On 01/14/2013 05:38 PM, Sam Varshavchik issued this missive:
Rick Stevens writes:
On 01/14/2013 05:15 PM, Sam Varshavchik issued this missive:
Tom Horsley writes:
On Mon, 14 Jan 2013 08:32:19 -0500
Sam Varshavchik wrote:
> … appears to be Apache. After installing the most recent
systemd
update:
>
> systemd[1429]: Failed at step NAMESPACE spawning /usr/sbin/httpd:
Operation
> not permitted
I just installed updates (and rebooted) this morning and apache seems
to be running
fine on my desktop. I've got systemd-44-23.fc17.x86_64
Yeah, some of my other machines seems to have survived. But all I know,
is that on a stripped down, headless box, this update broke Apache,
until I took out PrivateTmp out of httpd.service. Only systemd was
updated, apache wasn't. That's all I can figure out for now. The error
message text wasn't very helpful, and googling it around found a bunch
of references to PrivateTmp, so I took it out, and systemctl start
httpd.service worked. Put it back, systemd refuses to start it, take it
out, it works.
Did you check to see if you have any selinux log entries pertaining to
this? "Operation not permitted" smells selinux-ishy to me.
This stripped down box does not use selinux.
Jan 14 06:54:40 shorty kernel: [ 3.219771] SELinux: Disabled at
runtime.
Jan 14 06:54:40 shorty kernel: [ 3.249018] type=1404
audit(1358164472.135:2): selinux=0 auid=4294967295 ses=4294967295
/etc/selinux/config has SELINUX=disabled
The only thing that comes to mind that I have non-standard is:
[root@shorty ~]# ls -al /var/www
lrwxrwxrwx. 1 root root 11 Apr 19 2011 /var/www -> ../home/www
But if this caused some unfathomable problem with systemd's PrivateTmp,
I'd expect apache to barf, instead of systemd whining.
That isn't a broken link, is it, or some permissions issue where
systemd (or Apache) doesn't have access to /home/www? I can see /var/www
being a symlink to /home/<someuser>/www or even /home/www, but does
the apache user have write access to it?
----------------------------------------------------------------------
- Rick Stevens, Systems Engineer, AllDigital ricks@xxxxxxxxxxxxxx -
- AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 -
- -
- "Hello. My PID is Inigo Montoya. You `kill -9'-ed my parent -
- process. Prepare to vi." -
----------------------------------------------------------------------
--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org