Facebook
Twittermmcomputers
New Pleskian
After automatic update on: "Red Hat Enterprise Linux 8.10 (Ootpa)" httpd go in error:
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Drop-In: /usr/lib/systemd/system/httpd.service.d
└─respawn.conf
Active: activating (auto-restart) (Result: exit-code) since Fri 2025-01-17 06:12:53 UTC; 675ms ago
Docs: man:httpd.service(8)
Process: 189253 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND (code=exited, status=1/FAILURE)
Main PID: 189253 (code=exited, status=1/FAILURE)
Status: "Reading configuration..."
Jan 17 06:12:53 azplnx25 systemd[1]: httpd.service: Main process exited, code=exited, status=1/FAILURE
Jan 17 06:12:53 azplnx25 systemd[1]: httpd.service: Failed with result 'exit-code'.
Jan 17 06:12:53 azplnx25 systemd[1]: Failed to start The Apache HTTP Server.
-- CHECK --
[root- audit]# fgrep avc /var/log/audit/audit.log | more
type=AVC msg=audit(1737087934.154:761684): avc: denied { open } for pid=173290 comm="httpd" path="/var/log/modsec_audit.log" dev="dm-4" ino=654904 scontext=system_u:system_r:httpd_t:s0 tcontext=unconfined_u
bject_r:var_log_t:s0 tclass=file permissive=0
type=AVC msg=audit(1737087939.400:761688): avc: denied { open } for pid=173300 comm="httpd" path="/var/log/modsec_audit.log" dev="dm-4" ino=654904 scontext=system_u:system_r:httpd_t:s0 tcontext=unconfined_ubject_r:var_log_t:s0 tclass=file permissive=0
type=AVC msg=audit(1737087944.654:761692): avc: denied { open } for pid=173315 comm="httpd" path="/var/log/modsec_audit.log" dev="dm-4" ino=654904 scontext=system_u:system_r:httpd_t:s0 tcontext=unconfined_ubject_r:var_log_t:s0 tclass=file permissive=0
....
-- SOLVED WITH ---
I permit SELinux use file:
[root - log]# cd /tmp
[root - tmp]# ausearch -c 'httpd' --raw | audit2allow -M my-httpd
[root - tmp]#semodule -X 300 -i my-httpd.pp
[root - tmp]# systemctl status httpd
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Drop-In: /usr/lib/systemd/system/httpd.service.d
└─respawn.conf
Active: active (running) since Fri 2025-01-17 06:18:57 UTC; 2min 6s ago
Docs: man:httpd.service(8)
Main PID: 190612 (httpd)
Status: "Total requests: 12; Idle/Busy workers 100/0;Requests/sec: 0.101; Bytes served/sec: 177 B/sec"
Tasks: 234 (limit: 50667)
Memory: 161.6M
CGroup: /system.slice/httpd.service
├─190612 /usr/sbin/httpd -DFOREGROUND
├─190639 /usr/sbin/httpd -DFOREGROUND
├─190640 /usr/sbin/httpd -DFOREGROUND
├─190642 Passenger watchdog
├─190646 Passenger core
├─190665 /usr/sbin/httpd -DFOREGROUND
├─190666 /usr/sbin/httpd -DFOREGROUND
└─190667 /usr/sbin/httpd -DFOREGROUND
Jan 17 06:18:57 XXXXXX systemd[1]: Starting The Apache HTTP Server...
Jan 17 06:18:57 XXXXXX systemd[1]: Started The Apache HTTP Server.
Jan 17 06:18:57 XXXXXX httpd[190612]: Server configured, listening on: 127.0.0.1 port 7081, 127.0.0.1 port 7080
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Drop-In: /usr/lib/systemd/system/httpd.service.d
└─respawn.conf
Active: activating (auto-restart) (Result: exit-code) since Fri 2025-01-17 06:12:53 UTC; 675ms ago
Docs: man:httpd.service(8)
Process: 189253 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND (code=exited, status=1/FAILURE)
Main PID: 189253 (code=exited, status=1/FAILURE)
Status: "Reading configuration..."
Jan 17 06:12:53 azplnx25 systemd[1]: httpd.service: Main process exited, code=exited, status=1/FAILURE
Jan 17 06:12:53 azplnx25 systemd[1]: httpd.service: Failed with result 'exit-code'.
Jan 17 06:12:53 azplnx25 systemd[1]: Failed to start The Apache HTTP Server.
-- CHECK --
[root- audit]# fgrep avc /var/log/audit/audit.log | more
type=AVC msg=audit(1737087934.154:761684): avc: denied { open } for pid=173290 comm="httpd" path="/var/log/modsec_audit.log" dev="dm-4" ino=654904 scontext=system_u:system_r:httpd_t:s0 tcontext=unconfined_u
bject_r:var_log_t:s0 tclass=file permissive=0type=AVC msg=audit(1737087939.400:761688): avc: denied { open } for pid=173300 comm="httpd" path="/var/log/modsec_audit.log" dev="dm-4" ino=654904 scontext=system_u:system_r:httpd_t:s0 tcontext=unconfined_u
bject_r:var_log_t:s0 tclass=file permissive=0type=AVC msg=audit(1737087944.654:761692): avc: denied { open } for pid=173315 comm="httpd" path="/var/log/modsec_audit.log" dev="dm-4" ino=654904 scontext=system_u:system_r:httpd_t:s0 tcontext=unconfined_u
bject_r:var_log_t:s0 tclass=file permissive=0....
-- SOLVED WITH ---
I permit SELinux use file:
[root - log]# cd /tmp
[root - tmp]# ausearch -c 'httpd' --raw | audit2allow -M my-httpd
[root - tmp]#semodule -X 300 -i my-httpd.pp
[root - tmp]# systemctl status httpd
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Drop-In: /usr/lib/systemd/system/httpd.service.d
└─respawn.conf
Active: active (running) since Fri 2025-01-17 06:18:57 UTC; 2min 6s ago
Docs: man:httpd.service(8)
Main PID: 190612 (httpd)
Status: "Total requests: 12; Idle/Busy workers 100/0;Requests/sec: 0.101; Bytes served/sec: 177 B/sec"
Tasks: 234 (limit: 50667)
Memory: 161.6M
CGroup: /system.slice/httpd.service
├─190612 /usr/sbin/httpd -DFOREGROUND
├─190639 /usr/sbin/httpd -DFOREGROUND
├─190640 /usr/sbin/httpd -DFOREGROUND
├─190642 Passenger watchdog
├─190646 Passenger core
├─190665 /usr/sbin/httpd -DFOREGROUND
├─190666 /usr/sbin/httpd -DFOREGROUND
└─190667 /usr/sbin/httpd -DFOREGROUND
Jan 17 06:18:57 XXXXXX systemd[1]: Starting The Apache HTTP Server...
Jan 17 06:18:57 XXXXXX systemd[1]: Started The Apache HTTP Server.
Jan 17 06:18:57 XXXXXX httpd[190612]: Server configured, listening on: 127.0.0.1 port 7081, 127.0.0.1 port 7080
