[olug] Apache will no longer run in Red Hat after a reboot
T. J. Brumfield
enderandrew at gmail.com
Tue Jan 27 14:16:48 CST 2015
Yeah, that's what I tried. I httpd.conf is inheriting any *.conf file in
/etc/httpd/conf.d so I just renamed nss.conf to nss.conf.bak (since
nss.conf was the file actually loading mod_nss) and when I did that, Apache
would start, but SSL wasn't working.
On Tue, Jan 27, 2015 at 2:14 PM, Damian Harouff <cekkent at gmail.com> wrote:
> I hate to be "that guy", but: is he even using mod_nss? Red Hat tends to
> enable a lot of things arbitrarily. I know that NSS is more "open", but
> mod_ssl might get him back online sooner.
>
> On Tue, Jan 27, 2015 at 2:11 PM, T. J. Brumfield <enderandrew at gmail.com>
> wrote:
>
> > I'll try 644. Every article I saw on this said it must be a permission
> > issue access the *.db files in /etc/httpd/alias but the permissions
> appear
> > to be set correctly.
> >
> > On Tue, Jan 27, 2015 at 2:05 PM, Lou Duchez <lou at paprikash.com> wrote:
> >
> > > https://www.centos.org/forums/viewtopic.php?t=5818
> > >
> > > The fix seems to be:
> > >
> > > cd /etc/httpd
> > > chmod -R +r alias
> > >
> > > I don't think that 640 is right; I think you're looking for 644.
> > >
> > > I got a call from a friend whose business depends on an Apache web
> > server,
> > >> but he doesn't know much about Linux. He is running Red Hat inside of
> a
> > >> Windows Hyper-V VM. He bounced the Windows box for patching, which in
> > turn
> > >> rebooted his VM. He doesn't remember the last time he installed
> updates
> > in
> > >> Red Hat, but he does it from time to time.
> > >>
> > >> /var/log/httpd/error_log is just full of this:
> > >>
> > >> [error] NSS_Initialize failed. Certificate database: /etc/httpd/alias.
> > >> [error] SSL Library Error: -8038 SEC_ERROR_NOT_INITIALIZED
> > >>
> > >> I've never used NSS personally. I Googled for the error and literally
> > >> every
> > >> hit I found was a permissions issue, that the apache wasn't running
> > under
> > >> the right group or that group couldn't access the files under
> > >> /etc/httpd/alias.
> > >>
> > >> The problem is that doesn't appear to the problem with my buddy. Every
> > >> httpd process is running under apache:apache and all the *.db files in
> > >> /etc/httpd/alias are 640 and owned by the apache group, exactly how
> they
> > >> should be.
> > >>
> > >> My buddy's business is down until we can resolve this.
> > >>
> > >> Any suggestions from someone more familiar with Red Hat/Fedora/CentOS
> > and
> > >> NSS?
> > >>
> > >> -- T. J. Brumfield
> > >> "I'm questioning my education
> > >> Rewind and what does it show?
> > >> Could be, the truth it becomes you
> > >> I'm a seed, wondering why it grows"
> > >> -- Pearl Jam, Education
> > >> _______________________________________________
> > >> OLUG mailing list
> > >> OLUG at olug.org
> > >> https://lists.olug.org/mailman/listinfo/olug
> > >>
> > >
> > > _______________________________________________
> > > OLUG mailing list
> > > OLUG at olug.org
> > > https://lists.olug.org/mailman/listinfo/olug
> > >
> >
> >
> >
> > --
> > "I'm questioning my education
> > Rewind and what does it show?
> > Could be, the truth it becomes you
> > I'm a seed, wondering why it grows"
> > -- Pearl Jam, Education
> > _______________________________________________
> > OLUG mailing list
> > OLUG at olug.org
> > https://lists.olug.org/mailman/listinfo/olug
> >
> _______________________________________________
> OLUG mailing list
> OLUG at olug.org
> https://lists.olug.org/mailman/listinfo/olug
>
--
"I'm questioning my education
Rewind and what does it show?
Could be, the truth it becomes you
I'm a seed, wondering why it grows"
-- Pearl Jam, Education
More information about the OLUG
mailing list