make sock
This tutorial series explains how to troubleshoot and fix some of the most common errors that you may encounter when using the Apache web server.
本教程系列说明了如何解决和修复使用Apache Web服务器时可能遇到的一些最常见的错误。
Each tutorial in this series includes descriptions of common Apache configuration, network, filesystem, or permission errors. The series begins with an overview of the commands and log files that you can use to troubleshoot Apache. Subsequent tutorials examine specific errors in detail.
本系列中的每个教程都包含对常见Apache配置,网络,文件系统或权限错误的描述。 本系列文章首先概述了可用于对Apache进行故障排除的命令和日志文件。 后续教程将详细检查特定的错误。
介绍 (Introduction)
An Apache AH00072: make_sock: could not bind to address
error message is generated when there is another process listening on the same port that Apache is configured to use. Typically the port will be the standard port 80
for HTTP connections, or port 443
for HTTPS connections. However, any port conflict with another process can cause an AH00072 error.
当另一个进程正在监听配置为使用Apache的同一端口上时,会生成Apache AH00072: make_sock: could not bind to address
错误消息。 通常,该端口将是用于HTTP连接的标准端口80
,或者是用于HTTPS连接的端口443
。 但是,与另一个进程的任何端口冲突都可能导致AH00072错误。
The error is derived from the underlying operating system system’s network stack. The issue is that only a single process can be bound to a port at any given time. If another web server like Nginx is configured to listen on port 80
and it is running, then Apache will not be able to claim the port for itself.
该错误源自底层操作系统系统的网络堆栈。 问题是在任何给定时间只能将单个进程绑定到端口。 如果将另一个Web服务器(如Nginx)配置为侦听端口80
并且正在运行,则Apache将无法为其声明端口。
To detect a port conflict with Apache, you will need to examine systemctl
and journalctl
output to determine the IP address and port that are causing the error. Then you can decide how to resolve the issue, whether it is by switching web servers, changing the IP address that Apache uses, the port, or any combination of these options.
要检测与Apache的端口冲突,您将需要检查systemctl
和journalctl
输出,以确定导致错误的IP地址和端口。 然后,您可以决定如何解决问题,无论是通过切换Web服务器,更改Apache使用的IP地址,端口还是这些选项的任意组合。
使用systemctl
故障排除 (Troubleshooting with systemctl
)
Following the troubleshooting steps from the How to Troubleshoot Common Apache Errors tutorial at the beginning of this series, the first step when you are troubleshooting an AH00072: make_sock: could not bind to address
error message is to check Apache’s status with systemctl
.
按照本系列文章开头的“ 如何对常见的Apache错误进行故障排除”教程中的故障排除步骤,对AH00072: make_sock: could not bind to address
进行故障排除时, AH00072: make_sock: could not bind to address
错误消息是使用systemctl
检查Apache的状态。
If systemctl
does not include output that describes the problem, then the last section of this tutorial, Troubleshooting Using journalctl
Logs explains how to examine the systemd
logs to find the conflicting port.
如果systemctl
不包含描述问题的输出,则本教程的最后一部分, 使用journalctl
日志进行故障排除将说明如何检查systemd
日志以查找冲突的端口。
The output from systemctl status
will in many cases contain all the diagnostic information that you need to resolve the error. It will include the IP address that Apache is using, as well as the port that it is attempting to bind to. The output will also indicate how long Apache has been unable to start so that you can determine how long the issue has been affecting Apache.
在许多情况下, systemctl status
的输出将包含解决错误所需的所有诊断信息。 它将包括Apache使用的IP地址,以及它试图绑定的端口。 输出还将指示Apache无法启动多长时间,以便您可以确定问题影响Apache的时间。
On Ubuntu and Debian-derived Linux distributions, run the following to check Apache’s status:
在Ubuntu和Debian衍生的Linux发行版上,运行以下命令检查Apache的状态:
- sudo systemctl status apache2.service -l --no-pager sudo systemctl状态apache2.service -l --no-pager
On CentOS and Fedora systems, use this command to examine Apache’s status:
在CentOS和Fedora系统上,使用以下命令检查Apache的状态:
- sudo systemctl status httpd.service -l --no-pager sudo systemctl状态httpd.service -l --no-pager
The -l
flag will ensure that systemctl
outputs the entire contents of a line, instead of substituting in ellipses (…
) for long lines. The --no-pager
flag will output the entire log to your screen without invoking a tool like less
that only shows a screen of content at a time.
-l
标志将确保systemctl
输出一行的全部内容,而不是用省略号( …
)代替长行。 --no-pager
标志将整个日志输出到您的屏幕,而无需调用诸如less
的工具,该工具一次只显示一个屏幕。
Since you are troubleshooting an AH00072: make_sock
error message, you should receive output that is similar to the following:
由于要对AH00072: make_sock
错误消息进行故障排除,因此您应该收到与以下内容类似的输出:
Output
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Tue 2020-07-28 13:58:40 UTC; 8s ago
Docs: man:httpd.service(8)
Process: 69 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND (code=exited, status=1/FAILURE)
Main PID: 69 (code=exited, status=1/FAILURE)
Status: "Reading configuration..."
Tasks: 213 (limit: 205060)
Memory: 25.9M
CGroup: /system.slice/containerd.service/system.slice/httpd.service
Jul 28 13:58:40 e3633cbfc65e systemd[1]: Starting The Apache HTTP Server…
Jul 28 13:58:40 e3633cbfc65e httpd[69]: (98)Address already in use: AH00072: make_sock: could not bind to address [::]:80
Jul 28 13:58:40 e3633cbfc65e httpd[69]: (98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:80
Jul 28 13:58:40 e3633cbfc65e httpd[69]: no listening sockets available, shutting down
Jul 28 13:58:40 e3633cbfc65e httpd[69]: AH00015: Unable to open logs
Jul 28 13:58:40 e3633cbfc65e systemd[1]: httpd.service: Main process exited, code=exited, status=1/FAILURE
Jul 28 13:58:40 e3633cbfc65e systemd[1]: httpd.service: Failed with result 'exit-code'.
Jul 28 13:58:40 e3633cbfc65e systemd[1]: Failed to start The Apache HTTP Server.
Note that your output may be slightly different if you are using an Ubuntu or Debian-derived distribution, where the name of the Apache process is not httpd
but is apache2
.
请注意,如果使用的是Ubuntu或Debian发行版,则输出可能会略有不同,其中Apache进程的名称不是httpd
而是apache2
。
This example systemctl
output includes some highlighted lines from the systemd
journal that describes the AH00072 error. These lines, both of which begin with (98)Address already in use: AH00072: make_sock: could not bind to address
, give you all the information about the AH00072 error that you need to troubleshoot it further, so you can skip the following journalctl
steps and instead proceed to the Troubleshooting with ss
and ps
Utilities section at the end of this tutorial.
此示例systemctl
输出包括来自systemd
日志的一些突出显示的行,这些行描述了AH00072错误。 这些行都以(98)Address already in use: AH00072: make_sock: could not bind to address
开头, (98)Address already in use: AH00072: make_sock: could not bind to address
,为您提供了有关AH00072错误的所有信息,您需要对其进行进一步的故障排除,因此可以跳过以下journalctl
步骤,而转至本教程结尾的“ 使用ss
和ps
实用程序进行故障排除”部分。
If your systemctl
output does not give specific information about the IP address and port or ports that are causing the AH00072 error, you will need to examine journalctl
output from the systemd
logs. The following section explains how to use journalctl
to troubleshoot an AH00072 error.
如果您的systemctl
输出未提供有关导致AH00072错误的IP地址和端口的特定信息,则需要检查systemd
日志中的journalctl
输出。 下一节说明如何使用journalctl
对AH00072错误进行故障排除。
使用journalctl
日志进行故障排除 (Troubleshooting Using journalctl
Logs)
If your systemctl
output does not include specifics about an AH00072 error, you should proceed with using the journalctl
command to examine systemd
logs for Apache.
如果您的systemctl
输出不包含有关AH00072错误的详细信息,则应继续使用journalctl
命令检查Apache的systemd
日志。
On Ubuntu and Debian-derived systems, run the following command:
在Ubuntu和Debian衍生的系统上,运行以下命令:
- sudo journalctl -u apache2.service --since today --no-pager sudo journalctl -u apache2.service-从今天开始--no-pager
On CentOS, Fedora, and RedHat-derived systems, use this command to inspect the logs:
在CentOS,Fedora和RedHat派生的系统上,使用以下命令检查日志:
- sudo journalctl -u httpd.service --since today --no-pager sudo journalctl -u httpd.service-从今天开始--no-pager
The --since today
flag will limit the output of the command to log entries beginning at 00:00:00 of the current day only. Using this option will help restrict the volume of log entries that you need to examine when checking for errors.
--since today
标志将限制命令的输出,仅记录从当天的00:00:00开始的条目。 使用此选项将有助于限制检查错误时需要检查的日志条目的数量。
If Apache is unable to bind to a port that is in use, search through the output for lines that are similar to the following log entries, specifically lines that contain the AH00072 error code as highlighted in this example:
如果Apache无法绑定到正在使用的端口,请在输出中搜索与以下日志条目相似的行,特别是包含AH00072错误代码的行,如本示例中突出显示:
Output
-- Logs begin at Tue 2020-07-14 20:10:37 UTC, end at Tue 2020-07-28 14:01:40 UTC. --
. . .
Jul 28 14:03:01 b06f9c91975d apachectl[71]: (98)Address already in use: AH00072: make_sock: could not bind to address [::]:80
Jul 28 14:03:01 b06f9c91975d apachectl[71]: (98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:80
Jul 28 14:03:01 b06f9c91975d apachectl[71]: no listening sockets available, shutting down
This output indicates two AH00072 errors. The first of these explains that Apache cannot bind to the [::]:80
address, which is port 80
on all available IPv6 interfaces. The next line, with the address 0.0.0.0:80
, indicates Apache cannot bind to port 80
on all available IPv4 interfaces. Depending on your system’s configuration, the IP addresses may be different and only show individual IPs, and may only include IPv4 or IPv6 errors.
此输出指示两个AH00072错误。 其中第一个解释是Apache无法绑定到[::]:80
地址,该地址是所有可用IPv6接口上的端口80
。 地址为0.0.0.0:80
的下一行表示Apache无法绑定到所有可用IPv4接口上的端口80
。 IP地址可能会有所不同,并且仅显示单个IP,并且可能仅包含IPv4或IPv6错误,具体取决于您系统的配置。
Even though your own system may have different conflicting interfaces and ports, the errors will be similar to the output shown here. With output from journalctl
you will be able to diagnose the issue using ss
in the following section of this tutorial.
即使您自己的系统可能具有冲突的接口和端口,错误也将与此处显示的输出相似。 利用journalctl
输出,您将能够在本教程以下部分中使用ss
诊断问题。
使用ss
和ps
实用程序进行故障排除 (Troubleshooting with ss
and ps
Utilities)
To troubleshoot an AH00072 error you need to determine what other process is listening on the IP address and port that Apache is attempting to use. Most modern Linux distributions include a utility called ss
which can be used to gather information about the state of a system’s network sockets.
要解决AH00072错误,您需要确定Apache尝试使用的IP地址和端口上正在侦听其他进程。 大多数现代Linux发行版都包含一个名为ss
的实用程序,可用于收集有关系统网络套接字状态的信息。
In the previous journalctl
section, something was already bound to the IPv4 and IPv6 addresses on port 80
. The following command will determine the name of the process that is already bound to an IPv4 interface on port 80
. Ensure that you substitute the port from the error message if it is different from 80
in the following command:
在上一个journalctl
部分中,端口80
上的IPv4和IPv6地址已经绑定了某些内容。 以下命令将确定端口80
上已绑定到IPv4接口的进程的名称。 如果以下命令中的端口不同于80
,请确保从错误消息中替换端口:
sudo ss -4 -tlnp | grep 80
须藤ss -4 -tlnp | grep 80
The flags to the ss
command alter its default output in the following ways:
ss
命令的标志通过以下方式更改其默认输出:
-4
restrictsss
to only display IPv4-related socket information.-4
限制ss
仅显示与IPv4相关的套接字信息。-t
restricts the output totcp
sockets only.-t
将输出限制为仅tcp
套接字。-l
displays all listening sockets with the-4
and-t
restrictions taken into account.-l
显示所有监听套接字,并考虑-4
和-t
限制。-n
ensures that port numbers are displayed, as opposed to protocol names like ‘httpor
https`. This is important since Apache may be attempting to bind to a non-standard port and a service name can be confusing as opposed to the actual port number.-n
确保显示端口号,而不是协议名称(例如“ httpor
https”)。 这很重要,因为Apache可能试图绑定到非标准端口,并且服务名称与实际端口号可能会造成混淆。-p
outputs information about the process that is bound to a port.-p
输出有关绑定到端口的进程的信息。
With all of those flags, you will receive output like the following:
使用所有这些标志,您将收到如下输出:
Output
LISTEN 0 511 0.0.0.0:80 0.0.0.0:* users:(("nginx",pid=40,fd=6))
The first three fields are not important when troubleshooting an AH00072 error so they can be ignored. The important fields are the fourth (0.0.0.0:80
), which matches the journalctl
error that you discovered earlier, along with the last users:(("nginx",pid=40,fd=6))
, specifically the pid=40
portion.
对AH00072错误进行故障排除时,前三个字段并不重要,因此可以忽略它们。 重要字段是第四个( 0.0.0.0:80
),它与您先前发现的journalctl
错误以及最后一个users:(("nginx",pid=40,fd=6))
匹配,特别是pid=40
部分。
If you have an AH00072 error that is related to an IPv6 interface, repeat the ss
invocation, this time using the -6
flag to restrict the interfaces to the IPv6 network stack like this:
如果您遇到与IPv6接口有关的AH00072错误,请重复ss
调用,这次使用-6
标志将接口限制为IPv6网络堆栈,如下所示:
sudo ss -6 -tlnp |grep 80
sudo ss -6 -tlnp | grep 80
Output
LISTEN 0 511 [::]:80 [::]:* users:(("nginx",pid=40,fd=7))
Again, substitute the port number in question from your journalctl
output if it is different from the highlighted 80
given here.
同样,如果与此处给出的突出显示的80
不同,请从您的journalctl
输出中替换有问题的端口号。
In both these cases of IPv4 and IPv6 errors, the ss
output indicates that there is a program with process ID 40 (the pid=40
in the output) that is bound to the 0.0.0.0:80
and [::]:80
interfaces respectively. This process is preventing Apache from starting since it already owns the port. To determine the name of the program, use the ps
utility like this, substituting the process ID from your output in place of the highlighted 40
value in this example:
在这两种IPv4和IPv6错误情况下, ss
输出都表明存在一个进程ID为40(输出中的pid=40
)的程序,该程序绑定到0.0.0.0:80
和[::]:80
接口分别。 此过程阻止Apache启动,因为它已拥有该端口。 若要确定程序的名称,请使用ps
实用程序,如下所示,使用输出中的进程ID代替此示例中突出显示的40
值:
sudo ps -p 40
须藤ps -p 40
You will receive output that is similar to the following:
您将收到类似于以下内容的输出:
Output
PID TTY TIME CMD
40 ? 00:00:00 nginx
The highlighted nginx
in the output is the name of the process that is listening on the interfaces. Now that you have the name of the program that is preventing Apache from starting, you can decide how to resolve the error. You could stop the nginx
process, reconfigure nginx
to listen on a different interface and port, or reconfigure Apache to avoid the port collision.
输出中突出显示的nginx
是在接口上侦听的进程的名称。 现在您有了阻止Apache启动的程序名称,您可以决定如何解决该错误。 您可以停止nginx
进程,重新配置nginx
以侦听其他接口和端口,或者重新配置Apache以避免端口冲突。
It is important to note that the process may be different from nginx
and the port and IP addresses may not always be 0.0.0.0
or [::]
if you are diagnosing an AH00072 error. Oftentimes, different web servers and proxies will be in use on the same server. Each may be attempting to bind to different IPv4 ports and IPv6 interfaces to handle different web traffic. For example, a server that is configured with HAProxy listening on the IPv4 loopback address (also referred to as localhost
) on port 8080
will show ss
output like this:
重要的是要注意,此过程可能与nginx
不同,并且如果要诊断AH00072错误,则端口和IP地址可能并不总是0.0.0.0
或[::]
。 通常,同一台服务器上会使用不同的Web服务器和代理。 每个服务器都可能试图绑定到不同的IPv4端口和IPv6接口以处理不同的Web流量。 例如,配置了HAProxy并在端口8080
上侦听IPv4环回地址(也称为localhost
)的服务器将显示ss
输出,如下所示:
Output
LISTEN 0 2000 127.0.0.1:8080 0.0.0.0:* users:(("haproxy",pid=545,fd=7))
It is important to combine systemctl
output, or journalctl
output that indicates specific IP addresses and ports, with diagnostic data from ss
, and then ps
to narrow down the process that is causing Apache to fail to start.
重要的是将指示特定IP地址和端口的systemctl
输出或journalctl
输出与ss
和ps
诊断数据相结合,以缩小导致Apache无法启动的过程。
结论 (Conclusion)
In this tutorial you learned how to troubleshoot an Apache AH00072 make_sock: could not bind to address
error message on both IPv4 and IPv6 interfaces. You learned how to use systemctl
to examine the status of the Apache server and try to find error messages. You also learned how to use journalctl
to examine the systemd
logs for specific information about an AH00072 error.
在本教程中,您学习了如何对Apache AH00072 make_sock: could not bind to address
进行故障排除AH00072 make_sock: could not bind to address
在IPv4和IPv6接口上都AH00072 make_sock: could not bind to address
错误消息。 您学习了如何使用systemctl
检查Apache服务器的状态并尝试查找错误消息。 您还学习了如何使用journalctl
检查systemd
日志以获取有关AH00072错误的特定信息。
With the appropriate error messages from the logs, you then learned about the ss
utility and how to use it to examine the state of a system’s network sockets. After that you learned how to combine process ID information from ss
with the ps
utility to find the name of the process that is causing Apache to be unable to start.
借助来自日志的相应错误消息,您然后了解了ss
实用程序以及如何使用它检查系统网络套接字的状态。 之后,您学习了如何将ss
进程ID信息与ps
实用程序结合在一起,以查找导致Apache无法启动的进程的名称。
make sock