httpd.service: Failed at step EXEC spawning usrsbinhttpd: Permission denied
httpd.service: Failed at step EXEC spawning usrsbinhttpd: Permission denied
apache 编译安装之后,通过 apachectl start 可以正常启动,注册为 systemd 服务时启动不了:
[root@localhost httpd-2.4.62]# systemctl start httpd.service
Job for httpd.service failed because the control process exited with error code.
See "systemctl status httpd.service" and "journalctl -xe" for details.
[root@localhost httpd-2.4.62]#
[root@localhost httpd-2.4.62]# journalctl -xe
--
-- The unit dnf-makecache.service has successfully entered the 'dead' state.
Dec 14 09:24:29 localhost.localdomain systemd[1]: Started dnf makecache.
-- Subject: Unit dnf-makecache.service has finished start-up
-- Defined-By: systemd
-- Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit dnf-makecache.service has finished starting up.
--
-- The start-up result is done.
Dec 14 09:26:37 localhost.localdomain systemd[1]: Reloading.
Dec 14 09:26:44 localhost.localdomain systemd[1]: Starting The Apache HTTP Server...
-- Subject: Unit httpd.service has begun start-up
-- Defined-By: systemd
-- Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit httpd.service has begun starting up.
Dec 14 09:26:44 localhost.localdomain systemd[58017]: httpd.service: Failed to execute command: Permission denied
Dec 14 09:26:44 localhost.localdomain systemd[58017]: httpd.service: Failed at step EXEC spawning /usr/sbin/httpd: Permission denied
-- Subject: Process /usr/sbin/httpd could not be executed
-- Defined-By: systemd
-- Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- The process /usr/sbin/httpd could not be executed and failed.
--
-- The error number returned by this process is 13.
Dec 14 09:26:44 localhost.localdomain systemd[1]: httpd.service: Main process exited, code=exited, status=203/EXEC
Dec 14 09:26:44 localhost.localdomain systemd[1]: httpd.service: Failed with result 'exit-code'.
-- Subject: Unit failed
-- Defined-By: systemd
-- Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- The unit httpd.service has entered the 'failed' state with result 'exit-code'.
Dec 14 09:26:44 localhost.localdomain systemd[1]: Failed to start The Apache HTTP Server.
-- Subject: Unit httpd.service has failed
-- Defined-By: systemd
-- Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit httpd.service has failed.
尝试把 SELinux 临时停用,此时通过 systemctl 可以启动 httpd 服务:
[root@localhost httpd-2.4.62]# getenforce
Enforcing
[root@localhost httpd-2.4.62]# setenforce 0
[root@localhost httpd-2.4.62]#
[root@localhost httpd-2.4.62]# systemctl start httpd
[root@localhost httpd-2.4.62]#
[root@localhost httpd-2.4.62]# ps -ef|grep httpd
root 58174 1 0 09:32 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
daemon 58175 58174 0 09:32 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
daemon 58176 58174 0 09:32 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
daemon 58177 58174 0 09:32 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
root 58260 1761 0 09:32 pts/0 00:00:00 grep --color=auto httpd
[root@localhost httpd-2.4.62]#
[root@localhost httpd-2.4.62]#
[root@localhost httpd-2.4.62]# systemctl stop httpd
[root@localhost httpd-2.4.62]#
[root@localhost httpd-2.4.62]# ps -ef|grep httpd
root 58265 1761 0 09:34 pts/0 00:00:00 grep --color=auto httpd
[root@localhost httpd-2.4.62]#
查看 /usr/sbin/httpd 文件的安全上下文类型:
/usr/sbin/httpd 是由 /www/server/apache2/bin/httpd 软链接过来的,也看一下
[root@localhost httpd-2.4.62]# ll -dZ /usr/sbin/httpd
lrwxrwxrwx. 1 root root unconfined_u:object_r:bin_t:s0 29 Dec 14 09:24 /usr/sbin/httpd -> /www/server/apache2/bin/httpd
[root@localhost httpd-2.4.62]#
[root@localhost httpd-2.4.62]# ll -dZ /www/server/apache2/bin/httpd
-rwxr-xr-x. 1 root root unconfined_u:object_r:default_t:s0 2899314 Dec 12 09:18 /www/server/apache2/bin/httpd
[root@localhost httpd-2.4.62]#
/www/server/apache2/bin/httpd 并没有 bin_t 这个类型:
[root@localhost httpd-2.4.62]# chcon -t bin_t /www/server/apache2/bin/httpd
[root@localhost httpd-2.4.62]#
[root@localhost httpd-2.4.62]# ll -dZ /www/server/apache2/bin/httpd
-rwxr-xr-x. 1 root root unconfined_u:object_r:bin_t:s0 2899312 Dec 14 09:18 /www/server/apache2/bin/httpd
[root@localhost httpd-2.4.62]#
