文档章节

php-fpm error unable to bind listening socket for

china008
 china008
发布于 2015/08/26 15:44
字数 356
阅读 97
收藏 0

0 down vote

SELinux can be configured to stop programs from opening ports, even ports above 1024. This can be a useful protection against malware.


If SELinux is enabled (which you can check by running getenforce - if the respons is Enforced, that means that SELinux is active), there are two ways of fixing the problem.


First, the easy way. This one is to simply disable SELinux. The downside is that your server is now far more vulnerable to compromise/hacking/attacks. If you do choose to make your server less secure, you can run the command setenforce 0. You will also need to change the configuration to stop it from being reactivated after restart; this is done by editing the file /etc/selinux/config and changing the line


SELINUX=enforcing

to


SELINUX=disabled

Second, the secure way . This is to change your selinux configuration to allow this port to be opened. Since SELinux is a very complicated thing - as it must be, to do what it does - it takes a bit of work. There is one shortcut, though, which is to let SELinux itself figure out what new permissions it needs to allow.


In order to do this, you start by setting SELinux to permissive instead of disabled. This means that SELinux won't be enforcing its rules, but it will log the information about everything that it would have stopped if it had been enforcing them. Once you've had your application running, you can pass the contents of the log to audit2allow which will help you create the rules you need:


grep php-fpm /var/log/audit/audit.log | audit2allow -m phpfpm > phpfpmlocal.tmp

You should look in the file phpfpmlocal.tmp to verify that the permissions look OK. Once you've done so, and made any edits that seem reasonable to you, re-run audit2allow again to build the module, and semodule to load it


grep php-fpm /var/log/audit/audit.log | audit2allow -M phpfpmlocal

semodule -i phpfmlocal.pp 

Once the new module is loaded, you can turn enforcement back on.


本文转载自:http://unix.stackexchange.com/questions/180460/php-fpm-error-unable-to-bind-listening-socket-for-...

共有 人打赏支持
china008
粉丝 5
博文 286
码字总数 30406
作品 0
海淀
ERROR: unable to bind listening socket for address '127.0.0.1:9000': Address already in use

刚安装完PHP,启动时报错: # /etc/init.d/php-fpm start Starting php-fpm [15-Apr-2017 13:21:13] ERROR: unable to bind listening socket for address '127.0.0.1:9000': Address alrea......

sentu
2017/04/16
0
0
关于FPM的安装问题

用 /usr/local/php/sbin/php-fpm启动FPM,总是出现unable to bind listening socket for address '127.0.0.1:9000': Address already in use (98), FPM initialization failed。。。这个报错......

Teomc.Xbc
2012/09/20
1K
2
pthreads(一)php7只支持在cli模式下使用pthreads扩展

1 ERROR! 用php7了,编译之后安装好扩展,运行php-fpm时报错,在公司没有解决,回家在mac上复现: [24-Mar-2016 23:06:50] NOTICE: PHP message: PHP Fatal error: The fpm-fcgi SAPI is no...

燕玉苗
2016/10/17
3
0
关于apache2在linux启动命令的疑问

coat@Blue :~$ apache2ctl restart /usr/sbin/apache2ctl: 87: ulimit: error setting limit (Operation not permitted) httpd not running, trying to start (13)Permission denied: make_s......

coat
2013/12/08
1K
8
FastCGI 协议分析与C语言实现实例

考虑让我的 web server 增加对 PHP 的支持,这就要用到 php 解析器来将客户端请求的 php 文件解析为静态资源,再由我的 web server 将其返回到客户端,php-fpm 就可以来帮我们完成这个工作。...

Tanswer_
2017/12/23
0
0

没有更多内容

加载失败,请刷新页面

加载更多

Kafka技术资料总结(不断更新中)

1、Kafka实践:到底该不该把不同类型的消息放在同一个主题中 2、Kafka剖析系列: Kafka剖析(一):Kafka背景及架构介绍 Kafka设计解析(二):Kafka High Availability (上)...

九州暮云
34分钟前
1
0
面向对象设计原则(OOP)

单一职责原则(Single responsibility principle)又称单一功能原则。它规定一个类应该只有一个发生变化的原因。 核心原则:低耦合,高内聚。 一个类,应该只有一个引起它变化的原因,也就是...

gackey
今天
4
0
C++ 锁

C++提供了两种常用的锁,std::lock_guard<Lockable &T>和std::unique_lock<Lockable &T>。通常使用场景下,这两个锁用法一致。即,在构造锁对象时上锁,在析构锁对象时解锁。使用户从上锁/解...

yepanl
今天
4
0
Kali Linux Docker 練習

docker pull kalilinux/kali-linux-docker docker run -t -i kalilinux/kali-linux-docker /bin/bash apt-get update apt-get install htop apt-get install nmap apt-get install wpscan ap......

BaiyuanLab
今天
4
0
通俗大白话来理解TCP协议的三次握手和四次分手

最近在恶补计算机网络方面的知识,之前对于TCP的三次握手和四次分手也是模模糊糊,对于其中的细节更是浑然不知,最近看了很多这方面的知识,也在系统的学习计算机网络,加深自己的CS功底,就...

onedotdot
今天
4
0

没有更多内容

加载失败,请刷新页面

加载更多

返回顶部
顶部