IT Professional III – Linux and Solaris Administrator > Nevada De
RE: [users@httpd] Stupid question time - VirtualHost
Ok. I changed the port number in httpd.conf to something I know won’t work, and attempted a restart of apache. [root@web1e conf]# apachectl start Job for httpd.service failed because the control process exited with error code.See "systemctl status httpd.service" and "journalctl -xe" for details. [root@web1e conf]# systemctl status httpd.service ● httpd.service - The Apache HTTP Server Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled) Active: failed (Result: exit-code) since Tue 2019-02-05 08:51:13 PST; 1min 46s ago Docs: man:httpd(8) man:apachectl(8) Process: 16769 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited, status=1/FAILURE) Process: 13948 ExecReload=/usr/sbin/httpd $OPTIONS -k graceful (code=exited, status=0/SUCCESS) Process: 16768 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND (code=exited, status=1/FAILURE) Main PID: 16768 (code=exited, status=1/FAILURE) Feb 05 08:51:13 web1e.detr.nv systemd[1]: Starting The Apache HTTP Server... Feb 05 08:51:13 web1e.detr.nv httpd[16768]: (13)Permission denied: AH00072: make_sock: could not ...082 <-- The significant error. The full message is “(13) Permission denied: AH00072: make sock: could not bind to address 10.xxx.xxx.xx:1082” Feb 05 08:51:13 web1e.detr.nv httpd[16768]: no listening sockets available, shutting down Feb 05 08:51:13 web1e.detr.nv httpd[16768]: AH00015: Unable to open logs Feb 05 08:51:13 web1e.detr.nv systemd[1]: httpd.service: main process exited, code=exited, statu...LURE Feb 05 08:51:13 web1e.detr.nv kill[16769]: kill: cannot find process "" Feb 05 08:51:13 web1e.detr.nv systemd[1]: httpd.service: control process exited, code=exited status=1 Feb 05 08:51:13 web1e.detr.nv systemd[1]: Failed to start The Apache HTTP Server. Feb 05 08:51:13 web1e.detr.nv systemd[1]: Unit httpd.service entered failed state. Feb 05 08:51:13 web1e.detr.nv systemd[1]: httpd.service failed. Hint: Some lines were ellipsized, use -l to show in full. Jeffrey Cauhape – IT Professional III – Linux and Solaris Administrator Nevada Department of Employment, Training and Rehabilitation (775) 684-3804 (office) jpcauh...@detr.nv.gov<mailto:jpcauh...@detr.nv.gov> From: Frank Gingras [mailto:thu...@apache.org] Sent: Monday, February 4, 2019 4:35 PM To: users@httpd.apache.org Subject: Re: [users@httpd] Stupid question time - VirtualHost Depending on the error returned by the OS, httpd can't do much in some cases. It would be useful if you were to share the verbatim error, as a start. On Mon, 4 Feb 2019 at 13:17, Jeff Cauhape mailto:jpcauh...@detr.nv.gov>> wrote: Yes, it was the Secure Linux preventing the use of the port. I wonder if the error message should be broadened to include the possibility that security policies are not allowing it's use, rather than just assuming that the port is not available because it's already in use. I added the port to the security policy with this command: # semanage port -a -t http_port_t -p tcp 280 I had already added the port to the firewall [root@web1e conf]# firewall-cmd --info-zone=public public (active) target: default ... services: dhcpv6-client https http ssh ports: 9100/tcp 9101/tcp ... 280/tcp ... Jeffrey Cauhape – IT Professional III – Linux and Solaris Administrator Nevada Department of Employment, Training and Rehabilitation (775) 684-3804 (office) jpcauh...@detr.nv.gov<mailto:jpcauh...@detr.nv.gov> -Original Message- From: Jeff Cauhape [mailto:jpcauh...@detr.nv.gov<mailto:jpcauh...@detr.nv.gov>] Sent: Monday, February 4, 2019 8:29 AM To: users@httpd.apache.org<mailto:users@httpd.apache.org> Subject: RE: [users@httpd] Stupid question time - VirtualHost Luca, Thanks for the suggestion. It looks like we may have stumbled over the Secure Linux policy settings. I'll know more later this morning. I'll post a follow up when I figure it out. Thanks, Jeffrey Cauhape – IT Professional III – Linux and Solaris Administrator Nevada Department of Employment, Training and Rehabilitation (775) 684-3804 (office) jpcauh...@detr.nv.gov<mailto:jpcauh...@detr.nv.gov> -Original Message- From: Luca Toscano [mailto:toscano.l...@gmail.com<mailto:toscano.l...@gmail.com>] Sent: Saturday, February 2, 2019 11:29 AM To: users@httpd.apache.org<mailto:users@httpd.apache.org> Subject: Re: [users@httpd] Stupid question time - VirtualHost Hi Jeff! Il giorno ven 1 feb 2019 alle ore 16:02 Jeff Cauhape mailto:jpcauh...@detr.nv.gov>> ha scritto: > > My usage of Apache has been pretty plain vanilla, and now I am > required to > > add a virtual host to a system, and I’m wondering what doing wrong. My > hunch > > is that it’s obvious to others. > > > > I am using Apache 2.4.6 as reported by httpd -v > > > >
Re: [users@httpd] Stupid question time - VirtualHost
Depending on the error returned by the OS, httpd can't do much in some cases. It would be useful if you were to share the verbatim error, as a start. On Mon, 4 Feb 2019 at 13:17, Jeff Cauhape wrote: > Yes, it was the Secure Linux preventing the use of the port. I wonder if > the error message should be broadened to include > the possibility that security policies are not allowing it's use, rather > than just assuming that the port is not available because > it's already in use. > > I added the port to the security policy with this command: > > # semanage port -a -t http_port_t -p tcp 280 > > I had already added the port to the firewall > > [root@web1e conf]# firewall-cmd --info-zone=public > > public (active) > target: default > ... > services: dhcpv6-client https http ssh > ports: 9100/tcp 9101/tcp ... 280/tcp > ... > > Jeffrey Cauhape – IT Professional III – Linux and Solaris Administrator > Nevada Department of Employment, Training and Rehabilitation > (775) 684-3804 (office) jpcauh...@detr.nv.gov > > -Original Message- > From: Jeff Cauhape [mailto:jpcauh...@detr.nv.gov] > Sent: Monday, February 4, 2019 8:29 AM > To: users@httpd.apache.org > Subject: RE: [users@httpd] Stupid question time - VirtualHost > > Luca, > > Thanks for the suggestion. It looks like we may have stumbled over the > Secure Linux policy settings. I'll know more later this morning. I'll post > a follow up when I figure it out. > > Thanks, > > Jeffrey Cauhape – IT Professional III – Linux and Solaris Administrator > Nevada Department of Employment, Training and Rehabilitation > (775) 684-3804 (office) jpcauh...@detr.nv.gov > > -Original Message- > From: Luca Toscano [mailto:toscano.l...@gmail.com] > Sent: Saturday, February 2, 2019 11:29 AM > To: users@httpd.apache.org > Subject: Re: [users@httpd] Stupid question time - VirtualHost > > Hi Jeff! > > Il giorno ven 1 feb 2019 alle ore 16:02 Jeff Cauhape < > jpcauh...@detr.nv.gov> ha scritto: > > > > My usage of Apache has been pretty plain vanilla, and now I am > > required to > > > > add a virtual host to a system, and I’m wondering what doing wrong. My > > hunch > > > > is that it’s obvious to others. > > > > > > > > I am using Apache 2.4.6 as reported by httpd -v > > > > > > > > In my httpd.conf file I have: > > > > … > > > > Listen web1e.detr.nv:80 > > > > Listen web1e.detr.nv:280 > > > > … > > > > and > > > > > > > > ServerName survey.nvdetr.org > > > > UseCanonicalName Off > > > > DocumentRoot "/var/www/html/survey/" > > > > ScriptAlias /cgi-bin/ "/var/www/cig-bin/survey/cgi-bin/" > > > > … > > > > > > > > > > > > Question: Isn’t it true that I must have a Listen directive for each > VirtualHost? > > > > > > > > However, if I try to start the apache server configured like this I > > get an error message that > > > > the port 8090 (or any other number I choose) is already in use and not > > available. This causes > > > > apache to fail to start. > > > > > > > > # lsof -I :280 > > > > > > > > and > > > > > > > > # netstat -ltnp > > > > > > > > Do not show the port in use by anything. I can change the port number > > to anything I choose > > > > and the results are the same. This suggests to me that the problem is in > apache config somewhere. > > > > > > > > If I comment out the Listen director for the VirtualHost, I don’t get > > the error, but I don’t see any > > > > process listening on the port either. > > > > > > > > Ideas? Suggestions? > > Did you check https://httpd.apache.org/docs/2.4/vhosts/examples.html ? > There are useful examples in there, it should clarify all doubts. > > Hope that helps! > > Luca > > - > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > > B CB > [ X ܚX K K[XZ[ > \ \ ][ X ܚX P > \ X K ܙ B ܈ Y ] [ۘ[[X[ K[XZ[ > \ \ Z [ > \ X K ܙ B > > - > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org >
RE: [users@httpd] Stupid question time - VirtualHost
Yes, it was the Secure Linux preventing the use of the port. I wonder if the error message should be broadened to include the possibility that security policies are not allowing it's use, rather than just assuming that the port is not available because it's already in use. I added the port to the security policy with this command: # semanage port -a -t http_port_t -p tcp 280 I had already added the port to the firewall [root@web1e conf]# firewall-cmd --info-zone=public public (active) target: default ... services: dhcpv6-client https http ssh ports: 9100/tcp 9101/tcp ... 280/tcp ... Jeffrey Cauhape – IT Professional III – Linux and Solaris Administrator Nevada Department of Employment, Training and Rehabilitation (775) 684-3804 (office) jpcauh...@detr.nv.gov -Original Message- From: Jeff Cauhape [mailto:jpcauh...@detr.nv.gov] Sent: Monday, February 4, 2019 8:29 AM To: users@httpd.apache.org Subject: RE: [users@httpd] Stupid question time - VirtualHost Luca, Thanks for the suggestion. It looks like we may have stumbled over the Secure Linux policy settings. I'll know more later this morning. I'll post a follow up when I figure it out. Thanks, Jeffrey Cauhape – IT Professional III – Linux and Solaris Administrator Nevada Department of Employment, Training and Rehabilitation (775) 684-3804 (office) jpcauh...@detr.nv.gov -Original Message- From: Luca Toscano [mailto:toscano.l...@gmail.com] Sent: Saturday, February 2, 2019 11:29 AM To: users@httpd.apache.org Subject: Re: [users@httpd] Stupid question time - VirtualHost Hi Jeff! Il giorno ven 1 feb 2019 alle ore 16:02 Jeff Cauhape ha scritto: > > My usage of Apache has been pretty plain vanilla, and now I am > required to > > add a virtual host to a system, and I’m wondering what doing wrong. My > hunch > > is that it’s obvious to others. > > > > I am using Apache 2.4.6 as reported by httpd -v > > > > In my httpd.conf file I have: > > … > > Listen web1e.detr.nv:80 > > Listen web1e.detr.nv:280 > > … > > and > > > > ServerName survey.nvdetr.org > > UseCanonicalName Off > > DocumentRoot "/var/www/html/survey/" > > ScriptAlias /cgi-bin/ "/var/www/cig-bin/survey/cgi-bin/" > > … > > > > > > Question: Isn’t it true that I must have a Listen directive for each > VirtualHost? > > > > However, if I try to start the apache server configured like this I > get an error message that > > the port 8090 (or any other number I choose) is already in use and not > available. This causes > > apache to fail to start. > > > > # lsof -I :280 > > > > and > > > > # netstat -ltnp > > > > Do not show the port in use by anything. I can change the port number > to anything I choose > > and the results are the same. This suggests to me that the problem is in > apache config somewhere. > > > > If I comment out the Listen director for the VirtualHost, I don’t get > the error, but I don’t see any > > process listening on the port either. > > > > Ideas? Suggestions? Did you check https://httpd.apache.org/docs/2.4/vhosts/examples.html ? There are useful examples in there, it should clarify all doubts. Hope that helps! Luca - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org B CB [ X ܚX KK[XZ[ \ \ ][ X ܚX P \X K ܙ B ܈Y][ۘ[ [X[ K[XZ[ \ \ Z[ \X K ܙ B - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
RE: [users@httpd] Stupid question time - VirtualHost
Luca, Thanks for the suggestion. It looks like we may have stumbled over the Secure Linux policy settings. I'll know more later this morning. I'll post a follow up when I figure it out. Thanks, Jeffrey Cauhape – IT Professional III – Linux and Solaris Administrator Nevada Department of Employment, Training and Rehabilitation (775) 684-3804 (office) jpcauh...@detr.nv.gov -Original Message- From: Luca Toscano [mailto:toscano.l...@gmail.com] Sent: Saturday, February 2, 2019 11:29 AM To: users@httpd.apache.org Subject: Re: [users@httpd] Stupid question time - VirtualHost Hi Jeff! Il giorno ven 1 feb 2019 alle ore 16:02 Jeff Cauhape ha scritto: > > My usage of Apache has been pretty plain vanilla, and now I am > required to > > add a virtual host to a system, and I’m wondering what doing wrong. My > hunch > > is that it’s obvious to others. > > > > I am using Apache 2.4.6 as reported by httpd -v > > > > In my httpd.conf file I have: > > … > > Listen web1e.detr.nv:80 > > Listen web1e.detr.nv:280 > > … > > and > > > > ServerName survey.nvdetr.org > > UseCanonicalName Off > > DocumentRoot "/var/www/html/survey/" > > ScriptAlias /cgi-bin/ "/var/www/cig-bin/survey/cgi-bin/" > > … > > > > > > Question: Isn’t it true that I must have a Listen directive for each > VirtualHost? > > > > However, if I try to start the apache server configured like this I > get an error message that > > the port 8090 (or any other number I choose) is already in use and not > available. This causes > > apache to fail to start. > > > > # lsof -I :280 > > > > and > > > > # netstat -ltnp > > > > Do not show the port in use by anything. I can change the port number > to anything I choose > > and the results are the same. This suggests to me that the problem is in > apache config somewhere. > > > > If I comment out the Listen director for the VirtualHost, I don’t get > the error, but I don’t see any > > process listening on the port either. > > > > Ideas? Suggestions? Did you check https://httpd.apache.org/docs/2.4/vhosts/examples.html ? There are useful examples in there, it should clarify all doubts. Hope that helps! Luca - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Stupid question time - VirtualHost
Hi Jeff! Il giorno ven 1 feb 2019 alle ore 16:02 Jeff Cauhape ha scritto: > > My usage of Apache has been pretty plain vanilla, and now I am required to > > add a virtual host to a system, and I’m wondering what doing wrong. My hunch > > is that it’s obvious to others. > > > > I am using Apache 2.4.6 as reported by httpd -v > > > > In my httpd.conf file I have: > > … > > Listen web1e.detr.nv:80 > > Listen web1e.detr.nv:280 > > … > > and > > > > ServerName survey.nvdetr.org > > UseCanonicalName Off > > DocumentRoot "/var/www/html/survey/" > > ScriptAlias /cgi-bin/ "/var/www/cig-bin/survey/cgi-bin/" > > … > > > > > > Question: Isn’t it true that I must have a Listen directive for each > VirtualHost? > > > > However, if I try to start the apache server configured like this I get an > error message that > > the port 8090 (or any other number I choose) is already in use and not > available. This causes > > apache to fail to start. > > > > # lsof -I :280 > > > > and > > > > # netstat -ltnp > > > > Do not show the port in use by anything. I can change the port number to > anything I choose > > and the results are the same. This suggests to me that the problem is in > apache config somewhere. > > > > If I comment out the Listen director for the VirtualHost, I don’t get the > error, but I don’t see any > > process listening on the port either. > > > > Ideas? Suggestions? Did you check https://httpd.apache.org/docs/2.4/vhosts/examples.html ? There are useful examples in there, it should clarify all doubts. Hope that helps! Luca - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org