Re: apache2: Could not open configuration file /etc/apache2/apache2.conf: Permission denied

[Steve Kemp <skx@debian.org>]

  To recap you reported the original error:

>  apache2: Could not open configuration file /etc/apache2/apache2.conf:
>  Permission denied

  Now you've provided more details, from your audit-log:

> type=AVC msg=audit(1539750555.347:77): apparmor="DENIED"
> operation="open" profile="/usr/sbin/apache2"
> name="/etc/apache2/apache2.conf" pid=17485 comm="apache2"
> requested_mask="r" denied_mask="r" fsuid=0 ouid=0

  There you see "DENIED" along with "exit=-13".  You can lookup
 the meaning of "-13" via this command but I'll guess it correpondes to
 EPERM ("permission denied"):

    ausearch --interpret --exit -13

  In conclusion: You're using apparmor, it prevented the process from
 opening the configuration file, which stopped the service from starting.
 That was logged explicitly :)

  To fix this either:

    1.  Fix apparmor so that you can open the file.

    2.  Disable apparmor.

  The first might be as simple as `systemctl restart apparmor.service`,
 that's working on the basis that:

    * You had apparmor installed.
    * You've now just installed apache.
        * This will have given you new apparmor rules.
        * But they won't be loaded because apparmor wasn't reloaded.
    * So apache failed.

  I'm not 100% sure if that is the case, but it seems likely.  If not
 you'll need to do some reading.  Perhaps start here:

    https://wiki.debian.org/AppArmor

Steve
--