httpd and selinux

Support for security such as Firewalls and securing linux
Post Reply
Metsger
Posts: 21
Joined: 2007/08/30 10:50:56

httpd and selinux

Post by Metsger » 2008/08/18 05:07:13

Hello.

I need help. I have config in /etc/httpd/conf.d/ wich define vhost ()
I can't start httpd:
[code]
# service httpd start
Starting httpd: (13)Permission denied: make_sock: could not bind to address [::]:9443
(13)Permission denied: make_sock: could not bind to address 0.0.0.0:9443
no listening sockets available, shutting down
Unable to open logs
[/code]

It starts when "setsebool httpd_disable_trans 1"

Also I don't see any selinux "avc:denided mesage".
Top
Metsger
Posts: 21
Joined: 2007/08/30 10:50:56

Re: httpd and selinux

Post by Metsger » 2008/08/18 05:17:52

I find easy way: "semanage port -l | grep http" and change to allowed port (8443)

But one question - where is log with avc denided messages?
Top
NedSlider
Forum Moderator
Posts: 2897
Joined: 2005/10/28 13:11:50
Location: UK

httpd and selinux

Post by NedSlider » 2008/08/18 06:31:55

By default SELinux log messages are written to /var/log/audit/audit.log via the Linux Auditing System (auditd) which is started by default. If auditd is not running then messages are written to /var/log/messages.

Please see the Wiki guide on SELinux here:

http://wiki.centos.org/HowTos/SELinux
Top
Post Reply

Return to “CentOS 5 - Security Support”