httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Benfell <benf...@mail.parts-unknown.org>
Subject [users@httpd] Apache insists on binding to *all* addresses even though Listen directives specify specific ip addresses
Date Tue, 24 Sep 2013 03:47:08 GMT
Hi all,

I've run into a problem. First things first:

[root@munich ~]# cat /etc/issue
CentOS release 6.4 (Final)
Kernel \r on an \m

[root@munich ~]# uname -a
Linux munich 2.6.32-358.el6.x86_64 #1 SMP Fri Feb 22 00:31:26 UTC 2013 x86_64 x86_64 x86_64
GNU/Linux

[root@munich]/etc/httpd/conf# yum list httpd
Loaded plugins: fastestmirror, security
Loading mirror speeds from cached hostfile
Excluding mirror: mirror.de.leaseweb.net
 * base: ftp-stud.fht-esslingen.de
Excluding mirror: mirror.de.leaseweb.net
Excluding mirror: mirror.nl.leaseweb.net
 * epel: mirrors.n-ix.net
 * extras: centos.mirror.linuxwerk.com
 * remi: mirror5.layerjet.com
Excluding mirror: mirror.de.leaseweb.net
Excluding mirror: centos.copahost.com
 * updates: ftp.plusline.de
Installed Packages
httpd.x86_64                                                                2.2.15-29.el6.centos
                                                               @updates

The choice of an earlier version of Centos was meant to accommodate zimbra, which it seems
to be doing nicely. But now I'm trying to bring up my old web services on selected IP addresses
and ports. I've confirmed that zimbra is not occupying the address/port combinations. I have
numerous Listen directives to accomplish this:

[root@munich ~]# grep -r "^Listen" /etc/httpd/
/etc/httpd/conf/sites-enabled/greybeard95a.com:Listen 91.205.174.233:80
/etc/httpd/conf/sites-enabled/greybeard95a.com:Listen 91.205.174.233:443
/etc/httpd/conf/sites-enabled/n4rky.me:Listen 91.205.174.234:80
/etc/httpd/conf/sites-enabled/n4rky.me:Listen 91.205.174.234:443
/etc/httpd/conf/sites-enabled/cybernude.org:Listen 91.205.174.230:80
/etc/httpd/conf/sites-enabled/cybernude.org:Listen 91.205.174.230:443
/etc/httpd/conf/sites-enabled/parts-unknown.org:Listen 193.34.144.104:80
/etc/httpd/conf/sites-enabled/parts-unknown.org:Listen 193.34.144.104:443
/etc/httpd/conf/sites-enabled/disunitedstates.com:Listen 91.205.174.231:80
/etc/httpd/conf/sites-enabled/disunitedstates.com:Listen 91.205.174.231:443
/etc/httpd/conf/sites-enabled/disunitedstates.org:Listen 91.205.174.232:80
/etc/httpd/conf/sites-enabled/disunitedstates.org:Listen 91.205.174.232:443

(some matches elided)

The sites-enabled directory is Included like so:

[root@munich ~]# grep -r sites-enabled /etc/httpd
/etc/httpd/conf/httpd.conf:Include /etc/httpd/conf/sites-enabled/

And it contains:

[root@munich ~]# ls -al /etc/httpd/conf/sites-enabled/
total 8
drwxr-xr-x 2 root root 4096 Sep 23 15:31 .
drwxr-xr-x 4 root root 4096 Sep 23 15:31 ..
lrwxrwxrwx 1 root root   32 Sep 21 21:35 cybernude.org -> ../sites-available/cybernude.org
lrwxrwxrwx 1 root root   38 Sep 21 21:35 disunitedstates.com -> ../sites-available/disunitedstates.com
lrwxrwxrwx 1 root root   38 Sep 21 21:35 disunitedstates.org -> ../sites-available/disunitedstates.org
lrwxrwxrwx 1 root root   35 Sep 21 21:35 greybeard95a.com -> ../sites-available/greybeard95a.com
lrwxrwxrwx 1 root root   27 Sep 21 21:35 n4rky.me -> ../sites-available/n4rky.me
lrwxrwxrwx 1 root root   36 Sep 21 21:35 parts-unknown.org -> ../sites-available/parts-unknown.org

Folks who are familiar with the Debian/Ubuntu set-up will recognize the layout. I originally
created this many years ago and have preserved it across numerous installations on various
distributions.

When I try to start apache, I get:

[root@munich]/etc/httpd/conf# /etc/init.d/httpd start
Starting httpd: (98)Address already in use: make_sock: could not bind to address [::]:443
(98)Address already in use: make_sock: could not bind to address 0.0.0.0:443
no listening sockets available, shutting down
Unable to open logs
                                                           [FAILED]

It does not seem to be listening to my Listen directives with respect to port 443 and instead
is attempting to open every address on the system. This is a *very* *bad* thing for it to
attempt to do.

What am I missing? Thanks!

--
David Benfell
My mail is usually signed cryptographically, but from Zimbra, it generally will not be. Please
see https://parts-unknown.org/node/2 for more information.

Mime
View raw message