[Solved] httpd vs. avahi and SELinux in Fedora 11

Steven F. LeBrun steven at lebruns.com
Mon Jul 13 21:34:25 UTC 2009 

On 07/13/2009 09:02 AM, Daniel J Walsh wrote:
> On 07/11/2009 07:06 PM, Steven F. LeBrun wrote:
>    
>> After doing a clean install of Fedora 11, the Apache webserver, httpd
>> 2.2.11, is failing.  The error log [see below] shows that all the httpd
>> children are killing themselves with Segmentation faults.
>>
>> Httpd was working fine in Fedora 10, same laptop and I started with a
>> fresh install of Apache's httpd using the RPM provided for Fedora 11.
>> At first I thought that maybe it is an SELinux problem.  Then I noticed
>> in the error_log the following line:
>>
>>      [error] avahi_entry_group_add_service_strlst("tardis") failed: Local
>> name collision
>>
>> The FQHN of my laptop where I am trying to run httpd is
>> tardis.home.lebruns.com
>>
>> Question 1:  Is the segmentation faults due to an SELinux policy issue?
>> I checked the files that should be displayed and their security context
>> looks correct.  Is there a problem displayed in the first error log line
>> where it states:
>>
>>    SELinux policy enabled; httpd running as context
>> unconfined_u:system_r:httpd_t:s0
>>
>> Question 2:  Any ideas of what is causing the avahi error message?  What
>> causes a "Local name collision"?  None of the configuration files
>> specify the host name that httpd is running on.  [Setting ServiceName
>> did not change anything.]
>>
>> Error Log:
>> [Sat Jul 11 18:50:26 2009] [notice] SELinux policy enabled; httpd
>> running as context unconfined_u:system_r:httpd_t:s0
>> [Sat Jul 11 18:50:26 2009] [notice] suEXEC mechanism enabled (wrapper:
>> /usr/sbin/suexec)
>> [Sat Jul 11 18:50:26 2009] [notice] Digest: generating secret for digest
>> authentication ...
>> [Sat Jul 11 18:50:26 2009] [notice] Digest: done
>> [Sat Jul 11 18:50:26 2009] [notice] mod_python: Creating 4 session
>> mutexes based on 256 max processes and 0 max threads.
>> [Sat Jul 11 18:50:26 2009] [notice] mod_python: using mutex_directory /tmp
>> [Sat Jul 11 18:50:27 2009] [error]
>> avahi_entry_group_add_service_strlst("tardis") failed: Local name collision
>> [Sat Jul 11 18:50:27 2009] [notice] Apache/2.2.11 (Unix) DAV/2
>> mod_mono/2.4 mod_nss/2.2.11 NSS/3.12.2.0 PHP/5.2.9 mod_python/3.3.1
>> Python/2.6 mod_ssl/2.2.11 OpenSSL/0.9.8k-fips mod_perl/2.0.4
>> Perl/v5.10.0 configured -- resuming normal operations
>> [Sat Jul 11 18:50:27 2009] [notice] child pid 10956 exit signal
>> Segmentation fault (11)
>> [Sat Jul 11 18:50:27 2009] [notice] child pid 10957 exit signal
>> Segmentation fault (11)
>> ...
>> The exit signal Segmentation fault (11) repeats ad nausium until httpd
>> is stopped.
>>
>> Any help and/or suggestions will be appreciated.
>>
>>      
> Does this happen if SELinux is in permissive mode?  Is selinux reporting errors in the /var/log/audit/audit.log?
>
> # getsebool -a | grep avahi
> httpd_dbus_avahi -->  on
>
> THe only avahi/dbus boolean is defined above.
>
>
>    

It turns out that the solution to my problem appeared in another thread, 
posted after my original posting.  [See: "httpd segfault" thread started 
by Jameson.]

         On 07/12/2009 03:18 PM, Jameson wrote:

     As soon as I finally decide to ask, I find the solution:
     https://bugzilla.redhat.com/show_bug.cgi?id=502133

The problem was not with avahi or SELinux but with the nss module.  Renaming the nss.conf file to nss.conf.no (in /etc/httpd/conf.d/) so that it does not load, solved my problem.

The nss.conf file was placed in the /etc/httpd/conf.d/ directory by the rpm file that installed the Apache httpd server.


-- 
   Steven F. LeBrun

Quote: /"Behold the lowly turtle," the astronaut had quoted. "He only 
makes progress when he sticks his neck out."/
      -- Ben Bova, from /"Return to Mars"/

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20090713/d0015534/attachment-0001.htm>

More information about the fedora-list mailing list