Having problems starting httpd & portmapper
#service httpd start /usr/sbin/httpd: error while loading shared libraries: libm.so.6: cannot open shared object file: No such file or directory
and I traced it to selinux, which I had just turned on for the first time:
# sestatus SELinux status: enabled SELinuxfs mount: /selinux Current mode: enforcing Mode from config file: enforcing Policy version: 21 Policy from config file: targeted
I can
#setsebool -P httpd_disable_trans on
and httpd starts - but there's zero enforcing now as I understand it.
Further digging & I get to:
# cat /var/log/audit/audit.log | audit2allow -m local
module local 1.0;
require { type portmap_t; type httpd_t; type file_t; class lnk_file read; class file { getattr read execute }; }
#============= httpd_t ============== allow httpd_t file_t:file { read getattr execute }; allow httpd_t file_t:lnk_file read;
#============= portmap_t ============== allow portmap_t file_t:file { read getattr execute }; allow portmap_t file_t:lnk_file read;
Other stuff like postfix, postgrey, amavisd are working fine since turning selinux on.
Before I make a mess of things with trying to make a new policy, shouldn't two basic services like portmap & httpd already be allowed to run out of the box by selinux?
If not, am I going down the right path to get it working?
Thanks