> CentOS 5.4 64-bit with SELinux, happily running for over a year, suddenly > httpd fails to start up, getting an error message like: > > Starting httpd: Syntax error on line X of /etc/httpd/conf.d/php.conf: > Cannot load /etc/httpd/modules/libphp5.so into server: libxml2.so.2: > failed to map segment from shared object: Permission denied > > I turned off SELinux and was able to start httpd. > > But what went wrong? And how to fix it and turn SELinux back on? > > SElinux labels on libxml.so.2.6.26 are OK ( system_u:object_r:lib_t ) > and "restorecon -n libxml.so.2.6.26" does not return anything. > > No recent AVC denied entries in /var/log/audit/audit.log or /var/log/messages. Try to turn off the dontaudit rules for domains that are in the base policy: semodule -b /usr/share/selinux/targeted/enableaudit.pp Then you might see the denials in the logs and fix the problem in your local policy. HTH