文档章节

php-fpm error unable to bind listening socket for

china008
 china008
发布于 2015/08/26 15:44
字数 356
阅读 107
收藏 0

0 down vote

SELinux can be configured to stop programs from opening ports, even ports above 1024. This can be a useful protection against malware.


If SELinux is enabled (which you can check by running getenforce - if the respons is Enforced, that means that SELinux is active), there are two ways of fixing the problem.


First, the easy way. This one is to simply disable SELinux. The downside is that your server is now far more vulnerable to compromise/hacking/attacks. If you do choose to make your server less secure, you can run the command setenforce 0. You will also need to change the configuration to stop it from being reactivated after restart; this is done by editing the file /etc/selinux/config and changing the line


SELINUX=enforcing

to


SELINUX=disabled

Second, the secure way . This is to change your selinux configuration to allow this port to be opened. Since SELinux is a very complicated thing - as it must be, to do what it does - it takes a bit of work. There is one shortcut, though, which is to let SELinux itself figure out what new permissions it needs to allow.


In order to do this, you start by setting SELinux to permissive instead of disabled. This means that SELinux won't be enforcing its rules, but it will log the information about everything that it would have stopped if it had been enforcing them. Once you've had your application running, you can pass the contents of the log to audit2allow which will help you create the rules you need:


grep php-fpm /var/log/audit/audit.log | audit2allow -m phpfpm > phpfpmlocal.tmp

You should look in the file phpfpmlocal.tmp to verify that the permissions look OK. Once you've done so, and made any edits that seem reasonable to you, re-run audit2allow again to build the module, and semodule to load it


grep php-fpm /var/log/audit/audit.log | audit2allow -M phpfpmlocal

semodule -i phpfmlocal.pp 

Once the new module is loaded, you can turn enforcement back on.


本文转载自:http://unix.stackexchange.com/questions/180460/php-fpm-error-unable-to-bind-listening-socket-for-...

共有 人打赏支持
china008
粉丝 5
博文 286
码字总数 30406
作品 0
海淀
私信 提问
ERROR: unable to bind listening socket for address '127.0.0.1:9000': Address already in use

刚安装完PHP,启动时报错: # /etc/init.d/php-fpm start Starting php-fpm [15-Apr-2017 13:21:13] ERROR: unable to bind listening socket for address '127.0.0.1:9000': Address alrea......

sentu
2017/04/16
0
0
关于FPM的安装问题

用 /usr/local/php/sbin/php-fpm启动FPM,总是出现unable to bind listening socket for address '127.0.0.1:9000': Address already in use (98), FPM initialization failed。。。这个报错......

Teomc.Xbc
2012/09/20
1K
2
pthreads(一)php7只支持在cli模式下使用pthreads扩展

1 ERROR! 用php7了,编译之后安装好扩展,运行php-fpm时报错,在公司没有解决,回家在mac上复现: [24-Mar-2016 23:06:50] NOTICE: PHP message: PHP Fatal error: The fpm-fcgi SAPI is no...

燕玉苗
2016/10/17
3
0
关于apache2在linux启动命令的疑问

coat@Blue :~$ apache2ctl restart /usr/sbin/apache2ctl: 87: ulimit: error setting limit (Operation not permitted) httpd not running, trying to start (13)Permission denied: make_s......

coat
2013/12/08
1K
8
Redis源码分析系列六:initserver中

server.db = zmalloc(sizeof(redisDb)*server.dbnum); //开辟缓冲区 listenToPort(server.port,server.ipfd,&server.ipfd_count); 显然这个函数是监听端口 跟踪这个函数,进入,发现最终是掉...

强子哥哥
2013/10/17
0
0

没有更多内容

加载失败,请刷新页面

加载更多

工作中如何做好技术积累

参考:https://tech.meituan.com/study_vs_work.html 看了这篇文章,觉得总结得非常好,因此摘抄了一些关键点,以便自己经常翻阅。 引言 在繁忙的工作中做好技术积累,构建个人核心竞争力. 在...

grace_233
27分钟前
4
0
day146-2018-11-13-英语流利阅读-待学习

5 岁“牛娃”简历给 985 精英一个暴击 Lala 2018-11-13 1.今日导读 “不要让孩子输在起跑线上”,似乎已成为了当下最流行的名句,每个身为家长或还未成为家长的人都不得不思考这句话的分量。...

飞鱼说编程
40分钟前
4
0
Mariadb二进制包安装,Apache安装

安装mariadb 下载二进制包并解压 [root@test-a src]# wget https://downloads.mariadb.com/MariaDB/mariadb-10.2.6/bintar-linux-glibc_214-x86_64/mariadb-10.2.6-linux-glibc_214-x86_64.t......

野雪球
今天
4
0
ConcurrentHashMap 高并发性的实现机制

ConcurrentHashMap 的结构分析 为了更好的理解 ConcurrentHashMap 高并发的具体实现,让我们先探索它的结构模型。 ConcurrentHashMap 类中包含两个静态内部类 HashEntry 和 Segment。HashEnt...

TonyStarkSir
今天
5
0
大数据教程(7.4)HDFS的java客户端API(流处理方式)

博主上一篇博客分享了namenode和datanode的工作原理,本章节将继前面的HDFS的java客户端简单API后深度讲述HDFS流处理API。 场景:博主前面的文章介绍过HDFS上存的大文件会成不同的块存储在不...

em_aaron
昨天
4
0

没有更多内容

加载失败,请刷新页面

加载更多

返回顶部
顶部