2014-03-12 08:44:01
来 源
itjs.cn
Apache
本文介绍解决SELinux导致Apache更改端口后无法启动的问题,希望对于初学Apache服务器相关的朋友有帮助,更多Apache安装、配置、报错处理等资源请本站内搜索。
apache更改端口后无法启动显示现象如下:第一次更改端口为:8000 [[email protected] cacti]# service httpd start

Starting httpd: httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName

(13)Permission denied: make_sock: could not bind to address [::]:8000

(13)Permission denied: make_sock: could not bind to address 0.0.0.0:8000

no listening sockets available, shutting down

Unable to open logs

[FAILED]

尝试第二次将端口改为81

[[email protected] httpd]# service httpd start

Starting httpd: httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName

(13)Permission denied: make_sock: could not bind to address [::]:81

(13)Permission denied: make_sock: could not bind to address 0.0.0.0:81

no listening sockets available, shutting down

Unable to open logs

[FAILED]

Google 一下,发现原来是 SELinux  安全机制的作用。

(很难搞,如果很多牵扯的权限的事情找不到原因,就可以分析是否是它的作用)

解决方法如下:

查看selinux状态:

[[email protected] httpd]# sestatus

SELinux status:                 enabled

SELinuxfs mount:                /selinux

Current mode:                   enforcing

Mode from config file:          enforcing

Policy version:                 21

Policy from config file:        targeted

或者用

[[email protected] httpd]# getenforce

Enforcing

关闭selinux状态:(使用无启重启系统的方法)

[[email protected] httpd]# setenforce 0            关闭命令

[[email protected] httpd]# getenforce              重新查看selinux状态

Permissive  

尝试再次启动apache

[[email protected] httpd]# service httpd start

Starting httpd: httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName

[  OK  ]        成功!!

永久去掉启动失效方法:

[[email protected] ~]# ls -Z /root/

-rw——- root root system_u:object_r:user_home_t anaconda-ks.cfg

-rw-r–r– root root root:object_r:user_home_t install.log

-rw-r–r– root root root:object_r:user_home_t install.log.syslog

其中的“user_home_t”就是SELinux策略属性,而需要httpd能访问必须要是“httpd_user_content_t”属性。

执行一下命令修改你的目录属性

chcon -R -t httpd_user_content_t /dir/ #将/dir目录下所有文件属性设置成 “httpd_user_content_t”

接下来重启httpd

[[email protected] httpd]# service httpd restart

Stopping httpd: [ OK ]

Starting httpd: [ OK ]

大功告成。

得到一个结论,一般碰到莫名其妙的问题一定要先看错误日志,linux下大部分软件都有自己的日志,这样定位起来问题才会不花冤枉时间。

当然也可以去禁止掉SELinux。

1.立即关闭SELinux。setenforce 0;#重启失效

2.修改配置文件 vim /etc/selinux/config;把SELINUX修改成”enforcing”—>”disable”;

声明: 此文观点不代表本站立场;转载须要保留原文链接;版权疑问请联系我们。