Uploaded image for project: 'JBoss Core Services'
  1. JBoss Core Services
  2. JBCS-217

mod_bmx doesn't work with new selinux rules

XMLWordPrintable

    • Workaround Exists
    • Hide

      Create a new directory for mod_bmx in cache and fix the selinux context:

      mkdir /opt/rh/jbcs-httpd24/root/var/cache/mod_bmx
      chcon -t httpd_cache_t /opt/rh/jbcs-httpd24/root/var/cache/mod_bmx

      Then set the following directives in the httpd configuration to use the new dir:

      BMXVHostDBMFilename /opt/rh/jbcs-httpd24/root/var/cache/mod_bmx/bmx_vhost.db
      BMXVHostLockFilename /opt/rh/jbcs-httpd24/root/var/cache/mod_bmx/bmx_vhost.db.lock

      Show
      Create a new directory for mod_bmx in cache and fix the selinux context: mkdir /opt/rh/jbcs-httpd24/root/var/cache/mod_bmx chcon -t httpd_cache_t /opt/rh/jbcs-httpd24/root/var/cache/mod_bmx Then set the following directives in the httpd configuration to use the new dir: BMXVHostDBMFilename /opt/rh/jbcs-httpd24/root/var/cache/mod_bmx/bmx_vhost.db BMXVHostLockFilename /opt/rh/jbcs-httpd24/root/var/cache/mod_bmx/bmx_vhost.db.lock
    • Hide

      install all jbcs-httpd24 RPMs
      let selinux on: setenforce 1
      do setup mentioned in access portal: mod_bmx setup
      service jbcs-httpd24-httpd start

      Show
      install all jbcs-httpd24 RPMs let selinux on: setenforce 1 do setup mentioned in access portal: mod_bmx setup service jbcs-httpd24-httpd start

      starting httpd with mod_bmx is not possible due to selinux rules. Modules are not allowed to create files like shm or db in logs folder.
      I don't know configure parameter for mod_bmx and there should be directive to set destination of DBM files, which should be located in <cache> folder?
      Otherwise there should be different setting for default path to DBM files then logs folder.
      error_log contains:

      [Tue Nov 15 10:31:46.002039 2016] [bmx_vhost:crit] [pid 10224] (13)Permission denied: Failed to open mod_bmx_vhost DBM file '/opt/rh/jbcs-httpd24/root/etc/httpd/logs/bmx_vhost1.db'

              rhn-support-csutherl Coty Sutherland
              jonderka@redhat.com Jan Onderka
              Jan Onderka Jan Onderka
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                Resolved: