Adobe 38043740 - ColdFusion Standard - Mac Manual page 51

-bin /usr/sbin/httpd \
-script /etc/init.d/httpd
At this point you will find that with SELinux enabled Apache will fail to start because the mod_jk (the Tomcat
connector module for Apache) module does not have sufficient permissions, the error may look something like
this:
Starting httpd: httpd: Syntax error on line 1033 of /etc/httpd/conf/httpd.conf: Syntax error on line 2 of
/etc/httpd/conf/mod_jk.conf: Cannot load /opt/coldfusion10/config/wsconfig/1/mod_jk.so into server:
/opt/coldfusion10/config/wsconfig/1/mod_jk.so: failed to map segment from shared object: Permission
denied
If you are not running SELinux you can skip any commands that begin with chcon or setsebool.
First create an empty log file:
touch /opt/coldfusion10/config/wsconfig/1/mod_jk.log
And an empty shared memory file:
touch /opt/coldfusion10/config/wsconfig/1/jk_shm
Now lets apply proper file permissions to the connector directory:
chown -R cfusion:webservices /opt/coldfusion10/config/wsconfig/1/
chmod -R 640 /opt/coldfusion10/config/wsconfig/1/
chmod 750 /opt/coldfusion10/config/wsconfig/1/mod_jk.so
chmod 660 /opt/coldfusion10/config/wsconfig/1/mod_jk.log
chmod 660 /opt/coldfusion10/config/wsconfig/1/jk_shm
Next we need to apply SELinux context to the mod_jk.so module, we'll do this by referencing another apache
module, we'll pick mod_rewrite.so - just make sure whatever you pick is installed:
chcon --reference=/etc/httpd/modules/mod_rewrite.so
/opt/coldfusion10/config/wsconfig/1/mod_jk.so
51