HPE Community
Linux-Based Community / Regional
1758347 Members
2019 Online
108868 Solutions
New Discussion

Re: Apache startup failed (points!)

 
Chhaya_Z
Valued Contributor

‎12-08-2010 03:38 AM

‎12-08-2010 03:38 AM

Re: Apache startup failed (points!)

Hi Christian,
Point1:
From the above output i see that SElinux is enabled however it is in permissive mode
#sestatus ==> plz paste the output
The required output should be as follows:
SELinux status: enabled
SELinuxfs mount: /selinux
Current mode: enforcing
Mode from config file: enforcing

Point 2: "/etc/pki/tls/private/localhost.key default SELinux type is
cert_t, but its current type is admin_home_t. Changing this file back to the
default type, may fix your problem."

Plz check the current context of the file using below command:
#ls -Z /etc/pki/tls/private/localhost.key

If the context is anything other than whats suggested from the sealert message then you can change it to required one using the below command:

#chcon -R -t cert_t /etc/pki/tls/private/localhost.key

Hope this helps.
Regards,
Chhaya

I am an HP employee.
Was this post useful? - You may click the KUDOS! star to say thank you.
0 Kudos
Christian Deutsch_1
Esteemed Contributor

‎12-08-2010 03:50 AM

‎12-08-2010 03:50 AM

Re: Apache startup failed (points!)

Chhaya,

When I set SELinux to permissive mode, the web page is served fine:

sestatus
SELinux status: enabled
SELinuxfs mount: /selinux
Current mode: permissive
Mode from config file: permissive
Policy version: 24
Policy from config file: targeted

As I already mentioned several times before, when I set SELinux to enforced mode, the web page is not served at all (0 bytes).

ls -Z /etc/pki/tls/private/localhost.key
-rw-r--r--. root root system_u:object_r:cert_t:s0 /etc/pki/tls/private/localhost.key

ls -Z /etc/pki/tls/certs/localhost.crt
-rw-------. root root unconfined_u:object_r:cert_t:s0 /etc/pki/tls/certs/localhost.crt

Any more ideas?

I guess since there are no new SELinux messages in /var/log/messages, something else might be needed.

Christian
Yeshua loves you!
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.