[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: httpd run directory permissions in F12/11



On 29/10/09 11:29, Clodoaldo Neto wrote:
I've been using Fedora 10 and while trying F12 beta I noticed a
problem in the httpd run directory permission. Then I tried F11 and
the same problem happens:

[Wed Oct 28 12:05:02 2009] [notice] Apache/2.2.13 (Unix) DAV/2
PHP/5.2.9 mod_python/3.3.1 Python/2.6 mod_ssl/2.2.13
OpenSSL/0.9.8k-fips mod_wsgi/2.6 mod_perl/2.0.4 Perl/v5.10.0
configured -- resuming normal operations
[Wed Oct 28 12:05:09 2009] [error] [client 10.0.2.15] (13)Permission
denied: mod_wsgi (pid=2722): Unable to connect to WSGI daemon process
'mygroup' on '/etc/httpd/run/wsgi.2692.0.1.sock' after multiple
attempts.

The problem is that until F10 the httpd socket directory was /var/run/
and in F11 and F12 it is /var/run/httpd:

# ll /etc/httpd/run
lrwxrwxrwx. 1 root root 19 2009-10-28 11:04 /etc/httpd/run ->
../../var/run/httpd

# ll -d /var/run/httpd
drwx------. 2 root root 4096 2009-10-28 11:51 /var/run/httpd

# ll -d /var/run
drwxr-xr-x. 31 root root 4096 2009-10-28 11:35 /var/run

# ll /var/run/httpd/
total 4
-rw-r--r--. 1 root   root 5 2009-10-28 12:05 httpd.pid
srwx------. 1 apache root 0 2009-10-28 12:05 wsgi.2692.0.1.sock

That can break some apache modules like mod_wsgi which rely on sockets.

Any of these solve the problem:

# chmod o+x /var/run/httpd
# chown apache.root /var/run/httpd

Is there a reason for the /var/run/httpd permissions to be as in
F11/12 ? Is it necessary to have the user intervention to fix it? I
have posted at the mod_wsgi list:

http://groups.google.com/group/modwsgi/t/c5f5abc122088478

I had exactly the same problem with mod_fcgid and ended up creating a separate socket directory /var/run/mod_fcgid with appropriate permissions instead of following /etc/httpd/run.

If you create a directory matching /var/run/mod_.* with suitable permissions and include that directory in your package then it should get the right SELinux context set so that it will work out of the box.

Paul.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]