[olug] Apache will no longer run in Red Hat after a reboot

T. J. Brumfield enderandrew at gmail.com
Tue Jan 27 14:14:08 CST 2015


I'm also wondering if I can take his existing setup serving SSL over
mod_nss and just disable that. Should I be able to get SSL working with
mod_ssl alone?

I tried briefly disabling mod_nss and then apache will start for him, but
he has a redirect to HTTPS on his site (as he should) and SSL isn't working
without mod_nss currently.

On Tue, Jan 27, 2015 at 2:11 PM, T. J. Brumfield <enderandrew at gmail.com>
wrote:

> I'll try 644. Every article I saw on this said it must be a permission
> issue access the *.db files in /etc/httpd/alias but the permissions appear
> to be set correctly.
>
> On Tue, Jan 27, 2015 at 2:05 PM, Lou Duchez <lou at paprikash.com> wrote:
>
>> https://www.centos.org/forums/viewtopic.php?t=5818
>>
>> The fix seems to be:
>>
>> cd /etc/httpd
>> chmod -R +r alias
>>
>> I don't think that 640 is right; I think you're looking for 644.
>>
>>  I got a call from a friend whose business depends on an Apache web
>>> server,
>>> but he doesn't know much about Linux. He is running Red Hat inside of a
>>> Windows Hyper-V VM. He bounced the Windows box for patching, which in
>>> turn
>>> rebooted his VM. He doesn't remember the last time he installed updates
>>> in
>>> Red Hat, but he does it from time to time.
>>>
>>> /var/log/httpd/error_log is just full of this:
>>>
>>> [error] NSS_Initialize failed. Certificate database: /etc/httpd/alias.
>>> [error] SSL Library Error: -8038 SEC_ERROR_NOT_INITIALIZED
>>>
>>> I've never used NSS personally. I Googled for the error and literally
>>> every
>>> hit I found was a permissions issue, that the apache wasn't running under
>>> the right group or that group couldn't access the files under
>>> /etc/httpd/alias.
>>>
>>> The problem is that doesn't appear to the problem with my buddy. Every
>>> httpd process is running under apache:apache and all the *.db files in
>>> /etc/httpd/alias are 640 and owned by the apache group, exactly how they
>>> should be.
>>>
>>> My buddy's business is down until we can resolve this.
>>>
>>> Any suggestions from someone more familiar with Red Hat/Fedora/CentOS and
>>> NSS?
>>>
>>> -- T. J. Brumfield
>>> "I'm questioning my education
>>> Rewind and what does it show?
>>> Could be, the truth it becomes you
>>> I'm a seed, wondering why it grows"
>>> -- Pearl Jam, Education
>>> _______________________________________________
>>> OLUG mailing list
>>> OLUG at olug.org
>>> https://lists.olug.org/mailman/listinfo/olug
>>>
>>
>> _______________________________________________
>> OLUG mailing list
>> OLUG at olug.org
>> https://lists.olug.org/mailman/listinfo/olug
>>
>
>
>
> --
> "I'm questioning my education
> Rewind and what does it show?
> Could be, the truth it becomes you
> I'm a seed, wondering why it grows"
> -- Pearl Jam, Education
>



-- 
"I'm questioning my education
Rewind and what does it show?
Could be, the truth it becomes you
I'm a seed, wondering why it grows"
-- Pearl Jam, Education


More information about the OLUG mailing list