English
Ask Your Question
0

Run Apache Virtualhost on different port

asked 2014-01-05 18:43:23 +0000

updated 2014-02-15 19:36:14 +0000

mether gravatar image

Hi guys,
Recently I configured my httpd on Fedora 20, everything's ok.
But I want to run a virtualhost on different port, for example 8081
This is my apache config:

Listen 8081
NameVirtualHost *:8081

<VirtualHost *:8081>
   DocumentRoot /var/www/html/web
   ServerName web
</VirtualHost>

When a restart httpd on console:

$ sudo service httpd restart
Redirecting to /bin/systemctl restart 
httpd.service Job for httpd.service
failed. See 'systemctl status
httpd.service' and 'journalctl -xn'
for details.

When check the httpd status:

$ systemctl status httpd.service
httpd.service - The Apache HTTP Server
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled)
   Active: failed (Result: exit-code) since dom 2014-01-05 13:33:04 PET; 2min 29s ago
  Process: 12349 ExecStop=/bin/kill -WINCH $MAINPID (code=exited, status=1/FAILURE)
  Process: 3492 ExecReload=/usr/sbin/httpd $OPTIONS -k graceful (code=exited, status=0/SUCCESS)
  Process: 12345 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND (code=exited, status=1/FAILURE)
 Main PID: 12345 (code=exited, status=1/FAILURE)
   Status: "Total requests: 247; Current requests/sec: 0; Current traffic:   0 B/sec"

ene 05 13:33:04 localhost.localdomain kill[12349]: -q, --queue <sig>      use ...
ene 05 13:33:04 localhost.localdomain kill[12349]: -p, --pid              prin...
ene 05 13:33:04 localhost.localdomain kill[12349]: -l, --list [=<signal>] list...
ene 05 13:33:04 localhost.localdomain kill[12349]: -L, --table            list...
ene 05 13:33:04 localhost.localdomain kill[12349]: -h, --help     display this...
ene 05 13:33:04 localhost.localdomain kill[12349]: -V, --version  output versi...
ene 05 13:33:04 localhost.localdomain kill[12349]: For more details see kill(1).
ene 05 13:33:04 localhost.localdomain systemd[1]: httpd.service: control proc...1
ene 05 13:33:04 localhost.localdomain systemd[1]: Failed to start The Apache ....
ene 05 13:33:04 localhost.localdomain systemd[1]: Unit httpd.service entered ....
Hint: Some lines were ellipsized, use -l to show in full.


Then I open the port 8081 on firewall, so here a screenshot

image description

Any ideas?

edit retag flag offensive close merge delete

2 answers

Sort by ยป oldest newest most voted
0

answered 2015-06-27 21:30:39 +0000

odlefas gravatar image

Just upgraded from Fedora 21 to Fedora 22. My webserver no longer works. I installed cockpit to view system logs. It says I have a syntax error in virtual host conf file on a line with

Listen 8080

apachectl configtest says there is no syntax error

system log says there is a syntax error and that socket is not configured in "socket activation".

I have been searching for two hours to find specific information for how to configure apache 2.4 for virual hosts in a systemd environment. Instead of help from systemd people all of the "help" I find them telling me how wonderful it is, how it is supposed to work and bla, bla, bla... It doesn't work like their oversimplified explanations say. I find no direct answers to my questions. The current system "service+selinux+firewalled+systemd" is a mess with people pointing fingers at each other. Give me a break. I am just a simple guy trying to setup a simple system. Complexity is not empowering, it weakens the security, stability, reliability, and maintainability of the system. My configuration has withstood system upgrades with little change since Fedora 10. Now it is broken and the log messages are in conflict with each other. "It doesn't have a syntax error but won't start because of a syntax error."

I have simple needs:

I need the server to present normal service on port 80. The default configuration does this.

I need the service to offer local intranet traffic on port 8080. It can not longer listen on port 8080 even when I open this port in firewalld.

It shouldn't be difficult to configure systemd to do its job but somehow no one seems to have solved it. How do you register multiple sockets for a single service? I have tried without success variations of

httpd.socket:

[Unit] Description=Apache httpd Server Socket

[Socket] ListenStream=80 NoDelay=true DeferAcceptSec=30

[Socket] ListenStream=8080 NoDelay=true DeferAcceptSec=30

[Install] WantedBy=sockets.target

edit flag offensive delete link more
0

answered 2014-01-05 18:58:48 +0000

If your system has selinux in enforcing mode, please add the port to selinux policy config using:

semanage port -a -t http_port_t -p tcp 8081

Just to confirm if it's a selinux issue, can you retest after running setenforce 0

edit flag offensive delete link more

Comments

Don't disable SELinux to confirm that it is an SELinux issue. Just look at the log. ausearch -m avc -ts today will show any SELinux enforcements from today. If you disable SELinux and find what you're trying to do now works, you still need to look at the logs to see what needs to be changed - so skip the disabling and just look at the logs in the first place.

randomuser ( 2014-01-05 20:21:51 +0000 )edit

SELinux is fault: "SELinux is preventing /usr/sbin/httpd from name_bind access on the tcp_socket"

joseluisq ( 2014-01-05 21:02:22 +0000 )edit

@randomuser: setenforce is not persistant, selinux turns on after reboot or setenforce 1

athmane ( 2014-01-05 21:05:35 +0000 )edit

So, now my SELinux is permissive, but when enter to http://web:8081/ my SELinux appear and say Raw Audit Messages type=AVC msg=audit(1388956400.182:1767): avc: denied { name_connect } for pid=15095 comm="httpd" dest=8081 scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:object_r:transproxy_port_t:s0 tclass=tcp_socket, Is necessary to reboot?

joseluisq ( 2014-01-05 21:28:33 +0000 )edit

@joseluisq - pipe your AVC into audit2why

randomuser ( 2014-01-05 21:59:05 +0000 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

[hide preview]

Use your votes!

  • Use the 30 daily voting points that you get!
  • Up-vote well framed questions that provide enough information to enable people provide answers.
  • Thank your helpers by up-voting their comments and answers. If a question you asked has been answered, accept the best answer by clicking on the checkbox on the left side of the answer.
  • Down-voting might cost you karma, but you should consider doing so for incorrect or clearly detrimental questions and answers.

Stats

Asked: 2014-01-05 18:43:23 +0000

Seen: 1,089 times

Last updated: Jan 05 '14