I'm working on a debian jessie machine instantiated inside open nebula with kvm. I have to install jboss eap and mod_cluster, so I need to install the apache2 service.
I followed the mod_cluster quick start guide and set the /etc/apache2/apache2.conf file as follow:
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
LoadModule slotmem_module modules/mod_slotmem.so
LoadModule manager_module modules/mod_manager.so
LoadModule proxy_cluster_module modules/mod_proxy_cluster.so
LoadModule advertise_module modules/mod_advertise.so
ServerName master
Listen 10.0.0.6:6666
<VirtualHost 10.0.0.6:6666>
<Directory />
Order deny,allow
Deny from all
Allow from 10.0.0.
</Directory>
KeepAliveTimeout 60
MaxKeepAliveRequests 0
ManagerBalancerName nebula
AdvertiseFrequency 5
<Location /mod_cluster_manager>
Order deny,allow
Deny from all
Allow from 10.0.0.
</Location>
When I run the command /etc/init.d/apache2 start it return error, systemctl status apache2.service -l shows me:
apache2.service - LSB: Apache2 web server
Loaded: loaded (/etc/init.d/apache2)
Active: failed (Result: exit-code) since Wed 2015-12-16 15:17:45 CET; 10min ago
Process: 844 ExecStart=/etc/init.d/apache2 start (code=exited, status=1/FAILURE)
Dec 16 15:17:45 debian apache2[844]: Starting web server: apache2 failed!
Dec 16 15:17:45 debian apache2[844]: The apache2 configtest failed. ... (warning).
Dec 16 15:17:45 debian apache2[844]: Output of config test was:
Dec 16 15:17:45 debian apache2[844]: apache2: Syntax error on line 1 of /etc/apache2/apache2.conf: Cannot load modules/mod_proxy.so into server: /etc/apache2/modules/mod_proxy.so: undefined symbol: ap_escape_html
Dec 16 15:17:45 debian apache2[844]: Action 'configtest' failed.
Dec 16 15:17:45 debian apache2[844]: The Apache error log may have more information.
Dec 16 15:17:45 debian systemd[1]: apache2.service: control process exited, code=exited status=1
Dec 16 15:17:45 debian systemd[1]: Failed to start LSB: Apache2 web server.
Dec 16 15:17:45 debian systemd[1]: Unit apache2.service entered failed state.
I can't understand what "undefined symbol: ap_escape_html" means and how I could resolve it.
Thanks in advance for help.
UPDATE 1: I tried to build httpd from source. I installed the pcre libraries also from source, but when I run PREFIX/bin/apachectl -k start it returns the following error:
/etc/httpd/bin/httpd: error while loading shared libraries: libpcre.so.1: cannot open shared object file: No such file or directory
I solved libraries problems following this guide
Related
Trying to start a service to run gunicorn as backend server for Flask, not working. Running nginx as frontend server for React, working.
Server:
Virtualization: vmware
Operating System: Red Hat Enterprise Linux 8.4 (Ootpa)
CPE OS Name: cpe:/o:redhat:enterprise_linux:8.4:GA
Kernel: Linux 4.18.0-305.3.1.el8_4.x86_64
Architecture: x86-64
Service file in /etc/systemd/system/myservice.service:
[Unit]
Description="Description"
After=network.target
[Service]
User=root
Group=root
WorkingDirectory=/home/project/app/api
ExecStart=/home/project/app/api/venv/bin/gunicorn -b 127.0.0.1:5000 api:app
Restart=always
[Install]
WantedBy=multi-user.target
/app/api:
-rwxr-xr-x. 1 root root 2018 Jun 9 20:06 api.py
drwxrwxr-x+ 5 root root 100 Jun 7 10:11 venv
Error message:
● myservice.service - "Description"
Loaded: loaded (/etc/systemd/system/myservice.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Thu 2021-06-10 19:01:01 CEST; 5s ago
Process: 18307 ExecStart=/home/project/app/api/venv/bin/gunicorn -b 127.0.0.1:5000 api:app (code=exited, status=203/EXEC)
Main PID: 18307 (code=exited, status=203/EXEC)
Jun 10 19:01:01 xxxx systemd[1]: myservice.service: Service RestartSec=100ms expired, scheduling restart.
Jun 10 19:01:01 xxxx systemd[1]: myservice.service: Scheduled restart job, restart counter is at 5.
Jun 10 19:01:01 xxxx systemd[1]: Stopped "Description".
Jun 10 19:01:01 xxxx systemd[1]: myservice.service: Start request repeated too quickly.
Jun 10 19:01:01 xxxx systemd[1]: myservice.service: Failed with result 'exit-code'.
Jun 10 19:01:01 xxxx systemd[1]: Failed to start "Description".
Tried, not working:
Adding Environment="PATH=/home/project/app/api/venv/bin" under [Service]
$ systemctl reset-failed myservice.service
$ systemctl daemon-reload
Reboot, ofc.
Tried, working:
Running (as root) /home/project/app/api/venv/bin/gunicorn -b 127.0.0.1:5000 api:app while in /app/api directory
Does anyone know how to fix this problem?
Typically enough, I figured it out shortly after posting this issue.
SELinux is messing with permissions for files and directories, so for anyone experiencing the same issue, make sure to test with the following alterings (as root):
$ setsebool -P httpd_can_network_connect on
$ chcon -Rt httpd_sys_content_t /path/to/your/Flask/dir
In my case: $ chcon -Rt httpd_sys_content_t /home/project/app/api
While this is NOT a permanent fix, it's worth a try. Check out the SELinux docs for more permanent solutions.
[root#name ~]# systemctl status firewalld -l
* firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: inactive (dead)
Docs: man:firewalld(1)
Nov 17 18:47:24 strike325 systemd[1]: Starting firewalld - dynamic firewall daemon...
Nov 17 18:47:25 strike325 systemd[1]: Started firewalld - dynamic firewall daemon.
Nov 17 18:47:25 strike325 firewalld[1176]: WARNING: ipset not usable, disabling ipset usage in firewall.
Nov 17 18:47:26 strike325 firewalld[1176]: ERROR: Failed to load nf_conntrack module: modprobe: ERROR: could not find module by name='nf_conntrack'
modprobe: ERROR: could not insert 'nf_conntrack': Function not implemented
modprobe: ERROR: Error running install command for nf_conntrack
modprobe: ERROR: could not insert 'nf_conntrack': Operation not permitted
Nov 17 18:47:26 strike325 firewalld[1176]: E
RROR: Raising SystemExit in run_server
Nov 17 19:47:16 strike325 systemd[1]: Starting firewalld - dynamic firewall daemon...
Nov 17 19:47:17 strike325 systemd[1]: Started firewalld - dynamic firewall daemon.
Nov 17 19:47:17 strike325 firewalld[2689]: WARNING: ipset not usable, disabling ipset usage in firewall.
Nov 17 19:47:18 strike325 firewalld[2689]: ERROR: Failed to load nf_conntrack module: modprobe: ERROR: could not find module by name='nf_conntrack'
modprobe: ERROR: could not insert 'nf_conntrack': Function not implemented
modprobe: ERROR: Error running install command for nf_conntrack
modprobe: ERROR: could not insert 'nf_conntrack': Operation not permitted
Nov 17 19:47:18 strike325 firewalld[2689]: ERROR: Raising SystemExit in run_server
I've recently purchased a VPS using Centos 7 (x64) and I'm having some trouble with my firewalld. I found the fix here but unfortunately it's no longer working for me. Any help would be appreciated as I haven't been able to find any permanent fixes.
Other fix attempts so far:
restart dbus
restart firewalld
Reverting and locking the version of firewalld (temporary fix)
I was going to post my fix in a while now (I'm supporting a number of servers, all affected with the same issue), but haven't had the time.
But your question made me motivated to finally write it down.
The solution from this post is:
create a script which generates modules.builtin file specific to your current kernel
create a SystemD unit which automatically recreates the same before FirewallD during startup (useful in case the kernel is upgraded).
In this way, you permanently solve the issue without hacking a bit of FirewallD code.
Workaround is to downgrade firewalld to 7.6:
wget http://vault.centos.org/7.6.1810/os/x86_64/Packages/firewalld-0.5.3-5.el7.noarch.rpm http://vault.centos.org/7.6.1810/os/x86_64/Packages/firewalld-filesystem-0.5.3-5.el7.noarch.rpm http://vault.centos.org/7.6.1810/os/x86_64/Packages/python-firewall-0.5.3-5.el7.noarch.rpm
yum downgrade firewalld-0.5.3-5.el7.noarch.rpm firewalld-filesystem-0.5.3-5.el7.noarch.rpm python-firewall-0.5.3-5.el7.noarch.rpm
and then lock firewalld from yum feature updates:
yum -y install yum-versionlock
yum versionlock firewalld firewalld-filesystem python-firewall
you can find more info in this thread.
I was following this guide to setup tomcat on Ubuntu 16.04.2 LTS Xenial (https://www.digitalocean.com/community/tutorials/how-to-install-apache-tomcat-8-on-ubuntu-16-04).
Got to the point of the first launch:
sudo systemctl start tomcat
and received an error:
~$ sudo systemctl start tomcat
Job for tomcat.service failed because the control process exited with error code. See "systemctl status tomcat.service" and "journalctl -xe" for details.
journalctl -xe
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit tomcat.service has begun starting up.
Feb 27 15:23:42 76672.local startup.sh[20551]: Tomcat started.
Feb 27 15:23:42 76672.local shutdown.sh[20563]: $CATALINA_PID was set but the specified file does not exist. Is Tomcat running? Stop aborted.
Feb 27 15:23:42 76672.local systemd[1]: tomcat.service: Control process exited, code=exited status=1
Feb 27 15:23:42 76672.local systemd[1]: Failed to start Tomcat 9 servlet container.
-- Subject: Unit tomcat.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit tomcat.service has failed.
--
-- The result is failed.
CATALINA_PID expected to be in a directory /opt/tomcat/latest/temp/tomcat.pid
I gave rights to do everyone for everything for this dir /opt/tomcat and all subfolders/files:
~$ namei -l /opt/tomcat
f: /opt/tomcat
drwxr-xr-x root root /
drwxr-xr-x root root opt
drwxrwxrwx tomcat tomcat tomcat
Does anyone can point me to the possible solutions?
UPD:
Using bin/startup.sh Tomcat successfully starts.
When you use CATALINA_PID in tomcat.service file please make sure to use the path inside of the double-quotes.
Environment="CATALINA_PID=/opt/tomcat/latest/temp/tomcat.pid"
Like below
[Unit]
Description=Tomcat 9 servlet container
After=network.target
[Service]
Type=forking
User=tomcat
Group=tomcat
Environment="/usr/lib/jvm/java-1.8.0-openjdk-amd64"
Environment="JAVA_OPTS=-Djava.security.egd=file:///dev/urandom -Djava.awt.headless=true"
Environment="CATALINA_BASE=/opt/tomcat/"
Environment="CATALINA_HOME=/opt/tomcat/"
Environment="CATALINA_PID=/opt/tomcat/temp/tomcat.pid"
Environment="CATALINA_OPTS=-Xms512M -Xmx1024M -server -XX:+UseParallelGC"
ExecStart=/opt/tomcat/bin/startup.sh
ExecStop=/opt/tomcat/bin/shutdown.sh
[Install]
WantedBy=multi-user.target
congratulations!
im try to install phpmyadmin on centos 7 with digitalocean droplet.i edited allow IP to dynamic any IP.but when i try to restart the service,i got this message.
[root#centos-512mb-nyc2-01 /]# sudo systemctl restart httpd.service
Job for httpd.service failed because the control process exited with error code. See "systemctl status httpd.service" and "journalctl -xe" for details.
here is the result after run systemctl status httpd.service
[root#centos /]# systemctl status httpd.service
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Tue 2016-04-26 04:47:31 EDT; 1min 50s ago
Docs: man:httpd(8)
man:apachectl(8)
Process: 2633 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited, status=1/FAILURE)
Process: 2632 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND (code=exited, status=1/FAILURE)
Main PID: 2632 (code=exited, status=1/FAILURE)
Apr 26 04:47:31 centos-512mb-nyc2-01 systemd[1]: Starting The Apache HTTP Server...
Apr 26 04:47:31 centos-512mb-nyc2-01 httpd[2632]: AH00526: Syntax error on line 1 of /etc/httpd/conf.d/phpMyAdmin.conf:
Apr 26 04:47:31 centos-512mb-nyc2-01 httpd[2632]: allow not allowed here
Apr 26 04:47:31 centos-512mb-nyc2-01 systemd[1]: httpd.service: main process exited, code=exited, status=1/FAILURE
Apr 26 04:47:31 centos-512mb-nyc2-01 kill[2633]: kill: cannot find process ""
Apr 26 04:47:31 centos-512mb-nyc2-01 systemd[1]: httpd.service: control process exited, code=exited status=1
Apr 26 04:47:31 centos-512mb-nyc2-01 systemd[1]: Failed to start The Apache HTTP Server.
Apr 26 04:47:31 centos-512mb-nyc2-01 systemd[1]: Unit httpd.service entered failed state.
Apr 26 04:47:31 centos-512mb-nyc2-01 systemd[1]: httpd.service failed.
here is my http file
Allow from# phpMyAdmin - Web based MySQL browser written in php
#
# Allows only localhost by default
#
# But allowing phpMyAdmin to anyone other than localhost should be considered
# dangerous unless properly secured by SSL
Alias /phpMyAdmin /usr/share/phpMyAdmin
Alias /phpmyadmin /usr/share/phpMyAdmin
<Directory /usr/share/phpMyAdmin/>
AddDefaultCharset UTF-8
<IfModule mod_authz_core.c>
# Apache 2.4
<RequireAny>
#Require ip 127.0.0.1
Require all granted
#Require ip ::1
</RequireAny>
</IfModule>
<IfModule !mod_authz_core.c>
# Apache 2.2
Order Deny,Allow
Deny from All
Allow from 127.0.0.1
Allow from ::1
</IfModule>
</Directory>
<Directory /usr/share/phpMyAdmin/setup/>
<IfModule mod_authz_core.c>
# Apache 2.4
<RequireAny>
Why don't you use the one click Application Image that Digital Ocean offers?
You can get the full tutorial here
I am trying to change the default port of openldap (not so experienced with openldap so I might be doing something incorrectly).
Currently I am installing it through yum package manager on CentOS 7.1.1503 as follows :
yum install openldap-servers
After installing 'openldap-servers' I can start the openldap server by invoking service slapd start
however when I try to change the port by editing /etc/sysconfig/slapd for instance by changing SLAPD_URLS to the following :
# OpenLDAP server configuration
# see 'man slapd' for additional information
# Where the server will run (-h option)
# - ldapi:/// is required for on-the-fly configuration using client tools
# (use SASL with EXTERNAL mechanism for authentication)
# - default: ldapi:/// ldap:///
# - example: ldapi:/// ldap://127.0.0.1/ ldap://10.0.0.1:1389/ ldaps:///
SLAPD_URLS="ldapi:/// ldap://127.0.0.1:3421/"
# Any custom options
#SLAPD_OPTIONS=""
# Keytab location for GSSAPI Kerberos authentication
#KRB5_KTNAME="FILE:/etc/openldap/ldap.keytab"
(see SLAPD_URLS="ldapi:/// ldap://127.0.0.1:3421/" )..
it is failing to start
service slapd start
Redirecting to /bin/systemctl start slapd.service
Job for slapd.service failed. See 'systemctl status slapd.service' and 'journalctl -xn' for details.
service slapd status
Redirecting to /bin/systemctl status slapd.service
slapd.service - OpenLDAP Server Daemon
Loaded: loaded (/usr/lib/systemd/system/slapd.service; disabled)
Active: failed (Result: exit-code) since Fri 2015-07-31 07:49:06 EDT; 10s ago
Docs: man:slapd
man:slapd-config
man:slapd-hdb
man:slapd-mdb
file:///usr/share/doc/openldap-servers/guide.html
Process: 41704 ExecStart=/usr/sbin/slapd -u ldap -h ${SLAPD_URLS} $SLAPD_OPTIONS (code=exited, status=1/FAILURE)
Process: 41675 ExecStartPre=/usr/libexec/openldap/check-config.sh (code=exited, status=0/SUCCESS)
Main PID: 34363 (code=exited, status=0/SUCCESS)
Jul 31 07:49:06 osboxes runuser[41691]: pam_unix(runuser:session): session opened for user ldap by (uid=0)
Jul 31 07:49:06 osboxes runuser[41693]: pam_unix(runuser:session): session opened for user ldap by (uid=0)
Jul 31 07:49:06 osboxes runuser[41695]: pam_unix(runuser:session): session opened for user ldap by (uid=0)
Jul 31 07:49:06 osboxes runuser[41697]: pam_unix(runuser:session): session opened for user ldap by (uid=0)
Jul 31 07:49:06 osboxes runuser[41699]: pam_unix(runuser:session): session opened for user ldap by (uid=0)
Jul 31 07:49:06 osboxes runuser[41701]: pam_unix(runuser:session): session opened for user ldap by (uid=0)
Jul 31 07:49:06 osboxes slapd[41704]: #(#) $OpenLDAP: slapd 2.4.39 (Mar 6 2015 04:35:49) $
mockbuild#worker1.bsys.centos.org:/builddir/build/BUILD/openldap-2.4.39/openldap-2.4.39/servers/slapd
Jul 31 07:49:06 osboxes systemd[1]: slapd.service: control process exited, code=exited status=1
Jul 31 07:49:06 osboxes systemd[1]: Failed to start OpenLDAP Server Daemon.
Jul 31 07:49:06 osboxes systemd[1]: Unit slapd.service entered failed state.
ps I also disabled firewalld
the solution was provided when I ran journalctl -xn which basically says:
SELinux is preventing /usr/sbin/slapd from name_bind access on the tcp_socket port 9312.
***** Plugin bind_ports (92.2 confidence) suggests ************************
If you want to allow /usr/sbin/slapd to bind to network port 9312
Then you need to modify the port type.
Do
# semanage port -a -t ldap_port_t -p tcp 9312
***** Plugin catchall_boolean (7.83 confidence) suggests ******************
If you want to allow nis to enabled
Then you must tell SELinux about this by enabling the 'nis_enabled' boolean.
You can read 'None' man page for more details.
Do
setsebool -P nis_enabled 1
***** Plugin catchall (1.41 confidence) suggests **************************
If you believe that slapd should be allowed name_bind access on the port 9312 tcp_socket by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# grep slapd /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp