graceful restart of httpd, configured by Chef - apache

I configured httpd with Chef via community httpd recipe.
https://github.com/chef-cookbooks/httpd
httpd_service "default" do
action [:create, :start]
end
After executing above code, sudo service httpd-default graceful gives the following error:
httpd: apr_sockaddr_info_get() failed for web01
httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName
httpd not running, trying to start
(98)Address already in use: make_sock: could not bind to address [::]:80
(98)Address already in use: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
Unable to open logs
sudo service httpd-default status says httpd is running.
How can I gracefully restart httpd manually?
My target server is CentOS 6.6.

sudo apachectl -f /etc/httpd-default/conf/httpd.conf -k graceful
this command resolved my problem.

Related

apache not working httpd lightsail instance lamp bitnami

When I restart my instance in lightsail I get the "apache server not running". When I run the command
sudo /opt/bitnami/ctlscript.sh restart
I get this error:
Syntax OK
/opt/bitnami/apache2/scripts/ctl.sh : apache not running
/opt/bitnami/php/scripts/ctl.sh : php-fpm stopped
/opt/bitnami/mysql/scripts/ctl.sh : mysql stopped
/opt/bitnami/mysql/scripts/ctl.sh : mysql started at port 3306
/opt/bitnami/php/scripts/ctl.sh : php-fpm started
Syntax OK
(98)Address already in use: AH00073: make_sock: unable to listen for connections on address
[::]:443
(98)Address already in use: AH00073: make_sock: unable to listen for connections on address 0.0.0.0:443
no listening sockets available, shutting down
AH00015: Unable to open logs
/opt/bitnami/apache2/scripts/ctl.sh : httpd could not be started
I' m blocked, I don't know what can I do; all websites are down and I get the error ERR_SSL_PROTOCOL_ERROR when I want to redirect to all my websites.
sudo netstat -ltnp | grep ':80'
tcp6 0 0 :::80 :::* LISTEN 1584/httpd
sudo kill -9 1584
sudo /opt/bitnami/ctlscript.sh restart apache
Repeat the command until you kill all conflicting processes

Apache server not starting 'Address already in use' ERROR (98)

I've been trying for the past few days to solve this issue in several different ways and got no results.
Below is a copy of all the last commands i ran trying to gather more info about the issue:
2019 from 181.167.101.245 bitnami#ip-172-31-2-74:~$ sudo service
apache2 restart
* Restarting web server apache2
(98)Address already in use: AH00072: make_sock: could not bind to
address [::]:8
0
(98)Address already in use: AH00072: make_sock: could not bind to
address 0.0.0.
0:80
no listening sockets available, shutting down
AH00015: Unable to open logs
Action 'start' failed.
The Apache error log may have more information. > [fail]
* The apache2 instance did not start within 20 seconds.
Please read the log files to discover problems
bitnami#ip-172-31-2-74:~$ sudo netstat -nlp |
grep 80
tcp6 0 0 :::80 :::*
LISTEN
13456/httpd.bin unix 2 [ ACC ] SEQPACKET LISTENING 1680
402/systemd-udevd /run/udev/control
Any kind of help will be greatly appreciated and let me know if additional information is needed.
As always thanks in advance.
Bitnami Engineer here,
If you are using a Bitnami ready-to-use instance with any of our applications, they usually include Apache to serve the application. In case you perform any change in the Apache's configuration files inside the /opt/bitnami directory, you need to restart the Apache's service by using the ctlscript.sh file we provide.
sudo /opt/bitnami/ctlscript.sh
You can learn more about it here:
https://docs.bitnami.com/aws/faq/administration/control-services/

apache server not restarting in ubuntu 14.04

When I am trying to restart the apache2 services with sudo service apache2 restart command, I am getting this error.
(98)Address already in use: AH00072: make_sock: could not bind to
address [::]:80 (98)Address already in use: AH00072: make_sock: could
not bind to address 0.0.0.0:80 no listening sockets available,
shutting down AH00015: Unable to open logs Action 'start' failed. The
Apache error log may have more information.
So I added ServerName localhost in my apache2.conf file and then tried to restart the apache2 service. I am getting the same above error.
Please help.
There are two reasons why this problem exists:
1. Multiple ‘Listen’ Directive Entries Existing in Configuration Files. (Solution below)
Hit grep Listen /etc/apache2/ports.conf
Check if you are getting something like:
Listen 80
Listen 81
Listen 80
Listen 443
Listen 443
The error log could not bind to address 0.0.0.0:80 mentions its an issue with the port 80. Hence edit the file and remove the duplicate.
2. Another Process is Already Using Port 80
Hit : fuser -n tcp 80 along with ps aux | grep PID or hit
ss -plnt sport eq :80
and kill the processes.
You probably have a process that's still using it. You can do
pidof apache2
The last pid in the list is the main process you can kill.
or you can do
netstat -anp | grep :80 | grep -i listen
Then on the right hand side of the line, that it outputs you'll see the PID.
or you can do
lsof -i :80
Then the top apache process is the one you'll want to kill. Which is the number in the 2nd column output.
Then whenver you have the main pid from one of these commands use this.
kill -9 <pid> e.g. kill -9 12345

httpd Server not started: (13)Permission denied: make_sock: could not bind to address [::]:88

I am trying to start httpd server on centos 6. It throws following error :
[root#machine ~]# service httpd start
Starting httpd: (13)Permission denied: make_sock: could not bind to address [::]:88
(13)Permission denied: make_sock: could not bind to address 0.0.0.0:88
no listening sockets available, shutting down
Unable to open logs
[FAILED]
I have also checked for port 88, It is not is use.
I also checked with semanage, but it didn't help.
Any help will be appreciated.
I happened to run into this problem because of missing SELinux permissions. By default, SELinux only allowed apache/httpd to bind to the following ports:
80, 81, 443, 488, 8008, 8009, 8443, 9000
So binding to my httpd.conf-configured Listen 88 HTTP port and config.d/ssl.conf-configured Listen 8445 TLS/SSL port would fail with that default SELinux configuration.
To fix my problem, I had to add ports 88 and 8445 to my system's SELinux configuration:
Install semanage tools: sudo yum -y install policycoreutils-python
Allow port 88 for httpd: sudo semanage port -a -t http_port_t -p tcp 88
Allow port 8445 for httpd: sudo semanage port -a -t http_port_t -p tcp 8445
Seems like you are running it not as "root". Only root can bind to this port (80).
Check your configuration in the conf/httpd.conf file, Listen line and change the port to higher one.
This is an addition to the answer by Abdull somewhere in this thread:
I had to modify instead of adding a port
semanage port -m -t http_port_t -p tcp 5000
because I get this error on adding the port
ValueError: Port tcp/5000 already defined
At terminal run this command with root permission:
sudo /etc/init.d/apache2 start
You must be root for starting a webserver otherwise you would get similar error.
With my centos 6.7 installation, not only did I have the problem starting httpd with root but also with xauth (getting /usr/bin/xauth: timeout in locking authority file /.Xauthority with underlying permission denied errors)
# setenforce 0
Fixed both issues.
Disable SELinux
Disable SELinux temporarily
sudo setenforce 0
Restart httpd service
service httpd restart
Disable SELinux persistently (after reboot)
vi /etc/selinux/config
Add line and save
SELINUX=disabled
In my case, I tried to first use port 88 instead, and even then the httpd won't start.
I used the below command, i.e. modify instead of add, as suggested by one of users, and was able to run httpd.
semanage port -a -t http_port_t -p tcp 88
after disable SELINUX, any port is aviable.
sudo -s;
setenforce 0;
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config;
In Linux(Centos 6 or higher) ports from 0 to 1024 are reserved for system use.
you can force the system to bind to address any port lower than 1024 if you use root or privileged user.
I installed Apache-2.4 from source with non-root user and I solved this problem by allowing port higher than 1024(ex:8080) and modified http.conf file. chang Listen 80 to Listen 8080
I had similar error while trying to start httpd service for openstack train installation in RHEL 7.5 too.
-- Unit httpd.service has begun starting up.
Jan 31 10:11:16 controller httpd[1631]: (13)Permission denied: AH00072: make_sock: could not bind to address 10.0.0.11:5000
Jan 31 10:11:16 controller httpd[1631]: no listening sockets available, shutting down
Jan 31 10:11:16 controller httpd[1631]: AH00015: Unable to open logs
Jan 31 10:11:16 controller systemd[1]: httpd.service: main process exited, code=exited, status=1/FAILURE
Jan 31 10:11:16 controller kill[1632]: kill: cannot find process ""
Jan 31 10:11:16 controller systemd[1]: httpd.service: control process exited, code=exited status=1
Jan 31 10:11:16 controller systemd[1]: Failed to start The Apache HTTP Server.
-- Subject: Unit httpd.service has failed
Solution: It got resolved by disabling SElinux.
I edited /etc/selinux/config, set SELINUX=disabled, then reboot; then it worked.
Alternately, you can run setenforce 0; you don't need reboot, but this is once used.
Just to add more info about this error, I had the similar error on CentOS 8.2:
sudo journalctl -xe
Error:
Permission denied: AH00072: make_sock: could not bind to address 0.0.0.0:8081
So, I used the commands from Abdull and Ulrich-Lorenz Schlüter as a follow:
Install semanage tools for CentOS 8.2: sudo yum -y install policycoreutils-python-utils
(For more info: https://www.cyberciti.biz/faq/redhat-install-semanage-selinux-command-rpm )
Allow port 8081 for httpd: sudo semanage port -a -t http_port_t -p tcp 8081
I got the following output: ValueError: Port tcp/8081 already defined
So, I ran:
sudo semanage port -m -t http_port_t -p tcp 8081
As Ulrich-Lorenz Schlüter mentioned.
Then: sudo systemctl start httpd
Now it is working fine.
The actual solution here is to modify the existing port if it exists. For instance, when:
semanage port -a -t http_port_t -p tcp 88
ends up with:
ValueError: Port tcp/88 already defined
then it's very likely the port is having a different type, and to modify it, simply use:
semanage port -m -t http_port_t -p tcp 88
and then, you need to open that port via firewall-cmd if has been closed in your zone.
Also: disabling SELinux is a potential security vulnerability, don't do this on production instances!
Start with root user or with sudo, it works fine, here is sample output:
[ec2-user#ip-172-31-12-164 ~]$ service httpd start
Starting httpd: (13)Permission denied: make_sock: could not bind to address [::]:80
(13)Permission denied: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
Unable to open logs
**[FAILED]**
[ec2-user#ip-172-31-12-164 ~]$ sudo service httpd start
Starting httpd: [ OK ]
[ec2-user#ip-172-31-12-164 ~]$ sudo service httpd status
httpd (pid 3077) is running...
First kill all the hanged instances of httpd, and then try restarting Apache:
service httpd restart

Can't restart apache (98)Address already in use, even after I kill process

I'm unable to (re)start apache because port 80 is already in use:
[root#out-dev log]# service httpd start
Starting httpd: httpd: Could not reliably determine the server's fully qualified domain name, using <ip> for ServerName
(98)Address already in use: make_sock: could not bind to address [::]:80
(98)Address already in use: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
Unable to open logs
[FAILED]
So I tried identifying the process which was using port 80:
[root#out-dev log]# netstat -npl | grep ':80'
tcp 0 0 :::80 :::* LISTEN 3840/httpd
It's httpd! That's odd to me because the service httpd is apparently not running:
[root#out-dev log]# service httpd status
httpd is stopped
Anyway, I tried killing the process, but as soon as I do, a new process appears, taking control of port 80. And all the while, service httpd status indicates that httpd is not running.
[root#out-dev log]# kill -9 3840
[root#out-dev log]# netstat -npl | grep ':80'
tcp 0 0 :::80 :::* LISTEN 3842/httpd