Help us understand the problem. What is going on with this article?

Permission denied: AH00072: make_sock: could not bind to addre...:8081

※CentOS7にNginxとApacheでサイト構築際の書きメモです。

NginxとApacheでのConf設定内容

Nginx側の設定

/etc/nginx/conf.d/mysite.conf
server {        
    listen 80;      
    server_name www.example.com;        
    return 301 https://www.example.com$request_uri;     
}server {       
    listen 443 ssl;     
    server_name www.example.com;
    location / {        
        proxy_pass http://192.168.11.4:8081;        
        proxy_redirect off;     
        proxy_set_header Host $host;        
        proxy_set_header X-Real-IP $remote_addr;        
        proxy_set_header X-Forwarded-Host $host;        
        proxy_set_header X-Forwarded-Server $host;      
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;        
        proxy_set_header X-Request-URI $request_uri;        
    }       
} 

Apache側の設定

/etc/httpd/conf.d/mysite.conf
NameVirtualHost *:8081          
<VirtualHost 192.168.11.4:8081>         
    DocumentRoot /var/www/example/public            
    ServerName www.example.com              
    <Directory /var/www/example/public>         
        Options FollowSymLinks Indexes          
        AllowOverride All           
        Require all granted         
    </Directory>    
</VirtualHost>          

サーバ再起動

$ systemctl restart httpd
$ systemctl restart nginx

ブラウザURLに "https://www.example.com" を入力すると、下記エラーが発生した。
image.png
どうやらListen 8081を書き忘れたみたい。

/etc/httpd/conf/httpd.conf
Listen 8081      #該当行を追加する

今回はhttpdを再起動すると、再びエラー発生…

/etc/httpd/conf/httpd.conf
$ systemctl restart httpd
Job for httpd.service failed because the control process exited with error code. See "systemctl status httpd.service" and "journalctl -xe" for details.
$ systemctl status httpd
 httpd.service - The Apache HTTP Server
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
   Active: failed (Result: exit-code) since  2019-10-20 21:49:11 JST; 13s ago
     Docs: man:httpd(8)
           man:apachectl(8)
  Process: 12020 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited, status=1/FAILURE)
  Process: 12018 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND (code=exited, status=1/FAILURE)
 Main PID: 12018 (code=exited, status=1/FAILURE)

10 20 21:49:11 example.com httpd[12018]: (13)Permission denied: AH00072: make_sock: could not bind to addre...:8081
10 20 21:49:11 example.com httpd[12018]: (13)Permission denied: AH00072: make_sock: could not bind to addre...:8081
10 20 21:49:11 example.com httpd[12018]: no listening sockets available, shutting down
10 20 21:49:11 example.com httpd[12018]: AH00015: Unable to open logs
10 20 21:49:11 example.com systemd[1]: httpd.service: main process exited, code=exited, status=1/FAILURE
10 20 21:49:11 example.com kill[12020]: kill: cannot find process ""
10 20 21:49:11 example.com systemd[1]: httpd.service: control process exited, code=exited status=1
10 20 21:49:11 example.com systemd[1]: Failed to start The Apache HTTP Server.
10 20 21:49:11 example.com systemd[1]: Unit httpd.service entered failed state.
10 20 21:49:11 example.com systemd[1]: httpd.service failed.
Hint: Some lines were ellipsized, use -l to show in full.

make_sock: could not bind to addre...:8081の原因でエラー発生したので、firewalldにポート8081を追加する

$semanage port -a -t http_port_t -p tcp 8081
ValueError: ポート tcp/8081 はすでに定義されています

"すでに定義されています"と怒られてしまった。以下のコマンドで検索したら、transproxy_port_tに使われている。

$ semanage port -l | grep 8081
transproxy_port_t              tcp      8081  

仕方ない、ポート8081を断念し、ポート8007に変更することにした。
エラー原因が分かったので、対応が簡単です。
まず、Firewallにポート8007を開く

$semanage port -a -t http_port_t -p tcp 8007

次はnginx, httpdのconfファイルにポート番号8081を全て8007に編集する。
再度ブラウザURLに "https://www.example.com" を入力する。今回が無事に表示できた。
image.png

Why not register and get more from Qiita?
  1. We will deliver articles that match you
    By following users and tags, you can catch up information on technical fields that you are interested in as a whole
  2. you can read useful information later efficiently
    By "stocking" the articles you like, you can search right away
Comments
No comments
Sign up for free and join this conversation.
If you already have a Qiita account
Why do not you register as a user and use Qiita more conveniently?
You need to log in to use this function. Qiita can be used more conveniently after logging in.
You seem to be reading articles frequently this month. Qiita can be used more conveniently after logging in.
  1. We will deliver articles that match you
    By following users and tags, you can catch up information on technical fields that you are interested in as a whole
  2. you can read useful information later efficiently
    By "stocking" the articles you like, you can search right away
ユーザーは見つかりませんでした