The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My work

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,799 other followers

OpenSuSE Tumbleweed: When apache breaks with “Invalid argument: AH00069: make_sock: for address [::]:443”

Posted by jpluimers on 2017/06/28

I had this strange break down of Apache 2 after updating to the most recent openSuSE Tumbleweed in the /var/log/apache2/error_log:

[Wed Jun 28 10:04:19.955991 2017] [ssl:info] [pid 27786] AH01887: Init: Initializing (virtual) servers for SSL
[Wed Jun 28 10:04:19.962449 2017] [ssl:info] [pid 27786] AH01876: mod_ssl/2.4.26 compiled against Server: Apache/2.4.26, Library: OpenSSL/1.0.2k
AH00558: httpd-prefork: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1. Set the 'ServerName' directive globally to suppress this message
[Wed Jun 28 10:04:20.029863 2017] [core:crit] [pid 27786] (22)Invalid argument: AH00069: make_sock: for address [::]:443, apr_socket_opt_set: (IPV6_V6ONLY)
(98)Address already in use: AH00072: make_sock: could not bind to address [::]:443
(98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:443
[Wed Jun 28 10:04:20.029935 2017] [mpm_prefork:alert] [pid 27786] no listening sockets available, shutting down

This didn’t give any results for processes having port 443 open:

# /usr/bin/netstat --verbose --all --numeric | grep 443

The commands below didn’t help much either.

So I started digging in port 443 binding:

# grep -wr 443 /etc/apache2/ | grep -w Listen
/etc/apache2/httpd.conf:Listen 443
/etc/apache2/listen.conf:#       Listen directives: "Listen [::]:443" and "Listen 0.0.0.0:443"
/etc/apache2/listen.conf:#Listen 443
/etc/apache2/listen.conf: Listen 443

The below fragments had been there since 2016, so I tracked them down using etckeeper:

  • httpd.conf was modified by letsencrypt
  • listen.conf was modified by zypper when installing apache2-2.4.23-3.2.x86_64.

Apparently this has never been a problem, but as of apache2-2.4.26-1.1.x86_64 it is.

So I removed the entry from httpd.conf, started apache2.service and verified it works:

# systemctl start apache2.service
#
# journalctl -xe -u apache2.service
Jun 28 10:26:59 revue systemd[1]: Starting The Apache Webserver...
-- Subject: Unit apache2.service has begun start-up
-- Defined-By: systemd
-- Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- Unit apache2.service has begun starting up.
Jun 28 10:26:59 revue start_apache2[29372]: AH00558: httpd-prefork: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1. Set the 'ServerName' directive globally to suppress this message
Jun 28 10:27:00 revue systemd[1]: Started The Apache Webserver.
-- Subject: Unit apache2.service has finished start-up
-- Defined-By: systemd
-- Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- Unit apache2.service has finished starting up.
-- 
-- The start-up result is done.

Next step is to see if letsencrypt will re-add them and if so: file a bug.

It might have been an old letsencrypt thing that is now fixed:

Listen 443 entries in /etc/apache2:

 

These didn’t reveal much

# systemctl start apache2.service
Job for apache2.service failed because the control process exited with error code.
See "systemctl  status apache2.service" and "journalctl  -xe" for details.

# systemctl status apache2.service
● apache2.service - The Apache Webserver
   Loaded: loaded (/usr/lib/systemd/system/apache2.service; enabled; vendor preset: disabled)
   Active: failed (Result: exit-code) since Wed 2017-06-28 10:04:20 CEST; 31s ago
  Process: 27786 ExecStart=/usr/sbin/start_apache2 -DSYSTEMD -DFOREGROUND -k start (code=exited, status=1/FAILURE)
 Main PID: 27786 (code=exited, status=1/FAILURE)

Jun 28 10:04:19 revue systemd[1]: Starting The Apache Webserver...
Jun 28 10:04:19 revue start_apache2[27786]: AH00558: httpd-prefork: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1. Set the 'ServerName' directive globally to suppress this message
Jun 28 10:04:19 revue start_apache2[27786]: (98)Address already in use: AH00072: make_sock: could not bind to address [::]:443
Jun 28 10:04:20 revue systemd[1]: apache2.service: Main process exited, code=exited, status=1/FAILURE
Jun 28 10:04:20 revue systemd[1]: Failed to start The Apache Webserver.
Jun 28 10:04:20 revue systemd[1]: apache2.service: Unit entered failed state.
Jun 28 10:04:20 revue systemd[1]: apache2.service: Failed with result 'exit-code'.

# journalctl -xe -u apache2.service
Jun 28 10:04:19 revue systemd[1]: Starting The Apache Webserver...
-- Subject: Unit apache2.service has begun start-up
-- Defined-By: systemd
-- Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- Unit apache2.service has begun starting up.
Jun 28 10:04:19 revue start_apache2[27786]: AH00558: httpd-prefork: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1. Set the 'ServerName' directive globally to suppress this message
Jun 28 10:04:19 revue start_apache2[27786]: (98)Address already in use: AH00072: make_sock: could not bind to address [::]:443
Jun 28 10:04:20 revue systemd[1]: apache2.service: Main process exited, code=exited, status=1/FAILURE
Jun 28 10:04:20 revue systemd[1]: Failed to start The Apache Webserver.
-- Subject: Unit apache2.service has failed
-- Defined-By: systemd
-- Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- Unit apache2.service has failed.
-- 
-- The result is failed.
Jun 28 10:04:20 revue systemd[1]: apache2.service: Unit entered failed state.
Jun 28 10:04:20 revue systemd[1]: apache2.service: Failed with result 'exit-code'.

–jeroen

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: