Fedora Core 4 and AJP

I was greeted this morning with a big error page when I checked this site was running. Good morning to you too Apache!

So I checked the logs, expecting something I’ve seen before, like MySQL shutting itself down spontaneously, but for the life of me I couldn’t find anything helpful in the logs. Server down, no errors in the usual logs - this is obviously a new experience! Also a very confusing experience.

Eventually I tracked it down to the AJP connection between Apache and Tomcat. From the AJP log:

> \[jk\_ajp\_common.c (720)\]: Error connecting to tomcat. Tomcat is probably not started or is listening on the wrong host/port (127.0.0.1:8009). Failed errno = 13

Apparently Tomcat wasn’t listening for AJP connections on port 8009 - even though netstat said it was.

I only had to do a cursory scan of Google to discover that the SELinux (Security-Enhanced Linux) package blocks these kinds of connections by default in FC4. Presumbly one of the updates I’d done recently kicked in at some point.

All I had to do to get the page back up and running was the following:

> setsebool httpd\_can\_network_connect=1

Les Hazlewood - Feb 3, 2006

Thank you so much for posting this. I spent about 3 hours trying to find out why mod_jk wasn’t working, when netstat verfied 8009 was open. You’re post saved the rest of my day ;) Thanks! Les selinux….not…cool….hidden rage….kill ‘puter….grumble grumble…. :)