Could not reliably determine the server's fully qualified domain name

Question

I was following this tutorial to setup two virtual hosts in Centos 7.

The issue is i am getting the following error while restarting the httpd.

[userme@server ~]$ sudo systemctl restart httpd.service 
[sudo] password for userme: 
Job for httpd.service failed because the control process exited with error code. See "systemctl status httpd.service" and "journalctl -xe" for details.

My configurations are

[userme@server ~]$ cat /etc/hosts
127.0.0.1   server.workstation.com server
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6

[userme@server ~]$ hostname
server.workstation.com

[userme@server ~]$ cat /etc/sysconfig/network
# Created by anaconda
NETWORKING=yes
HOSTNAME=server


[userme@server ~]$ cat /etc/resolv.conf 
# Generated by NetworkManager
search workstation.com
nameserver fe80::1%p3p1
nameserver 192.168.100.1


[userme@server ~]$ domainname 
(none)

EDIT As per request

[userme@server ~]$ systemctl status httpd -l
● httpd.service - The Apache HTTP Server
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
   Active: failed (Result: exit-code) since Thu 2018-01-18 12:55:25 +04; 57min ago
     Docs: man:httpd(8)
           man:apachectl(8)
  Process: 1285 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited, status=1/FAILURE)
  Process: 1283 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND (code=exited, status=1/FAILURE)
 Main PID: 1283 (code=exited, status=1/FAILURE)

Jan 18 12:55:25 server.workstation.com systemd[1]: Starting The Apache HTTP Server...
Jan 18 12:55:25 server.workstation.com httpd[1283]: AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using server.workstation.com. Set the 'ServerName' directive globally to suppress this message
Jan 18 12:55:25 server.workstation.com systemd[1]: httpd.service: main process exited, code=exited, status=1/FAILURE
Jan 18 12:55:25 server.workstation.com kill[1285]: kill: cannot find process ""
Jan 18 12:55:25 server.workstation.com systemd[1]: httpd.service: control process exited, code=exited status=1
Jan 18 12:55:25 server.workstation.com systemd[1]: Failed to start The Apache HTTP Server.
Jan 18 12:55:25 server.workstation.com systemd[1]: Unit httpd.service entered failed state.
Jan 18 12:55:25 server.workstation.com systemd[1]: httpd.service failed.


[userme@server ~]$ sudo firewall-cmd --list-all
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: p3p1
  sources: 
  services: ssh dhcpv6-client
  ports: 
  protocols: 
  masquerade: no
  forward-ports: 
  source-ports: 
  icmp-blocks: 
  rich rules:

[userme@server ~]$ apachectl configtest
Syntax OK

What is the issue with my network/hostname settings ? Any help would be appreciated.

That's usually just a warning, not a fatal error. So what's the output of `systemctl status httpd -l`? — Ulrich Schwarz, Jan 18 '18 at 09:52
Note that the `domainname` utility has little to do with a host's hostname. It gives the YP/NIS domain name, which is something else. — Kusalananda, Jan 18 '18 at 09:53
@Kusalananda Hmm, i am not using NIS/YP here. So i don't need to worry about the blank `domainname` output, right ? — ran, Jan 18 '18 at 10:00
@ran Correct. That's normal behaviour if you're not using YP/NIS. — Kusalananda, Jan 18 '18 at 10:01
try either merging the two 127.0.0.1 records in `/etc/hosts` or (preferred option) **change the server.workstation.com entry to 127.0.1.1** - all of 127.0.0.0/8 is handled by the loopback interface (`lo`). You may also need to tell apache to listen on 127.0.1.1 instead of (or as well as) 127.0.0.1 but probably not - I can't remember if that's required. See `man hosts` — cas, Jan 18 '18 at 10:12
Alternatively, if `server.workstation.com` is intended to be accessible by other machines on the local network use its 192.168 address. and either copy that entry to `/etc/hosts` on every machine, or run a local name server. — cas, Jan 18 '18 at 10:15
What are your ServerName directives in your apache httpd.conf file? and NameVirtualHost directives? — fcbsd, Jan 18 '18 at 10:22
@cas I changed `/etc/hosts` entry to 192.168 in the server and now `Could not reliably determine the server's fully qualified domain name` error fixed. But the httpd still not good. I will try `127.0.1.1` now. — ran, Jan 18 '18 at 10:29
what are you firewalld settings? and your selinux settings? and can you start httpd using apachectl from the command line? — fcbsd, Jan 18 '18 at 10:31
@fcbsd haven't touched anything on this from default settings. Btw httpd was working fine when i installed it. The issue started when i setup the virtual hosts. I doubts the configuration in virtual host setup. Please let me know if i need to include any part of the vhost files in the question. — ran, Jan 18 '18 at 10:34
@ran what is the output of firewall-cmd --list-all? does it mention ports 80 and 443? and what does apachectl configtest say? — fcbsd, Jan 18 '18 at 10:42
Let us [continue this discussion in chat](http://chat.stackexchange.com/rooms/71852/discussion-between-ran-and-fcbsd). — ran, Jan 18 '18 at 10:56

score 3 · Accepted Answer · answered Jan 18 '18 at 11:31

3

This looks like an issue with SELINUX that is enable be default on CentOS 7.

Setting SELINUX=permissive and rebooting the server will log the issues to /var/log/audit/audit.log so that set the appropriate SELINUX setting can be set up to allow the SELINUX to protect the server.

In addition setting up firewalld to allow access to ports 80 and 443 to allow external connections is needed:

firewall-cmd --add-service=http
firewall-cmd --add-service=https

linode has a good write up for firewalld but I've not found a good SELINUX resource...

answered Jan 18 '18 at 11:31

fcbsd

686
4
12

1

You don't need to set `SELINUX=permissive` to get the issues logged to `/var/log/audit/audit.log`. While enforcing it will still log. Better to just resolve the issue while it's enforcing so you can more clearly see the change (i.e. it starts working), vs in permissive mode it is harder to tell if you changed the right thing. – Centimane Jan 18 '18 at 11:38
@Centimane can you recommend any resources for helping to resolve SELINUX issues? – fcbsd Jan 18 '18 at 12:03
1

The RHEL document: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/selinux_users_and_administrators_guide/index and more specifically the troubleshooting section of it: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/selinux_users_and_administrators_guide/chap-security-enhanced_linux-troubleshooting – Centimane Jan 18 '18 at 12:28

score 3 · Answer 2 · answered Jan 18 '18 at 12:00

As per your error message: Set the 'ServerName' directive globally to suppress this message

Within the httpd.conf file you should find ServerName, and above it you may find the following note:

ServerName gives the name and port that the server uses to identify itself.
This can often be determined automatically, but we recommend you specify
it explicitly to prevent problems during startup.

If your host doesn't have a registered DNS name, enter its IP address here.

So adding the line:

ServerName server:[PORT]

Should fix your startup issues.

Yess, this fixes my failure error (`Process: 1734 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited, status=1/FAILURE)`) — ran, Jan 18 '18 at 12:11

Could not reliably determine the server's fully qualified domain name

2 Answers2