大佬教程收集整理的这篇文章主要介绍了我必须修改以使SELinux允许nginx充当IMAP / POP3代理?,大佬教程大佬觉得挺不错的,现在分享给大家,也给大家做个参考。
如何在不禁用其保护的情况下更改SELinux的配置,以允许Nginx按需运行?
audit.log
type=AVC msg=audit(1429125129.833:2286): avc: denied { name_bind } for pid=26451 comm="Nginx" src=143 scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:object_r:pop_port_t:s0 tclass=tcp_socket
Nginx.conf
@H_378_20@mail { auth_http unix:/run/Nginx-mailauth@L_197_10@ck; ssl_prefer_server_ciphers on; ssl_session_cache shared:mail-TLSSL:16m; ssl_session_timeout 10m; ssl_session_tickets on; ssl_certificate /etc/pki/tls/certs/mail.example.com.cer; ssl_certificate_key /etc/pki/tls/private/mail.example.com.key; ssl_session_ticket_key /etc/pki/tls/private/mail.example.com-session_ticket.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #For antimony-webmail imap_capabilities "IMAP4rev1" "ACL" "BINARY" "CATENATE" "CHILDREN" "CONDSTORE" "ENABLE" "ESEARCH" "ID" "IDLE" "LIST-EXTENDED" "LITERAL+" "MULTIAPPEND" "NAMESPACE" server { protocol imap; listen 143; starttls only; } server { protocol imap; listen 993; ssl on; } #For antimony-webmail pop3_capabilities "EXPIRE 31 USER" "TOP" "UIDL" "USER" "XOIP"; server { protocol pop3; listen 110; starttls only; pop3_auth plain; } server { protocol pop3; listen 995; ssl on; pop3_auth plain; } }systemctl
[root@mail ~]# systemctl start Nginx Job for Nginx.service Failed. See 'systemctl status Nginx.service' and 'journalctl -xn' for details. [root@mail ~]# systemctl status Nginx.service Nginx.service - The Nginx http and reverse proxy server Loaded: loaded (/usr/lib/systemd/system/Nginx.service; disabled) Active: Failed (Result: exit-codE) since Wed 2015-04-15 12:12:09 PDT; 5s ago Process: 26446 ExecStop=/bin/kill -s QUIT $MAINPID (code=exited,status=0/succesS) Process: 25373 ExecReload=/bin/kill -s HUP $MAINPID (code=exited,status=0/succesS) Process: 26400 ExecStart=/usr/sbin/Nginx (code=exited,status=0/succesS) Process: 26451 ExecStartPre=/usr/sbin/Nginx -t (code=exited,status=1/FAILURE) Main PID: 26402 (code=exited,status=0/succesS) Apr 15 12:12:09 mail.dev.example.com Nginx[26451]: Nginx: the configuration file /etc/Nginx/Nginx.conf Syntax is ok Apr 15 12:12:09 mail.dev.example.com Nginx[26451]: Nginx: [emerg] bind() to 0.0.0.0:143 Failed (13: Permission denied) Apr 15 12:12:09 mail.dev.example.com Nginx[26451]: Nginx: configuration file /etc/Nginx/Nginx.conf test Failed Apr 15 12:12:09 mail.dev.example.com systemd[1]: Nginx.service: control process exited,code=exited status=1 Apr 15 12:12:09 mail.dev.example.com systemd[1]: Failed to start The Nginx http and reverse proxy server. Apr 15 12:12:09 mail.dev.example.com systemd[1]: Unit Nginx.service entered Failed state.
以上是大佬教程为你收集整理的我必须修改以使SELinux允许nginx充当IMAP / POP3代理?全部内容,希望文章能够帮你解决我必须修改以使SELinux允许nginx充当IMAP / POP3代理?所遇到的程序开发问题。
如果觉得大佬教程网站内容还不错,欢迎将大佬教程推荐给程序员好友。
本图文内容来源于网友网络收集整理提供,作为学习参考使用,版权属于原作者。
如您有任何意见或建议可联系处理。小编QQ:384754419,请注明来意。