It is because selinux policy is forbidding it to access the port. Solution - use semanage to allow this port to be used or disable selinux in /etc/sysconfig/selinux.
--
Pozdrawiam,
Zuzanna K. Filutowska
W dniu 23 paź 2015, 17:30, o 17:30, użytkownik Makis Ladoukakis
makis4ever@hotmail.com napisał:
>Hello,
>
>That didn't work. The apache restart failed with the following error:
>
>SELinux is preventing /usr/sbin/httpd from name_bind access on the
>tcp_socket port 8081.
>
>Any idea why?
>
>Kind regards,
>Makis
>
>Subject: Re: [galaxy-dev] FW: Galaxy on Centos via Apache - connection
>refused
>From: jcsanchez2@gmail.com
>Date: Tue, 20 Oct 2015 22:25:00 +1030
>CC: galaxy-dev@lists.bx.psu.edu
>To: makis4ever@hotmail.com
>
>
>Hi,If you have a line in your Apache conf like "Listen 80"change to
>"Listen 8081"
>
>
>On 20 Oct 2015, at 21:00, Makis Ladoukakis
makis4ever@hotmail.com
>wrote:
>
>
>
>
>Hello,
>
>I am sorry but I have really no experience with setting up the Apache
>web server so I am not really sure how to do that. Can you please help
>me out with it? My apache configuration file is in /etc/httpd/conf/
>directory and there are no directories such as /sites-available/ or
>/sites-enabled/ (as I would find in an ubuntu installation).
>
>What I did already (after some advice from the server admin) is open up
>the 8081 port like that:
>
>
>
>firewall-cmd
> --permanent --add-port=8081/tcp
>
>firewall-cmd
> --reload
>
>
>and then I got another error:
>
>
>
> [cgi:error] [pid
>29603] [client 115.230.124.164:4559] script not found or unable to
>stat:
>/var/www/cgi-bin/common
>
>[autoindex:error]
>[pid 29716] [client 218.76.28.36:4468] AH01276: Cannot serve directory
>/var/www/html/: No matching DirectoryIndex (index.html,index.php)
>found, and
>server-generated directory index forbidden by Options directive
>
>
>which I tried to solve by adding welcome.html as a recognizable
>filename in the apache configuration:
>
>
>
><IfModule dir_module>
>
>DirectoryIndex index.html welcome.html
>
></IfModule>
>
>
>but nothing worked and now the error_log shows the following:
>
>[Tue Oct 20 13:15:23.719295 2015] [mpm_prefork:notice] [pid 29598]
>AH00170: caught SIGWINCH, shutting down gracefully
>[Tue Oct 20 13:15:24.810684 2015] [core:notice] [pid 46896] SELinux
>policy enabled; httpd running as context system_u:system_r:httpd_t:s0
>[Tue Oct 20 13:15:24.811647 2015] [suexec:notice] [pid 46896] AH01232:
>suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
>[Tue Oct 20 13:15:24.846399 2015] [so:warn] [pid 46896] AH01574: module
>wsgi_module is already loaded, skipping
>[Tue Oct 20 13:15:24.847316 2015] [auth_digest:notice] [pid 46896]
>AH01757: generating secret for digest authentication ...
>[Tue Oct 20 13:15:24.848294 2015] [lbmethod_heartbeat:notice] [pid
>46896] AH02282: No slotmem from mod_heartmonitor
>[Tue Oct 20 13:15:24.870033 2015] [mpm_prefork:notice] [pid 46896]
>AH00163: Apache/2.4.6 (CentOS) PHP/5.4.16 mod_wsgi/3.4 Python/2.7.5
>configured -- resuming normal operations
>[Tue Oct 20 13:15:24.870075 2015] [core:notice] [pid 46896] AH00094:
>Command line: '/usr/sbin/httpd -D FOREGROUND'
>
>And the webpage that galaxy is supposed to appear is still blank.
>
>Any ideas?
>
>Thank you,
>Makis
>
>
>
>Date: Tue, 20 Oct 2015 11:01:44 +1030
>Subject: Re: [galaxy-dev] FW: Galaxy on Centos via Apache - connection
>refused
>From: jcsanchez2@gmail.com
>To: makis4ever@hotmail.com
>CC: galaxy-dev@lists.bx.psu.edu
>
>hi,
>Maybe sounds silly, but have you tried to put the apache configuration
>in a virtual host within the sites-enable site?
>
>cheersjc
>On Tue, Oct 20, 2015 at 12:36 AM, Makis Ladoukakis
>
makis4ever@hotmail.com wrote:
>
>
>
>Forwading to this list too. I am not sure if they are two separate
>lists.
>
>Makis
>
>From: makis4ever@hotmail.com
>To: galaxy-dev@lists.galaxyproject.org
>Date: Mon, 19 Oct 2015 17:04:13 +0300
>Subject: [galaxy-dev] Galaxy on Centos via Apache - connection refused
>
>
>
>
>Dear all,
>
>I've been trying to set up a Galaxy instance on my CentOS server but
>even when I manage to run the simplest configuration correctly I can't
>seem to get it right on my browser as the connection is refused.
>
>I have changed the host to 0.0.0.0, the port to 8081 and made the
>appropriate changes in Apache configuration file:
>
>RewriteEngine on
>RewriteRule ^/galaxy_test(.*)
http://localhost:8081$1 [P]
>RewriteRule ^/galaxy_test$ /galaxy_test/ [R]
>RewriteRule ^/galaxy_test/static/style/(.*)
>/home/galaxy_test/galaxy/static/june_2007_style/blue/$1 [L]
>RewriteRule ^/galaxy_test/static/scripts/(.*)
>/home/galaxy_test/galaxy/static/scripts/packed/$1 [L]
>RewriteRule ^/galaxy_test/static/(.*)
>/home/galaxy_test/galaxy/static/$1 [L]
>RewriteRule ^/galaxy_test/favicon.ico
>/home/galaxy_test/galaxy/static/favicon.ico [L]
>RewriteRule ^/galaxy_test/robots.txt
>/home/galaxy_test/galaxy/static/robots.txt [L]
>
>So when I tried to run it the first time I got the "temporarily out of
>service" error on my browser and the following error in apache log:
>
>[Mon Oct 19 05:56:45.308714 2015] [proxy:error] [pid 18505]
>(13)Permission denied: AH00957: HTTP: attempt to connect to
>127.0.0.1:8081 (*) failed
>[Mon Oct 19 05:56:45.308774 2015] [proxy_http:error] [pid 18505]
>[client 185.25.151.159:39629] AH01114: HTTP: failed to make connection
>to backend: localhost
>
>Searching the internet I found the following solution:
>
>
>
>/usr/sbin/setsebool
>httpd_can_network_connect 1
>
>
>/usr/sbin/setsebool -P
>httpd_can_network_connect 1
>
>
>
>
>but when I restarted my galaxy my browser would now show just a blank
>page and the error log of apache was:
>
>[Mon Oct 19 15:29:09.425120 2015] [proxy:error] [pid 29699]
>(111)Connection refused: AH00957: HTTP: attempt to connect to
>127.0.0.1:8081 (*) failed
>[Mon Oct 19 15:29:09.425167 2015] [proxy_http:error] [pid 29699]
>[client 147.102.86.121:51865] AH01114: HTTP: failed to make connection
>to backend: localhost
>
>
>Has anyone encountered that?
>
>Kind regards,
>Makis
>
>
>
>
>
>
>P.S. In case that helps the output of iptables -L is the following:
>Chain INPUT (policy ACCEPT)
>target prot opt source destination
>ACCEPT all -- anywhere anywhere ctstate
>RELATED,ESTABLISHED
>ACCEPT all -- anywhere anywhere
>INPUT_direct all -- anywhere anywhere
>INPUT_ZONES_SOURCE all -- anywhere anywhere
>INPUT_ZONES all -- anywhere anywhere
>ACCEPT icmp -- anywhere anywhere
>REJECT all -- anywhere anywhere
>reject-with icmp-host-prohibited
>
>Chain FORWARD (policy ACCEPT)
>target prot opt source destination
>ACCEPT all -- anywhere anywhere ctstate
>RELATED,ESTABLISHED
>ACCEPT all -- anywhere anywhere
>FORWARD_direct all -- anywhere anywhere
>FORWARD_IN_ZONES_SOURCE all -- anywhere anywhere
>
>FORWARD_IN_ZONES all -- anywhere anywhere
>FORWARD_OUT_ZONES_SOURCE all -- anywhere anywhere
>
>FORWARD_OUT_ZONES all -- anywhere anywhere
>ACCEPT icmp -- anywhere anywhere
>REJECT all -- anywhere anywhere
>reject-with icmp-host-prohibited
>
>Chain OUTPUT (policy ACCEPT)
>target prot opt source destination
>OUTPUT_direct all -- anywhere anywhere
>
>Chain FORWARD_IN_ZONES (1 references)
>target prot opt source destination
>FWDI_public all -- anywhere anywhere [goto]
>FWDI_public all -- anywhere anywhere [goto]
>
>Chain FORWARD_IN_ZONES_SOURCE (1 references)
>target prot opt source destination
>
>Chain FORWARD_OUT_ZONES (1 references)
>target prot opt source destination
>FWDO_public all -- anywhere anywhere [goto]
>FWDO_public all -- anywhere anywhere [goto]
>
>Chain FORWARD_OUT_ZONES_SOURCE (1 references)
>target prot opt source destination
>
>Chain FORWARD_direct (1 references)
>target prot opt source destination
>
>Chain FWDI_public (2 references)
>target prot opt source destination
>FWDI_public_log all -- anywhere anywhere
>FWDI_public_deny all -- anywhere anywhere
>FWDI_public_allow all -- anywhere anywhere
>
>Chain FWDI_public_allow (1 references)
>target prot opt source destination
>
>Chain FWDI_public_deny (1 references)
>target prot opt source destination
>
>Chain FWDI_public_log (1 references)
>target prot opt source destination
>
>Chain FWDO_public (2 references)
>target prot opt source destination
>FWDO_public_log all -- anywhere anywhere
>FWDO_public_deny all -- anywhere anywhere
>FWDO_public_allow all -- anywhere anywhere
>
>Chain FWDO_public_allow (1 references)
>target prot opt source destination
>
>Chain FWDO_public_deny (1 references)
>target prot opt source destination
>
>Chain FWDO_public_log (1 references)
>target prot opt source destination
>
>Chain INPUT_ZONES (1 references)
>target prot opt source destination
>IN_public all -- anywhere anywhere [goto]
>IN_public all -- anywhere anywhere [goto]
>
>Chain INPUT_ZONES_SOURCE (1 references)
>target prot opt source destination
>
>Chain INPUT_direct (1 references)
>target prot opt source destination
>
>Chain IN_public (2 references)
>target prot opt source destination
>IN_public_log all -- anywhere anywhere
>IN_public_deny all -- anywhere anywhere
>IN_public_allow all -- anywhere anywhere
>
>Chain IN_public_allow (1 references)
>target prot opt source destination
>ACCEPT tcp -- anywhere anywhere tcp
>dpt:http ctstate NEW
>ACCEPT tcp -- anywhere anywhere tcp
>dpt:ssh ctstate NEW
>ACCEPT tcp -- anywhere anywhere tcp
>dpt:https ctstate NEW
>
>Chain IN_public_deny (1 references)
>target prot opt source destination
>
>Chain IN_public_log (1 references)
>target prot opt source destination
>
>Chain OUTPUT_direct (1 references)
>target prot opt source destination
>
>
>
>
>
>
>___________________________________________________________
>Please keep all replies on the list by using "reply all"
>in your mail client. To manage your subscriptions to this
>and other Galaxy lists, please use the interface at:
>
https://lists.galaxyproject.org/
>
>To search Galaxy mailing lists use the unified search at:
>
http://galaxyproject.org/search/mailinglists/
>
>___________________________________________________________
>
>Please keep all replies on the list by using "reply all"
>
>in your mail client. To manage your subscriptions to this
>
>and other Galaxy lists, please use the interface at:
>
>
https://lists.galaxyproject.org/
>
>
>
>To search Galaxy mailing lists use the unified search at:
>
>
http://galaxyproject.org/search/mailinglists/
>
>
>
>
>------------------------------------------------------------------------
>
>___________________________________________________________
>Please keep all replies on the list by using "reply all"
>in your mail client. To manage your subscriptions to this
>and other Galaxy lists, please use the interface at:
>
https://lists.galaxyproject.org/
>
>To search Galaxy mailing lists use the unified search at:
>
http://galaxyproject.org/search/mailinglists/