본문 바로가기

아파치(Httpd) (13)permission denied 오류 처리방법

반응형

root권한으로 아파치 실행 시 아파치(httpd) 포트번호가 1024보다 크면 에러가 발생하면서 실행이 되지 않습니다.

그럼 상태를 확인해 보겠습니다.

[root@localhost init.d]# systemctl status httpd.service

httpd.service - The Apache HTTP Server

   Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)

   Active: failed (Result: exit-code) since 2019-12-17 13:51:21 KST; 18s ago

     Docs: man:httpd(8)

           man:apachectl(8)

  Process: 5368 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited, status=1/FAILURE)

  Process: 5362 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND (code=exited, status=1/FAILURE)

 Main PID: 5362 (code=exited, status=1/FAILURE)

 

12 17 13:51:20 localhost.localdomain httpd[5362]: (13)Permission denied: AH00072: make_sock: could not bind to address [::]:7706

12 17 13:51:20 localhost.localdomain httpd[5362]: (13)Permission denied: AH00072: make_sock: could not bind to address 0.0.0.0:7706

12 17 13:51:20 localhost.localdomain httpd[5362]: no listening sockets available, shutting down

12 17 13:51:20 localhost.localdomain httpd[5362]: AH00015: Unable to open logs

12 17 13:51:20 localhost.localdomain systemd[1]: httpd.service: main process exited, code=exited, status=1/FAILURE

12 17 13:51:21 localhost.localdomain kill[5368]: kill: cannot find process ""

12 17 13:51:21 localhost.localdomain systemd[1]: httpd.service: control process exited, code=exited status=1

12 17 13:51:21 localhost.localdomain systemd[1]: Failed to start The Apache HTTP Server.

12 17 13:51:21 localhost.localdomain systemd[1]: Unit httpd.service entered failed state.

12 17 13:51:21 localhost.localdomain systemd[1]: httpd.service failed.

[root@localhost init.d]# systemctl status httpd.service

● httpd.service - The Apache HTTP Server

   Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)

   Active: failed (Result: exit-code) since 화 2019-12-17 13:51:21 KST; 18s ago

     Docs: man:httpd(8)

           man:apachectl(8)

  Process: 5368 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited, status=1/FAILURE)

  Process: 5362 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND (code=exited, status=1/FAILURE)

 Main PID: 5362 (code=exited, status=1/FAILURE)

 

12월 17 13:51:20 localhost.localdomain httpd[5362]: (13)Permission denied: AH00072: make_sock: could not bind to address [::]:7706

12월 17 13:51:20 localhost.localdomain httpd[5362]: (13)Permission denied: AH00072: make_sock: could not bind to address 0.0.0.0:7706

12월 17 13:51:20 localhost.localdomain httpd[5362]: no listening sockets available, shutting down

12월 17 13:51:20 localhost.localdomain httpd[5362]: AH00015: Unable to open logs

12월 17 13:51:20 localhost.localdomain systemd[1]: httpd.service: main process exited, code=exited, status=1/FAILURE

12월 17 13:51:21 localhost.localdomain kill[5368]: kill: cannot find process ""

12월 17 13:51:21 localhost.localdomain systemd[1]: httpd.service: control process exited, code=exited status=1

12월 17 13:51:21 localhost.localdomain systemd[1]: Failed to start The Apache HTTP Server.

12월 17 13:51:21 localhost.localdomain systemd[1]: Unit httpd.service entered failed state.

12월 17 13:51:21 localhost.localdomain systemd[1]: httpd.service failed.

 

이렇게 나오는 이유는 SELinux 정책 때문에 발생하게 됩니다.

그러므로 SELinux를 멈추고 httpd를 실행한 후 다시 SELinux를 시작하거나….(대신 나중에 restart 할때 같은 에러가 또 발생하게 됩니다.)

# setenforce 0                 

# systemctl restart httpd.service

# setenforce 1

 

semanage를 이용해서 SELinux 설정을 변경하도록 하겠습니다.

semanage가 없으면 먼저 설치를 하시면 됩니다.(#yum list policycoreutils-python)

 

먼저 사용할 포트가 http포트로 지정되어 있는지 확인합니다.

[root@localhost init.d]# semanage port -m -t http_port_t -p tcp 7706

ValueError: 포트 @tcp/7706가 지정되어 있지 않습니다

 

해당포트가 지정되어 있지 않으므로 해당 포트를 추가합니다.

# semange port -a -t http_port_t -p tcp 7706

 

등록내역을 확인합니다.

[root@localhost init.d]# semanage port -l | grep http

http_cache_port_t              tcp      8080, 8118, 8123, 10001-10010

http_cache_port_t              udp      3130

http_port_t                    tcp      7706, 80, 81, 443, 488, 8008, 8009, 8443, 9000

pegasus_http_port_t            tcp      5988

pegasus_https_port_t           tcp      5989

 

그리고 아파치를 다시 시작하면 정상적으로 실행됩니다.

# systemctl restart httpd.service