"cannot restore segment prot after reloc"
Dominick Grift
domg472 at gmail.com
Wed Jun 24 19:55:37 UTC 2009
On Wed, 2009-06-24 at 12:01 -0700, John Oliver wrote:
> [root at ucore-web ~]# service httpd configtest
> httpd: Syntax error on line 209 of /etc/httpd/conf/httpd.conf: Syntax
> error on line 1 of /etc/httpd/conf.d/valicert.conf: Cannot load
> /etc/httpd/modules/vcapache.so into server:
> /etc/httpd/modules/vcapache.so: cannot restore segment prot after reloc:
> Permission denied
> [root at ucore-web ~]# ls -lZ /etc/httpd/modules/vcapache.so
> -rwxr-xr-x root root system_u:object_r:httpd_modules_t
> /etc/httpd/modules/vcapache.so
>
> I used chcon to make vcapache.so have the same attributes as other
> Apache modules...
>
> -rwxr-xr-x root root system_u:object_r:httpd_modules_t mod_userdir.so
> -rwxr-xr-x root root system_u:object_r:httpd_modules_t mod_usertrack.so
> -rwxr-xr-x root root system_u:object_r:httpd_modules_t mod_version.so
> -rwxr-xr-x root root system_u:object_r:httpd_modules_t
> mod_vhost_alias.so
> -rwxr-xr-x root root system_u:object_r:httpd_modules_t vcapache.so
>
> How to fix? Googling results in a thousand suggestions to disable
> SELinux and a couple to "chcon -t texrel_shlib_t" which did not work for
> me.
>
Why did "chcon -t textrel_shlib_t /etc/httpd/modules/vcapache.so" not
work? Can you show us AVC denials?
You can retrieve AVC denials with the "ausearch -m avc -ts today"
command.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-selinux-list/attachments/20090624/134eb5c0/attachment.sig>
More information about the fedora-selinux-list
mailing list