You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by David Benfell <be...@mail.parts-unknown.org> on 2013/09/24 05:47:08 UTC
[users@httpd] Apache insists on binding to *all* addresses even though Listen
directives specify specific ip addresses
Hi all,
I've run into a problem. First things first:
[root@munich ~]# cat /etc/issue
CentOS release 6.4 (Final)
Kernel \r on an \m
[root@munich ~]# uname -a
Linux munich 2.6.32-358.el6.x86_64 #1 SMP Fri Feb 22 00:31:26 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux
[root@munich]/etc/httpd/conf# yum list httpd
Loaded plugins: fastestmirror, security
Loading mirror speeds from cached hostfile
Excluding mirror: mirror.de.leaseweb.net
* base: ftp-stud.fht-esslingen.de
Excluding mirror: mirror.de.leaseweb.net
Excluding mirror: mirror.nl.leaseweb.net
* epel: mirrors.n-ix.net
* extras: centos.mirror.linuxwerk.com
* remi: mirror5.layerjet.com
Excluding mirror: mirror.de.leaseweb.net
Excluding mirror: centos.copahost.com
* updates: ftp.plusline.de
Installed Packages
httpd.x86_64 2.2.15-29.el6.centos @updates
The choice of an earlier version of Centos was meant to accommodate zimbra, which it seems to be doing nicely. But now I'm trying to bring up my old web services on selected IP addresses and ports. I've confirmed that zimbra is not occupying the address/port combinations. I have numerous Listen directives to accomplish this:
[root@munich ~]# grep -r "^Listen" /etc/httpd/
/etc/httpd/conf/sites-enabled/greybeard95a.com:Listen 91.205.174.233:80
/etc/httpd/conf/sites-enabled/greybeard95a.com:Listen 91.205.174.233:443
/etc/httpd/conf/sites-enabled/n4rky.me:Listen 91.205.174.234:80
/etc/httpd/conf/sites-enabled/n4rky.me:Listen 91.205.174.234:443
/etc/httpd/conf/sites-enabled/cybernude.org:Listen 91.205.174.230:80
/etc/httpd/conf/sites-enabled/cybernude.org:Listen 91.205.174.230:443
/etc/httpd/conf/sites-enabled/parts-unknown.org:Listen 193.34.144.104:80
/etc/httpd/conf/sites-enabled/parts-unknown.org:Listen 193.34.144.104:443
/etc/httpd/conf/sites-enabled/disunitedstates.com:Listen 91.205.174.231:80
/etc/httpd/conf/sites-enabled/disunitedstates.com:Listen 91.205.174.231:443
/etc/httpd/conf/sites-enabled/disunitedstates.org:Listen 91.205.174.232:80
/etc/httpd/conf/sites-enabled/disunitedstates.org:Listen 91.205.174.232:443
(some matches elided)
The sites-enabled directory is Included like so:
[root@munich ~]# grep -r sites-enabled /etc/httpd
/etc/httpd/conf/httpd.conf:Include /etc/httpd/conf/sites-enabled/
And it contains:
[root@munich ~]# ls -al /etc/httpd/conf/sites-enabled/
total 8
drwxr-xr-x 2 root root 4096 Sep 23 15:31 .
drwxr-xr-x 4 root root 4096 Sep 23 15:31 ..
lrwxrwxrwx 1 root root 32 Sep 21 21:35 cybernude.org -> ../sites-available/cybernude.org
lrwxrwxrwx 1 root root 38 Sep 21 21:35 disunitedstates.com -> ../sites-available/disunitedstates.com
lrwxrwxrwx 1 root root 38 Sep 21 21:35 disunitedstates.org -> ../sites-available/disunitedstates.org
lrwxrwxrwx 1 root root 35 Sep 21 21:35 greybeard95a.com -> ../sites-available/greybeard95a.com
lrwxrwxrwx 1 root root 27 Sep 21 21:35 n4rky.me -> ../sites-available/n4rky.me
lrwxrwxrwx 1 root root 36 Sep 21 21:35 parts-unknown.org -> ../sites-available/parts-unknown.org
Folks who are familiar with the Debian/Ubuntu set-up will recognize the layout. I originally created this many years ago and have preserved it across numerous installations on various distributions.
When I try to start apache, I get:
[root@munich]/etc/httpd/conf# /etc/init.d/httpd start
Starting httpd: (98)Address already in use: make_sock: could not bind to address [::]:443
(98)Address already in use: make_sock: could not bind to address 0.0.0.0:443
no listening sockets available, shutting down
Unable to open logs
[FAILED]
It does not seem to be listening to my Listen directives with respect to port 443 and instead is attempting to open every address on the system. This is a *very* *bad* thing for it to attempt to do.
What am I missing? Thanks!
--
David Benfell
My mail is usually signed cryptographically, but from Zimbra, it generally will not be. Please see https://parts-unknown.org/node/2 for more information.
Re: [users@httpd] Apache insists on binding to *all* addresses even
though Listen directives specify specific ip addresses
Posted by David Benfell <be...@mail.parts-unknown.org>.
Hi Yehuda,
You had written:
...(I am not a grep expert, but you might miss a line that has a space before the Listen directive).
This turned out to be at least close. It wasn't something I had done, but rather something I had overlooked that was left over from the package installation. A file called ssl.conf that had been included and that did a blanket Listen 443. :facepalm.
Thanks! Now I can move on to the next problem....
--
David Benfell
My mail is usually signed cryptographically, but from Zimbra, it generally will not be. Please see https://parts-unknown.org/node/2 for more information.
Re: [users@httpd] Apache insists on binding to *all* addresses even
though Listen directives specify specific ip addresses
Posted by Yehuda Katz <ye...@ymkatz.net>.
I think I had a similar problem and it turned out the reason was that one
of the IP addresses I was trying to Listen on was not actually bound to an
interface.
That could cause the misleading error.
The other thing I sometimes do is stop the other service, start apache and
look at the server-info page (make sure the info module is enabled).
It should tell you every single Listen directive that Apache can find to
confirm that your other search did not miss (I am not a grep expert, but
you might miss a line that has a space before the Listen directive).
- Y
On Mon, Sep 23, 2013 at 11:47 PM, David Benfell <
benfell@mail.parts-unknown.org> wrote:
> Hi all,
>
> I've run into a problem. First things first:
>
> [root@munich ~]# cat /etc/issue
> CentOS release 6.4 (Final)
> Kernel \r on an \m
>
> [root@munich ~]# uname -a
> Linux munich 2.6.32-358.el6.x86_64 #1 SMP Fri Feb 22 00:31:26 UTC 2013
> x86_64 x86_64 x86_64 GNU/Linux
>
> [root@munich]/etc/httpd/conf# yum list httpd
> Loaded plugins: fastestmirror, security
> Loading mirror speeds from cached hostfile
> Excluding mirror: mirror.de.leaseweb.net
> * base: ftp-stud.fht-esslingen.de
> Excluding mirror: mirror.de.leaseweb.net
> Excluding mirror: mirror.nl.leaseweb.net
> * epel: mirrors.n-ix.net
> * extras: centos.mirror.linuxwerk.com
> * remi: mirror5.layerjet.com
> Excluding mirror: mirror.de.leaseweb.net
> Excluding mirror: centos.copahost.com
> * updates: ftp.plusline.de
> Installed Packages
> httpd.x86_64
> 2.2.15-29.el6.centos
> @updates
>
> The choice of an earlier version of Centos was meant to accommodate
> zimbra, which it seems to be doing nicely. But now I'm trying to bring up
> my old web services on selected IP addresses and ports. I've confirmed that
> zimbra is not occupying the address/port combinations. I have numerous
> Listen directives to accomplish this:
>
> [root@munich ~]# grep -r "^Listen" /etc/httpd/
> /etc/httpd/conf/sites-enabled/greybeard95a.com:Listen 91.205.174.233:80
> /etc/httpd/conf/sites-enabled/greybeard95a.com:Listen 91.205.174.233:443
> /etc/httpd/conf/sites-enabled/n4rky.me:Listen 91.205.174.234:80
> /etc/httpd/conf/sites-enabled/n4rky.me:Listen 91.205.174.234:443
> /etc/httpd/conf/sites-enabled/cybernude.org:Listen 91.205.174.230:80
> /etc/httpd/conf/sites-enabled/cybernude.org:Listen 91.205.174.230:443
> /etc/httpd/conf/sites-enabled/parts-unknown.org:Listen 193.34.144.104:80
> /etc/httpd/conf/sites-enabled/parts-unknown.org:Listen 193.34.144.104:443
> /etc/httpd/conf/sites-enabled/disunitedstates.com:Listen 91.205.174.231:80
> /etc/httpd/conf/sites-enabled/disunitedstates.com:Listen
> 91.205.174.231:443
> /etc/httpd/conf/sites-enabled/disunitedstates.org:Listen 91.205.174.232:80
> /etc/httpd/conf/sites-enabled/disunitedstates.org:Listen
> 91.205.174.232:443
>
> (some matches elided)
>
> The sites-enabled directory is Included like so:
>
> [root@munich ~]# grep -r sites-enabled /etc/httpd
> /etc/httpd/conf/httpd.conf:Include /etc/httpd/conf/sites-enabled/
>
> And it contains:
>
> [root@munich ~]# ls -al /etc/httpd/conf/sites-enabled/
> total 8
> drwxr-xr-x 2 root root 4096 Sep 23 15:31 .
> drwxr-xr-x 4 root root 4096 Sep 23 15:31 ..
> lrwxrwxrwx 1 root root 32 Sep 21 21:35 cybernude.org ->
> ../sites-available/cybernude.org
> lrwxrwxrwx 1 root root 38 Sep 21 21:35 disunitedstates.com ->
> ../sites-available/disunitedstates.com
> lrwxrwxrwx 1 root root 38 Sep 21 21:35 disunitedstates.org ->
> ../sites-available/disunitedstates.org
> lrwxrwxrwx 1 root root 35 Sep 21 21:35 greybeard95a.com ->
> ../sites-available/greybeard95a.com
> lrwxrwxrwx 1 root root 27 Sep 21 21:35 n4rky.me -> ../sites-available/
> n4rky.me
> lrwxrwxrwx 1 root root 36 Sep 21 21:35 parts-unknown.org ->
> ../sites-available/parts-unknown.org
>
> Folks who are familiar with the Debian/Ubuntu set-up will recognize the
> layout. I originally created this many years ago and have preserved it
> across numerous installations on various distributions.
>
> When I try to start apache, I get:
>
> [root@munich]/etc/httpd/conf# /etc/init.d/httpd start
> Starting httpd: (98)Address already in use: make_sock: could not bind to
> address [::]:443
> (98)Address already in use: make_sock: could not bind to address
> 0.0.0.0:443
> no listening sockets available, shutting down
> Unable to open logs
> [FAILED]
>
> It does not seem to be listening to my Listen directives with respect to
> port 443 and instead is attempting to open every address on the system.
> This is a *very* *bad* thing for it to attempt to do.
>
> What am I missing? Thanks!
>
> --
> David Benfell
> My mail is usually signed cryptographically, but from Zimbra, it generally
> will not be. Please see https://parts-unknown.org/node/2 for more
> information.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>