Re: apache2: Could not open configuration file /etc/apache2/apache2.conf: Permission denied
- Date: Wed, 17 Oct 2018 05:38:11 +0000
- From: Steve Kemp <skx@xxxxxxxxxx>
- Subject: Re: apache2: Could not open configuration file /etc/apache2/apache2.conf: Permission denied
To recap you reported the original error:
> apache2: Could not open configuration file /etc/apache2/apache2.conf:
> Permission denied
Now you've provided more details, from your audit-log:
> type=AVC msg=audit(1539750555.347:77): apparmor="DENIED"
> operation="open" profile="/usr/sbin/apache2"
> name="/etc/apache2/apache2.conf" pid=17485 comm="apache2"
> requested_mask="r" denied_mask="r" fsuid=0 ouid=0
There you see "DENIED" along with "exit=-13". You can lookup
the meaning of "-13" via this command but I'll guess it correpondes to
EPERM ("permission denied"):
ausearch --interpret --exit -13
In conclusion: You're using apparmor, it prevented the process from
opening the configuration file, which stopped the service from starting.
That was logged explicitly :)
To fix this either:
1. Fix apparmor so that you can open the file.
2. Disable apparmor.
The first might be as simple as `systemctl restart apparmor.service`,
that's working on the basis that:
* You had apparmor installed.
* You've now just installed apache.
* This will have given you new apparmor rules.
* But they won't be loaded because apparmor wasn't reloaded.
* So apache failed.
I'm not 100% sure if that is the case, but it seems likely. If not
you'll need to do some reading. Perhaps start here: