[Solved] httpd vs. avahi and SELinux in Fedora 11
Steven F. LeBrun
steven at lebruns.com
Mon Jul 13 21:34:25 UTC 2009
On 07/13/2009 09:02 AM, Daniel J Walsh wrote:
> On 07/11/2009 07:06 PM, Steven F. LeBrun wrote:
>
>> After doing a clean install of Fedora 11, the Apache webserver, httpd
>> 2.2.11, is failing. The error log [see below] shows that all the httpd
>> children are killing themselves with Segmentation faults.
>>
>> Httpd was working fine in Fedora 10, same laptop and I started with a
>> fresh install of Apache's httpd using the RPM provided for Fedora 11.
>> At first I thought that maybe it is an SELinux problem. Then I noticed
>> in the error_log the following line:
>>
>> [error] avahi_entry_group_add_service_strlst("tardis") failed: Local
>> name collision
>>
>> The FQHN of my laptop where I am trying to run httpd is
>> tardis.home.lebruns.com
>>
>> Question 1: Is the segmentation faults due to an SELinux policy issue?
>> I checked the files that should be displayed and their security context
>> looks correct. Is there a problem displayed in the first error log line
>> where it states:
>>
>> SELinux policy enabled; httpd running as context
>> unconfined_u:system_r:httpd_t:s0
>>
>> Question 2: Any ideas of what is causing the avahi error message? What
>> causes a "Local name collision"? None of the configuration files
>> specify the host name that httpd is running on. [Setting ServiceName
>> did not change anything.]
>>
>> Error Log:
>> [Sat Jul 11 18:50:26 2009] [notice] SELinux policy enabled; httpd
>> running as context unconfined_u:system_r:httpd_t:s0
>> [Sat Jul 11 18:50:26 2009] [notice] suEXEC mechanism enabled (wrapper:
>> /usr/sbin/suexec)
>> [Sat Jul 11 18:50:26 2009] [notice] Digest: generating secret for digest
>> authentication ...
>> [Sat Jul 11 18:50:26 2009] [notice] Digest: done
>> [Sat Jul 11 18:50:26 2009] [notice] mod_python: Creating 4 session
>> mutexes based on 256 max processes and 0 max threads.
>> [Sat Jul 11 18:50:26 2009] [notice] mod_python: using mutex_directory /tmp
>> [Sat Jul 11 18:50:27 2009] [error]
>> avahi_entry_group_add_service_strlst("tardis") failed: Local name collision
>> [Sat Jul 11 18:50:27 2009] [notice] Apache/2.2.11 (Unix) DAV/2
>> mod_mono/2.4 mod_nss/2.2.11 NSS/3.12.2.0 PHP/5.2.9 mod_python/3.3.1
>> Python/2.6 mod_ssl/2.2.11 OpenSSL/0.9.8k-fips mod_perl/2.0.4
>> Perl/v5.10.0 configured -- resuming normal operations
>> [Sat Jul 11 18:50:27 2009] [notice] child pid 10956 exit signal
>> Segmentation fault (11)
>> [Sat Jul 11 18:50:27 2009] [notice] child pid 10957 exit signal
>> Segmentation fault (11)
>> ...
>> The exit signal Segmentation fault (11) repeats ad nausium until httpd
>> is stopped.
>>
>> Any help and/or suggestions will be appreciated.
>>
>>
> Does this happen if SELinux is in permissive mode? Is selinux reporting errors in the /var/log/audit/audit.log?
>
> # getsebool -a | grep avahi
> httpd_dbus_avahi --> on
>
> THe only avahi/dbus boolean is defined above.
>
>
>
It turns out that the solution to my problem appeared in another thread,
posted after my original posting. [See: "httpd segfault" thread started
by Jameson.]
On 07/12/2009 03:18 PM, Jameson wrote:
As soon as I finally decide to ask, I find the solution:
https://bugzilla.redhat.com/show_bug.cgi?id=502133
The problem was not with avahi or SELinux but with the nss module. Renaming the nss.conf file to nss.conf.no (in /etc/httpd/conf.d/) so that it does not load, solved my problem.
The nss.conf file was placed in the /etc/httpd/conf.d/ directory by the rpm file that installed the Apache httpd server.
--
Steven F. LeBrun
Quote: /"Behold the lowly turtle," the astronaut had quoted. "He only
makes progress when he sticks his neck out."/
-- Ben Bova, from /"Return to Mars"/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20090713/d0015534/attachment-0001.htm>
More information about the fedora-list
mailing list