DaemonForums  

Go Back   DaemonForums > Miscellaneous > General software and network

General software and network General OS-independent software and network questions, X11, MTA, routing, etc.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 12th November 2008
lalebarde lalebarde is offline
New User
 
Join Date: Nov 2008
Posts: 6
Red face [SOLVED] Apache : httpd could not be started

Hello,
Thought I have searched many forums, I have not found anything on this :
I am on my first server install . I selected OpenBSD 4.4 with OAMP. I am complete newbie for all of that (Gentoo on my desktop without apache, mysql, php). I have followed installation instructions from http://www.openbsd.org/faq, for OAMP from http://http://www.h-i-r.net/2008/01/...che-mysql.html, and for apache configuration in /var/www/conf/httpd.conf from http://http://httpd.apache.org/docs/...irectives.html.

When I start apache, here is the result : could not resolve port "192.168.2.11" --- service not supported for ai_socktype
/usr/sbin/apachectl start: httpd could not be started


As written in the apache documentation for listen : Listen is now a required directive. If it is not in the config file, the server will fail to start.

What I did with : Listen 192.168.2.11

If I remove this line, apache starts, but then if I try to browse my server from 192.168.2.11, I get :
Forbidden
You don't have permission to access /phpinfo.php on this server.


It is the same with PF disabled.

I need help please .

Last edited by lalebarde; 13th November 2008 at 11:52 PM. Reason: solved
Reply With Quote
  #2   (View Single Post)  
Old 12th November 2008
anomie's Avatar
anomie anomie is offline
Local
 
Join Date: Apr 2008
Location: Texas
Posts: 445
Default

What version of Apache?

Quote:
Originally Posted by lalebarde
When I start apache, here is the result : could not resolve port "192.168.2.11"
It looks like you'll need to append a service port, i.e.:
Code:
Listen 192.168.2.11:80
Quote:
Originally Posted by lalebarde
You don't have permission to access /phpinfo.php on this server.
So modify the allow/deny directives to give yourself permission...

Consider getting a book on Apache. The official documentation is very thorough and useful, but it's not designed with new users in mind.
__________________
Kill your t.v.

Last edited by anomie; 12th November 2008 at 11:15 PM. Reason: explained further.
Reply With Quote
  #3   (View Single Post)  
Old 12th November 2008
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,125
Default

First do a syntax test with apachectl
Code:
apachectl configtest
Read the fine apachectl man page to find out what it will report if there are no syntax errors.

The standard configuration of /var/www/conf/httpd.conf already enables a Listen on port 80 and port 443
Code:
$ grep -in listen /var/www/conf/httpd.conf 
182:# Listen: Allows you to bind Apache to specific IP addresses and/or
186:#Listen 3000
187:#Listen 12.34.56.78:80
191:# is used to tell the server which IP address to listen to. It can either
193:# See also the <VirtualHost> and Listen directives.
302:# Port: The port to which the standalone server listens. For
310:##  When we also provide SSL we have to listen to the 
314:Listen 80
315:Listen 443
So I wonder why you needed to add such a directive
If you want to use a specific IP address then add the port specification as shown in line 187.

Next step is to check whether Apache is actually LISTENing
Code:
$ netstat -an -f inet
Active Internet connections (including servers)
Proto Recv-Q Send-Q  Local Address          Foreign Address        (state)
tcp        0      0  *.80                   *.*                    LISTEN
tcp        0      0  *.6000                 *.*                    LISTEN
tcp        0      0  127.0.0.1.587          *.*                    LISTEN
tcp        0      0  127.0.0.1.25           *.*                    LISTEN
tcp        0      0  *.22                   *.*                    LISTEN
tcp        0      0  *.515                  *.*                    LISTEN
Active Internet connections (including servers)
Proto Recv-Q Send-Q  Local Address          Foreign Address        (state)
udp        0      0  192.168.222.20.7184    83.96.227.85.123      
udp        0      0  192.168.222.20.11292   213.239.154.12.123    
udp        0      0  192.168.222.20.35727   94.75.205.140.123     
udp        0      0  192.168.222.20.4769    194.109.64.200.123    
udp        0      0  192.168.222.20.15905   213.10.47.241.123     
udp        0      0  *.514                  *.*
BTW I am assuming you are using the default Apache which is in the OpenBSD base systall, not an Apache 2 installed with a package

Did you follow the message given by the install of the PHP package? This tells you what to modify in httpd.conf.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
  #4   (View Single Post)  
Old 12th November 2008
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,125
Default

Last week I installed a OpenBSD current snapshot with php. This is the message I referred to in my previous post.
Code:
--- php5-core-5.2.6p0 -------------------
To enable the php5 module please create a symbolic
link from /var/www/conf/modules.sample/php5.conf
to /var/www/conf/modules/php5.conf.

ln -s /var/www/conf/modules.sample/php5.conf \
        /var/www/conf/modules

The recommended php configuration has been installed
to /var/www/conf/php.ini.

Don't forget that the default OpenBSD httpd is chrooted
into /var/www by default, so you may need to create support
directories such as /var/www/tmp for PHP to work correctly.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
  #5   (View Single Post)  
Old 12th November 2008
lalebarde lalebarde is offline
New User
 
Join Date: Nov 2008
Posts: 6
Default

Thanks anomie ,
With Listen 192.168.2.11:80, apache starts. But I still have the same access forbidden message from my browser.

Though in <Directory "/var/www/htdocs">, I have put :
Order deny,allow
Deny from all
Allow from 192.168.2.11

BTW, what book of Apache do you advise (english or french) ?

My version of appache is the one embedded at installation with OpenBSD 4.4. It seems it is apache-httpd-2.2.8.tgz - but I am not sure since pkg_info provides info from repository and not from installed version, and I still don't know how to get this information .
Reply With Quote
  #6   (View Single Post)  
Old 13th November 2008
DutchDaemon's Avatar
DutchDaemon DutchDaemon is offline
Real Name: Ben
Spam Refugee
 
Join Date: Jul 2008
Location: Rotterdam, The Netherlands
Posts: 336
Default

httpd -v usually works (and php -v if you need that as well)
Reply With Quote
  #7   (View Single Post)  
Old 13th November 2008
lalebarde lalebarde is offline
New User
 
Join Date: Nov 2008
Posts: 6
Default

Thanks J5nko,

Quote:
First do a syntax test with apachectl
Syntax OK

Quote:
$ grep -in listen /var/www/conf/httpd.conf
190:Listen 192.168.2.11:80
191:Listen 192.168.2.11:443
323:Listen 80
324:Listen 443

ok, I am not consistent here but it should be ok. For the trial, I suppress the ip specification, and let only the port. I am still forbidden.

Quote:
$ netstat -an -f inet
Proto Recv-Q Send-Q Local Address Foreign Adress (state)
tcp 0 0 192.168.2.20.80 192.168.2.10.54875 TIME_WAIT
tcp 0 0 *.80 *.* LISTEN
tcp 0 0 *.443 *.* LISTEN
tcp 0 0 *.22 *.* LISTEN
tcp 0 0 *.37 *.* LISTEN
tcp 0 0 *.13 *.* LISTEN
tcp 0 0 127.0.0.1.587 *.* LISTEN
tcp 0 0 127.0.0.1.25 *.* LISTEN
udp 0 0 192.168.2.20.31537 88.191.17.134.123
udp 0 0 127.0.0.1.512 *.*
udp 0 0 192.168.2.20.24521 88.191.11.98.123
udp 0 0 192.168.2.20.8367 88.191.47.13.123
udp 0 0 192.168.2.20.11927 91.121.138.209.123
udp 0 0 192.168.2.20.39243 81.93.183.116.123
udp 0 0 *.514 *.*


192.168.2.10 is another PC with windows. The one with which I try to connect to the server .20 is .11

Quote:
I am assuming you are using the default Apache which is in the OpenBSD
Yes

Quote:
Did you follow the message given by the install of the PHP package?
Yes :
ln -s /var/www/conf/modules-sample/php5.conf /var/www/conf/modules
ln -s /var/www/conf/modules-sample/mysql.ini /var/www/conf/php5/mysql.ini

vi /var/www/conf/httpd.conf : uncomment AddTyp application/x-httpd-php .php
I put also : ServerTokens ProductOnly

Other clue ?
Reply With Quote
  #8   (View Single Post)  
Old 13th November 2008
lalebarde lalebarde is offline
New User
 
Join Date: Nov 2008
Posts: 6
Default

Thanks DutchDaemon,
Apache 1.3.29
PHP 5.2.6
Reply With Quote
  #9   (View Single Post)  
Old 13th November 2008
anomie's Avatar
anomie anomie is offline
Local
 
Join Date: Apr 2008
Location: Texas
Posts: 445
Default

Quote:
Originally Posted by lalebarde
BTW, what book of Apache do you advise (english or french) ?
I've been happy with "Pro Apache, Third Edition" by Peter Wainwright as a (thorough) general reference. I would recommend starting there and giving yourself a few weeks to get through it all.

I also just received "Apache Security" by Ivan Ristic as a birthday gift, and I am about 1/3 finished with it. So far it has provided great info on securing Apache web server and PHP (running as a module or CGI).
__________________
Kill your t.v.
Reply With Quote
Old 13th November 2008
anomie's Avatar
anomie anomie is offline
Local
 
Join Date: Apr 2008
Location: Texas
Posts: 445
Default

Quote:
Originally Posted by lalebarde
But I still have the same access forbidden message from my browser.

Though in <Directory "/var/www/htdocs">, I have put :
Order deny,allow
Deny from all
Allow from 192.168.2.11
I'm not familiar with OBSD's standard Apache web server config; is /var/www/htdocs also your DocumentRoot?

Check filesystem permissions for /var/www/htdocs and any file it contains. Does the user httpd is running as have read access to them?

Also, add another allow line below the one you have, because it looks like you're browsing the web server from itself. Change to:
Code:
Order deny,allow
Deny from all
Allow from 192.168.2.11
Allow from 127.0.0.1
Finally, there are some other directives that could cause permission to be denied. (But we won't worry about those for now.)
__________________
Kill your t.v.

Last edited by anomie; 13th November 2008 at 02:17 AM. Reason: clarified allow directive.
Reply With Quote
Old 13th November 2008
robbak's Avatar
robbak robbak is offline
Real Name: Robert Backhaus
VPN Cryptographer
 
Join Date: May 2008
Location: North Queensland, Australia
Posts: 366
Default

When you say that you are trying to browse the server, what is the url you are going to?

http://<hostname>/ , or http://<hostname>/phpinfo.php ?

If the later, just check if user http can read phpinfo.php.

Code:
$ cd /<your document root>
$ ls -l
If you do not understand the ouptut, post it and we'll tell you.
__________________
The only dumb question is a question not asked.
The only dumb answer is an answer not given.
Reply With Quote
Old 13th November 2008
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,125
Default

Quote:
Originally Posted by lalebarde View Post
ln -s /var/www/conf/modules-sample/php5.conf /var/www/conf/modules
ln -s /var/www/conf/modules-sample/mysql.ini /var/www/conf/php5/mysql.ini


vi /var/www/conf/httpd.conf : uncomment AddTyp application/x-httpd-php .php
I put also : ServerTokens ProductOnly
That is all what I did have to do get a simple test.php script working. Except I didn't mess with the ServerTokens I also didn't have to edit those Deny/Allow directives.

If I do a http://localhost/test.php the following displays OK in firefox and lynx:
Code:
# cat /var/www/htdocs/test.php                                              
<html>
<head>
   <title>This is a test</title>
</head> 

<body>
  <h1>A test for PHP</h1> 

<?php
 echo '<p>A simple test for PHP</p>' ; 

$name='J65nko' ;

echo <<<END
<p>
   Another parapgraph, this time created with a here document.
</p>

<p>You can also use variables</p>

<p>Take care, </p>
<p>$name </p>

END;

?>
</body>
</html>
Do you actually have a phpinfo.php file? I don't
Code:
# find /var/www -name 'phpinfo*'  
#
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
Old 13th November 2008
lalebarde lalebarde is offline
New User
 
Join Date: Nov 2008
Posts: 6
Default

Hello anomie, robbak, J65nko,
Thanks a lot for your replies.

anomie,
Quote:
is /var/www/htdocs also your DocumentRoot?
YES
Quote:
Check filesystem permissions for /var/www/htdocs and any file it contains. Does the user httpd is running as have read access to them?
Everybody has access to DocumentRoot and read access to all its contents.
Quote:
Also, add another allow line below the one you have, because it looks like you're browsing the web server from itself.
No, the server is on x.x.x.20, the browser on x.x.x.11
Anyway, if I allow 127.0.0.1, ma browser is still forbidden.

robbak,
Quote:
When you say that you are trying to browse the server, what is the url you are going to?
http://192.168.2.20/phpinfo.php
Quote:
just check if user http can read phpinfo.php
cd /var/www/htdocs
ls -l

drwxr-xr-x 2 root Wheel bgplg
-r--r--r-- 1 root bin blowfish.jpg
-r--r--r-- 1 root bin bsd_small.gif
-r--r--r-- 1 root bin index.html
-r--r--r-- 1 root bin lock.gif
-r--r--r-- 1 root bin logo23.jpg
-r--r--r-- 1 root bin logo24.jpg
-r--r--r-- 1 root bin mod_ssl_sb.gif
-r--r--r-- 1 root bin openbsd_pb.gif
-r--r--r-- 1 root bin openbsdpower.gif
-r--r--r-- 1 root bin openssl_ics.gif
-rw-r--r-- 1 root bin phpinfo.php
-r--r--r-- 1 root bin smalltitle.gif

It looks to me everyuser has read access.

Quote:
If I do a http://localhost/test.php the following displays OK in firefox and lynx:
If I browse locally : lynx http://localhost/test.php or lynx http://localhost/index.html, it works. But from x.x.x.11, I am rejected :
Forbidden
You don't have permission to access /test.php on this server.

Quote:
Do you actually have a phpinfo.php file?
Yes, in : /var/www/htdocs, but it is empty
Reply With Quote
Old 13th November 2008
lalebarde lalebarde is offline
New User
 
Join Date: Nov 2008
Posts: 6
Default

Quote:
I also didn't have to edit those Deny/Allow directives.
If I come back to default :
<Directory "/var/www/htdocs">
Order allow,deny
Allow from all
</Directory>

It works

I have to dig again in the documentation for this stuff.

I close the thread. THANKS A LOT ALL OF YOU
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
thinkpad x200 or similar owners pleas help getting started gosha General Hardware 1 14th July 2009 04:06 AM
Trying to get started translating OpenBSD Documentaion qmemo OpenBSD General 6 12th July 2009 12:50 PM
Pf Nat getting started ?? neurosis FreeBSD Security 11 16th November 2008 08:58 PM
can't start apache "httpd not running" disappearedng FreeBSD General 5 22nd September 2008 10:18 PM
Getting started with DTrace tanked FreeBSD General 2 25th June 2008 09:21 AM


All times are GMT. The time now is 04:01 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick