Bug 145822 - httpd options not working
httpd options not working
Status: CLOSED NOTABUG
Product: Fedora
Classification: Fedora
Component: httpd (Show other bugs)
3
i686 Linux
medium Severity medium
: ---
: ---
Assigned To: Joe Orton
: SELinux
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-01-21 16:54 EST by Moxley Stratton
Modified: 2007-11-30 17:10 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-01-21 17:43:08 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Moxley Stratton 2005-01-21 16:54:51 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5)
Gecko/20041111 Firefox/1.0

Description of problem:
The options '-v', '-V', '-l' and possibly others of the httpd
executable do not produce output.

Version-Release number of selected component (if applicable):
httpd-2.0.52-3.1

How reproducible:
Always

Steps to Reproduce:
[root@moxley ~]# /usr/sbin/httpd -v
[root@moxley ~]# /usr/sbin/httpd -V
[root@moxley ~]# /usr/sbin/httpd -l


Actual Results:  Nothing. Returned to prompt.

Expected Results:  From the httpd man page:
-v     Print the version of httpd, and then exit.
-V     Print the version and build parameters of httpd, and then exit.
-l     Output  a  list  of  modules  compiled  into the server. This
will not list dynamically loaded modules
              included using the LoadModule directive.

Additional info:
Comment 1 Joe Orton 2005-01-21 17:43:08 EST
This is due to the SELinux policy, which prevents httpd from having
terminal access by default.  You can work around it using, e.g.:

# httpd -V | cat

or you can change the policy to allow httpd to access the terminal using:

# setsebool httpd_tty_comm 1

pass -P to setsebool to make the policy change permanent; ensure you
have the latest FC3 "libselinux" package from the FC3 updates.

For further information on SELinux/Apache integration in FC3, please
see: http://fedora.redhat.com/docs/selinux-apache-fc3/

For general information on SELinux in FC3, please see:
http://fedora.redhat.com/docs/selinux-faq-fc3/
Comment 2 Levente Farkas 2005-08-25 05:06:35 EDT
this is very strange! since one of our server gives:
------------------
# getsebool httpd_tty_comm
httpd_tty_comm --> inactive
[root@blue:~]httpd -S
VirtualHost configuration:
....
------------------
while on the other can't give any output without setting httpd_tty_comm to 1!
why? what's the difference? both has selinux enabled... 
do it seems there are some other problems too..
Comment 3 Joe Orton 2005-08-25 05:18:12 EDT
In FC4 httpd the SELinux security context transition does not occur if httpd is
invoked from the command line, only if invoked from the init script.

Note You need to log in before you can comment on or make changes to this bug.