Sometimes we want Apache to listen on a port other than the default 80. To achieve this on a Fedora box, one needs to modify its configuration file /etc/httpd/conf/httpd.conf. Change the port number on the line 'Listen 80' to the number you like. If virtual hosts are used, change the related port number as well, eg. NameVirtualHost *:8000. However, when you restart Apache after configuration changes, you may encounter errors like the following, even if you are root:
Starting httpd: (13)Permission denied: make_sock: could not bind to address [::]:8000 (13)Permission denied: make_sock: could not bind to address 0.0.0.0:8000 no listening sockets available, shutting down Unable to open logs [FAILED]
This is due to the SELinux policy which prevents Apache from binding to the port you've selected. You can use this shell command to check whether SELinux is in enforcing mode or permissive mode:
cat /selinux/enforce
Output 1 indicates it's in enforcing mode and 0 permissive mode. To resolve this, you can do either of the following:
1) Switch SELinux to permissive mode You can do so with the following shell command:
echo 0 > /selinux/enforce or setenforce 0
However, this is not recommended due to security concerns.
2) Use a port that Apache can currently bind to Try the command:
semanage port -l | grep http
This would output something like the following:
http_cache_port_t tcp 3128, 8080, 8118, 11211, 10001-10010 http_cache_port_t udp 3130, 11211 http_port_t tcp 80, 443, 488, 8008, 8009, 8443 pegasus_http_port_t tcp 5988 pegasus_https_port_t tcp 5989
The list of http_port_t shows that Apache can bind to ports 80, 443, 488, 8008, 8009, 8443. So use a port in this list such as 8008.
3) Add a new port to the http_port_t list You can use the following shell command to add a new port you want to use, say 90
semanage port -a -t http_port_t -p tcp 90
After these changes, restart Apache:
service httpd restart
The previous error should be gone.
Share this Blog with colleagues
