Redhat
httpd 作為上下文執行 unconfined_u:system_r:httpd_t:s0(SELinux 處於許可狀態)
我在開始時遇到問題
httpd:# service httpd status httpd is stopped # service httpd start Starting httpd: [Tue Nov 01 12:02:53 2016] [notice] SELinux policy enabled; httpd running as context unconfined_u:system_r:httpd_t:s0 [FAILED] # tail /var/log/httpd/error_log [Tue Nov 01 12:59:57 2016] [notice] SELinux policy enabled; httpd running as context unconfined_u:system_r:httpd_t:s0 [Tue Nov 01 13:00:11 2016] [notice] SELinux policy enabled; httpd running as context unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 [Tue Nov 01 13:00:11 2016] [info] Init: Initialized OpenSSL library [Tue Nov 01 13:00:49 2016] [notice] SELinux policy enabled; httpd running as context unconfined_u:system_r:httpd_t:s0 [Tue Nov 01 13:05:15 2016] [notice] SELinux policy enabled; httpd running as context unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 [Tue Nov 01 13:05:15 2016] [info] Init: Initialized OpenSSL library [Tue Nov 01 14:38:56 2016] [notice] SELinux policy enabled; httpd running as context system_u:system_r:httpd_t:s0 [Tue Nov 01 14:40:38 2016] [notice] SELinux policy enabled; httpd running as context system_u:system_r:httpd_t:s0 [Tue Nov 01 14:59:55 2016] [notice] SELinux policy enabled; httpd running as context unconfined_u:system_r:httpd_t:s0 [Tue Nov 01 15:00:40 2016] [notice] SELinux policy enabled; httpd running as context system_u:system_r:httpd_t:s0 # cat /var/log/httpd/error_log | grep -v 'SELinux policy enabled' [Tue Nov 01 12:30:07 2016] [info] Init: Initialized OpenSSL library [Tue Nov 01 12:30:52 2016] [info] Init: Initialized OpenSSL library [Tue Nov 01 12:31:17 2016] [info] Init: Initialized OpenSSL library [Tue Nov 01 12:31:35 2016] [info] Init: Initialized OpenSSL library [Tue Nov 01 12:31:43 2016] [info] Init: Initialized OpenSSL library [Tue Nov 01 12:32:10 2016] [info] Init: Initialized OpenSSL library [Tue Nov 01 12:38:22 2016] [info] Init: Initialized OpenSSL library [Tue Nov 01 13:00:11 2016] [info] Init: Initialized OpenSSL library [Tue Nov 01 13:05:15 2016] [info] Init: Initialized OpenSSL library # getenforce Permissive # httpd -t Syntax OK # httpd -e debug -k start [Tue Nov 01 12:32:10 2016] [debug] mod_so.c(246): loaded module authz_host_module [Tue Nov 01 12:32:10 2016] [debug] mod_so.c(246): loaded module log_config_module [Tue Nov 01 12:32:10 2016] [debug] mod_so.c(246): loaded module setenvif_module [Tue Nov 01 12:32:10 2016] [debug] mod_so.c(246): loaded module mime_module [Tue Nov 01 12:32:10 2016] [debug] mod_so.c(246): loaded module autoindex_module [Tue Nov 01 12:32:10 2016] [debug] mod_so.c(246): loaded module negotiation_module [Tue Nov 01 12:32:10 2016] [debug] mod_so.c(246): loaded module dir_module [Tue Nov 01 12:32:10 2016] [debug] mod_so.c(246): loaded module alias_module [Tue Nov 01 12:32:10 2016] [debug] mod_so.c(246): loaded module rewrite_module [Tue Nov 01 12:32:10 2016] [debug] mod_so.c(246): loaded module proxy_module [Tue Nov 01 12:32:10 2016] [debug] mod_so.c(246): loaded module proxy_http_module [Tue Nov 01 12:32:10 2016] [debug] mod_so.c(246): loaded module ssl_module # echo $? 1 # run_init service httpd start Authenticating root. Password: Starting httpd: [FAILED] #我的環境:
# cat /etc/redhat-release Red Hat Enterprise Linux Server release 6.8 (Santiago) # uname -a Linux X 2.6.32-642.6.1.el6.x86_64 #1 SMP Thu Aug 25 12:42:19 EDT 2016 x86_64 x86_64 x86_64 GNU/Linux # rpm -q httpd httpd-2.2.15-54.el6_8.x86_64 #請指教。
我能夠在這裡找到實際問題…
[Thu Nov 03 10:16:37 2016] [error] Unable to configure RSA server private key [Thu Nov 03 10:16:37 2016] [error] SSL Library Error: 185073780 error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch在我恢復 ssl 密鑰的備份後,
httpd開始沒有任何問題)