Odin PBAS/OBAS 443 already listening

PBAS/OBAS presented with the following error. Having had the service stop. All eyes turn to me, ass falls out of my world. Error message goes a little like this when trying to re/start http.

[root@pbas conf.d]# /etc/init.d/httpd start
Starting httpd: [Thu Feb 11 14:47:41 2016] [warn] module proxy_ajp_module is already loaded, skipping
[Thu Feb 11 14:47:41 2016] [warn] module ssl_module is already loaded, skipping
[Thu Feb 11 14:47:41 2016] [warn] _default_ VirtualHost overlap on port 443, the first has precedence
(98)Address already in use: make_sock: could not bind to address 0.0.0.0:443
no listening sockets available, shutting down
Unable to open logs
[FAILED]

Unable to open the logs is not anything to do with this.

Checking netstat -lntpe , it is very much apparent that this in part a lie as there is nothing listening on any 443 port at all, zero. Logs, equally, all good. Permissions spot on. So something else has gone wrong.

The error followed an update. More specifically a twitch like habit of yum update. Realistically this is a bad idea.

What has happened is that it has introduced a completely eroneous line that while is “standard” – is not “standard” in the OBAS world. As such – rather than adding the SSL configs into the file called ssl.conf they made their own.

The upshot is as it pulls together the config – sure enough – you are trying to get things to listen on 443 more than once. Heavens no, think of the children!

So – with that in mind:

mv /etc/httpd/conf.d/ssl.conf /etc/httpd/conf.d/ssl.conf.`date +%F`.backup

This occurs when *cough* an update takes place that is not in the way they suggest.

The way to yum update OBAS/PBAS safely they suggest can be found here:

https://kb.odin.com/en/8993

In short for current (at the time of writing) OBAS/PBAS running within a virtuozzo container should run a little like this.

yum update -x perl -x mod_perl -x perl-Pod-Simple -x perl-libs -x perl-Digest-SHA -x perl-Compress-Raw-Zlib -x perl-Pod-Escapes -x perl-version -x perl-Compress-Zlib -x perl-IO-Compress-Bzip2 -x perl-IO-Compress-Base -x perl-CGI -x perl-IO-Compress-Zlib -x perl-suidperl -x perl-Time-HiRes -x perl-Module-Pluggable -x perl-SOAP-Lite -x iproute -x whois -x jwhois

So – what did we learn in class today…. they have not pinned or locked down everything they should (why on EARTH would you want to keep your distribution patched and up to date?!), and they have put the SSL configuration in a different file.   …that and it took me far longer than it should have done to realise.

Leave a Reply

Your email address will not be published. Required fields are marked *

%d bloggers like this:
Skip to toolbar