the last days I was working with my experimental installation of CactiEZ. I have updated my installation of CactiEZ to the latest versions of system packages and Cacti files/plugins. I shut down my PC, went to home and tried to finish the installation. But when I started up my VM, I noticed that the Apache web server did not start. The following message appear when I tried to start the web server manually:
[root@localhost ~]# service httpd start
Starting httpd: /usr/sbin/httpd: error while loading shared libraries: libpcre.so.0: cannot open shared object file: Permission denied
It appears that SELinux is responsible for this. Probably SELinux is activated or installed while I did an update with yum update. I found out that SELinux was operating in “enforcing mode”, which is the default setting.
The following information can be found on the centos wiki:
SELinux has 3 basic modes of operation out of which Enforcing is set as the default mode.
Enforcing: The default mode which will enable and enforce the SELinux security policy on the system, denying access and logging actions
Permissive: In Permissive mode, SELinux is enabled but will not enforce the security policy, only warn and log actions. Permissive mode is useful for troubleshooting SELinux issues
Disabled: SELinux is turned off
It was clear for me that I want to force the SELinux mode to disabled. I modified the /etc/selinux/config file, and set the default mode to disabled (so that this setting is surviving a reboot). Now, after a reboot, the web server is starting successfully.
- My /etc/selinux/config file:
[root@localhost ~]# more /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing – SELinux security policy is enforced.
# permissive – SELinux prints warnings instead of enforcing.
# disabled – No SELinux policy is loaded.
# SELINUXTYPE= can take one of these two values:
# targeted – Only targeted network daemons are protected.
# strict – Full SELinux protection.