Red Hat Bugzilla – Bug 1024113
httpd ajp proxy fails after engine-backup --mode=restore
Last modified: 2013-11-12 09:48:47 EST
Description of problem:
engine-backup --mode=restore does not let httpd access the network in selinux,
as does engine-setup. This means that on a system where engine-setup was never
ran, httpd fails to connect to the engine.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Install a new system, install rhevm
2. copy some backup file from another system
3. restore it with engine-backup --mode=restore
4. start the engine, restart apache
5. Connect with a web browser to the web admin
apache fails, with this in the error log:
[Mon Oct 28 23:10:06 2013] [error] (13)Permission denied: proxy: AJP: attempt to connect to 127.0.0.1:8702 (127.0.0.1) failed
[Mon Oct 28 23:10:06 2013] [error] ap_proxy_connect_backend disabling worker for (127.0.0.1)
[Mon Oct 28 23:10:06 2013] [error] proxy: AJP: failed to make connection to backend: 127.0.0.1
apache should succeed
To fix, I ran:
semanage boolean --modify --on httpd_can_network_connect
We decided to "solve" this by requiring the user to run 'engine-setup' (which will do an upgrade) after restore.
See http://www.ovirt.org/Migrate_to_Hosted_Engine for an example on how to do that.