On Wed, 2009-06-24 at 12:01 -0700, John Oliver wrote:
[root@ucore-web ~]# service httpd configtest
httpd: Syntax error on line 209 of /etc/httpd/conf/httpd.conf: Syntax
error on line 1 of /etc/httpd/conf.d/valicert.conf: Cannot load
/etc/httpd/modules/vcapache.so into server:
/etc/httpd/modules/vcapache.so: cannot restore segment prot after reloc:
Permission denied
[root@ucore-web ~]# ls -lZ /etc/httpd/modules/vcapache.so
-rwxr-xr-x root root system_u:object_r:httpd_modules_t
/etc/httpd/modules/vcapache.so
I used chcon to make vcapache.so have the same attributes as other
Apache modules...
-rwxr-xr-x root root system_u:object_r:httpd_modules_t mod_userdir.so
-rwxr-xr-x root root system_u:object_r:httpd_modules_t mod_usertrack.so
-rwxr-xr-x root root system_u:object_r:httpd_modules_t mod_version.so
-rwxr-xr-x root root system_u:object_r:httpd_modules_t
mod_vhost_alias.so
-rwxr-xr-x root root system_u:object_r:httpd_modules_t vcapache.so
How to fix? Googling results in a thousand suggestions to disable
SELinux and a couple to "chcon -t texrel_shlib_t" which did not work for
me.
Why did "chcon -t textrel_shlib_t /etc/httpd/modules/vcapache.so" not
work? Can you show us AVC denials?
You can retrieve AVC denials with the "ausearch -m avc -ts today"
command.