Apache died???

Lonnie Olson lists at kittypee.com
Tue Apr 9 14:53:00 MDT 2013


On Tue, Apr 9, 2013 at 11:34 AM, S. Dale Morrey <sdalemorrey at gmail.com> wrote:
> However if something is actively interfering with a well known service from
> doing it's thing, and doing so silently, then it's worse than useless.
> I trust binaries that have been installed by RPM with a keycheck.  I make
> the assumption that the software developers know more about what their
> software needs than I do and I trust the package maintainers to only sign
> off on stuff that won't break my system or steal my stuff.  (I know big
> assumption and yes I know there have been repo compromises in the past)

It didn't fail silently.
"(13)Permission denied: make_sock: could not bind to address [::]:8081"
This is your clue that the problem is security related.

Your next thought should be, what security measures could block
sockets binding to a TCP port?
* is 8081 a privileged port that requires root?  No.
* Is there an extra security layer running (selinux,apparmor)? Yes.
* Are there any entries in the audit log about said permission denied
error?  Yes.
* Google "selinux http port"? Yes.
* Fixed.

Yes it's an extra step, but the benefits do outweigh the drawbacks.
Just remember that it exists and to check the audit log.


More information about the PLUG mailing list