service httpd restart failed

The problem of httpd is hard to debug because there are few ways to debug it. You can set LogLevel to debug in httpd.conf, but that does not help much in real situations. Today I encountered a weird problem that I cannot restart httpd using “service httpd restart” or “systemctl restart httpd”. The /var/log/httpd/error_log said permission denied for one of my website’s error log file. I changed the mod of that error log file to 777 and I change the owner of that file from root to apache:apache, but none worked. The problem is so weird because if I run “httpd” directly on the console, the httpd process can be started without problem and I can visit my website normally. “httpd -t” says the syntax is ok. “httpd -X” also works and does not report any error. Why cannot start the httpd service using “service httpd restart” or “systemctl restart httpd”? Running “jounalctl -xe” I got this error:

systemd Unit httpd.service entered failed state.
systemd httpd.service failed.
polkitd Unregistered Authentication Agent for unix-process

 

polkitd reminded me of selinux. Running “sestatus” I found selinux was enabled, which may be the root cause of this problem. But interestingly, the current mode of selinux was permissive which basically says selinux is not working as normal. I used “setenforce 0″ but cannot change selinux to disabled status. I disabled selinux in /etc/selinux/configure and rebooted my system, then all problem were gone. I can start/stop the httpd using “service” or “systemctl” command now. I think you must turn off selinux thoroughly to use the “service” or “systemctl” command.

Posted in tips of hosting