apachephpselinux–Syntaxerror無法載入模組

科技小先鋒發表於2017-11-08
ApachePHPLinuxError
centos 5.0
selinux 為開啟狀態
apache 2.2.8
php 5.0 

安裝完成之後,apache無法載入php模組。錯誤如下:
httpd: Syntax error on line 232 of /usr/local/apache2/conf/httpd.conf: API module structure `php5_module` in file /usr/local/apache2/modules/libphp5.so is garbled – expected signature 41503232 but saw 41503230 – perhaps this is not an Apache module DSO, or was compiled for a different Apache version?


相信提示大夥都能看懂。網上有解決辦法就是關閉selinux 下面講另二種方法
一:按提示操作:(大體意思是將libphp5.so加入selinux系統內)

#tail /var/log/messages

May 23 10:08:15 nagios setroubleshoot:      SELinux is preventing /usr/local/apache2/bin/httpd from loading /usr/local/apache2/modules/libphp5.so which requires text relocation.      For complete SELinux messages. run sealert -l e693621e-145b-4431-bdcb-68b3883f1ac8
 
 
# sealert -l e693621e-145b-4431-bdcb-68b3883f1ac8

Summary

    SELinux is preventing /usr/local/apache2/bin/httpd from loading

    /usr/local/apache2/modules/libphp5.so which requires text relocation.


Detailed Description

    The /usr/local/apache2/bin/httpd application attempted to load

    /usr/local/apache2/modules/libphp5.so which requires text relocation.  This

    is a potential security problem. Most libraries do not need this permission.

    Libraries are sometimes coded incorrectly and request this permission.  The

    [url]http://people.redhat.com/drepper/selinux-mem.html[/url] web page explains how to

    remove this requirement.  You can configure SELinux temporarily to allow

    /usr/local/apache2/modules/libphp5.so to use relocation as a workaround,

    until the library is fixed. Please file a

    [url]http://bugzilla.redhat.com/bugzilla/enter_bug.cgi[/url] against this package.


Allowing Access

    If you trust /usr/local/apache2/modules/libphp5.so to run correctly, you can

    change the file context to textrel_shlib_t. “chcon -t textrel_shlib_t

    /usr/local/apache2/modules/libphp5.so”

    The following command will allow this access:

    chcon -t textrel_shlib_t /usr/local/apache2/modules/libphp5.so


Additional Information        


Source Context                user_u:system_r:unconfined_t

Target Context                system_u:object_r:lib_t

Target Objects                /usr/local/apache2/modules/libphp5.so [ file ]

Affected RPM Packages         

Policy RPM                    selinux-policy-2.4.6-30.el5

Selinux Enabled               True

Policy Type                   targeted

MLS Enabled                   True

Enforcing Mode                Permissive

Plugin Name                   plugins.allow_execmod

Host Name                     nagios

Platform                      Linux nagios 2.6.18-8.el5 #1 SMP Thu Mar 15

                              19:57:35 EDT 2007 i686 i686

Alert Count                   3

Line Numbers                  


Raw Audit Messages            


avc: denied { execmod } for comm=”httpd” dev=sda3 egid=0 euid=0

exe=”/usr/local/apache2/bin/httpd” exit=0 fsgid=0 fsuid=0 gid=0 items=0

name=”libphp5.so” path=”/usr/local/apache2/modules/libphp5.so” pid=31706

scontext=user_u:system_r:unconfined_t:s0 sgid=0

subj=user_u:system_r:unconfined_t:s0 suid=0 tclass=file

tcontext=system_u:object_r:lib_t:s0 tty=pts0 uid=0


注意紅色字型:大體的意思是 您需要改變libphp5.so 的相應許可權。
使用命令:
chcon -t textrel_shlib_t /usr/local/apache2/modules/libphp5.so

我運氣不好哈,加入後還是啟不來:

httpd: Syntax error on line 232 of /usr/local/apache2/conf/httpd.conf: API module structure `php5_module` in file /usr/local/apache2/modules/libphp5.so is garbled – expected signature 41503232 but saw 41503230 – perhaps this is not an Apache module DSO, or was compiled for a different Apache version?


二:大家看最後一行。or was compiled for a different Apache version?

 或編譯不同的apache版本。


OK  換成 apache 2.0 一切搞定。



關於如上的方法,啟不動,檢視日誌,再按日誌裡的命令操作,接著又會得到提示。繼續操作。就可以完成安裝。


net-snmp 在selinux開啟的狀態下也無法啟動。需要用上面的方法來解決。或者直接關閉selinux 官網不推薦這麼做。



一點小技巧。就到這吧。



本文轉自守住每一天51CTO部落格,原文連結:http://blog.51cto.com/liuyu/78389,如需轉載請自行聯絡原作者


相關文章