Linux

Fedora 17 EC2 實例上的 Apache 權限被拒絕

  • October 16, 2012

我正在嘗試通過標准在 Fedora 17 EC2 實例上啟動 Apache:

sudo systemctl start httpd.service

但我收到錯誤“作業失敗。有關詳細資訊,請參閱系統日誌和‘systemctl 狀態’。”

在查看 /var/log/messages 時,我看到:

Oct 15 20:03:44 ip-10-72-15-170 dbus-daemon[383]: dbus[383]: [system] Rejected send message, 2 matched rules; type="method_call", sender=":1.98" (uid=1000 pid=19645 comm="systemctl start httpd.service ") interface="org.freedesktop.systemd1.Manager" member="StartUnit" error name="(unset)" requested_reply="0" destination="org.freedesktop.systemd1" (uid=0 pid=1 comm="/usr/lib/systemd/systemd --log-level info --log-ta")
Oct 15 20:03:44 ip-10-72-15-170 dbus[383]: [system] Rejected send message, 2 matched rules; type="method_call", sender=":1.98" (uid=1000 pid=19645 comm="systemctl start httpd.service ") interface="org.freedesktop.systemd1.Manager" member="StartUnit" error name="(unset)" requested_reply="0" destination="org.freedesktop.systemd1" (uid=0 pid=1 comm="/usr/lib/systemd/systemd --log-level info --log-ta")
Oct 15 20:03:50 ip-10-72-15-170 httpd[19650]: httpd: Could not open configuration file /etc/httpd/conf/httpd.conf: Permission denied
Oct 15 20:03:50 ip-10-72-15-170 TIFIER=systemd[1]: httpd.service: control process exited, code=exited status=1
Oct 15 20:03:50 ip-10-72-15-170 TIFIER=systemd[1]: Unit httpd.service entered failed state.

但是,我不明白為什麼 Apache 無法讀取自己的 conf 文件,因為權限似乎是正確的:

[ec2-user@ec2-host ~]$ ls -lah /etc/httpd/conf/httpd.conf
-rw-rw-r--. 1 apache apache 7.3K Oct 15 19:14 /etc/httpd/conf/httpd.conf

這裡發生了什麼?如何解決此權限錯誤?

我剛剛安裝httpd在我的 Fedora 17 盒子上,看看可能是什麼問題。

所以你有兩個問題:

  1. 這些文件由 擁有root,而不是apache
  2. 您可能會受到 SELinux 拒絕的打擊(/var/log/audit/audit.log儘管您沒有發布任何內容)。

您的系統應如下所示:

drwxr-xr-x. root root system_u:object_r:httpd_config_t:s0 /etc/httpd
drwxr-xr-x. root root system_u:object_r:httpd_config_t:s0 /etc/httpd/conf
-rw-r--r--. root root system_u:object_r:httpd_config_t:s0 /etc/httpd/conf/httpd.conf

引用自:https://serverfault.com/questions/438726