Bug#256713: marked as done (Apache security update made my website disappear)

Sun, 01 Aug 2004 01:48:22 -0500 

Your message dated Sun, 1 Aug 2004 08:06:40 +0200 (CEST)
with message-id <[EMAIL PROTECTED]>
and subject line Closing.
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--------------------------------------
Received: (at submit) by bugs.debian.org; 28 Jun 2004 17:07:58 +0000
>From [EMAIL PROTECTED] Mon Jun 28 10:07:58 2004
Return-path: <[EMAIL PROTECTED]>
Received: from chiark.greenend.org.uk [193.201.200.170] (mail)
        by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
        id 1Bezbp-0002RP-00; Mon, 28 Jun 2004 10:07:57 -0700
Received: by chiark.greenend.org.uk (Debian Exim 3.35 #1) with local
        for [EMAIL PROTECTED]
        id 1Bezbo-0001km-00; Mon, 28 Jun 2004 18:07:56 +0100
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
Message-ID: <[EMAIL PROTECTED]>
Date: Mon, 28 Jun 2004 18:07:56 +0100
From: [EMAIL PROTECTED] (Ian Jackson)
To: [EMAIL PROTECTED]
X-Debian-CC: Jacob Nevins <[EMAIL PROTECTED]>
Subject: Apache security update made my website disappear
X-Mailer: VM 7.03 under Emacs 19.34.1
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25 
        (1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-7.0 required=4.0 tests=BAYES_01,HAS_PACKAGE 
        autolearn=no version=2.60-bugs.debian.org_2004_03_25
X-Spam-Level: 

Package: apache
Version: 1.3.26-0woody5

The security update to apache changed my httpd.conf and srm.conf in a
way that meant my system's website disappeared.

I did get offered `Save these changes to the configuration files? [Y/n]=
'
and said yes, but:

 * Security updates should be safe.  In particular, security updates
   should be doable with less care, checking, presence of mind,
   etc. etc. than an elective upgrade.
 * The default should not be to override a user-changed configuration.
 * The default should not be to disable an existing website by
   changing the DocumentRoot to the Debian default.
 * The question was preceded by a large amount of largely irrelevant
   messages.

Transcript below.

Ian.

Do you want to install the files fetched [y]: Installing files...
(Reading database ... 71673 files and directories currently installed.)=

Preparing to replace apache-doc 1.3.26-0woody3 (using .../apache-doc_1.=
3.26-0woo
dy5_all.deb) ...
Unpacking replacement apache-doc ...
Preparing to replace apache-common 1.3.26-0woody3 (using .../apache-com=
mon_1.3.2
6-0woody5_i386.deb) ...
Unpacking replacement apache-common ...
Preparing to replace apache 1.3.26-0woody3 (using .../apache_1.3.26-0wo=
ody5_i386
.deb) ...
Unpacking replacement apache ...
Setting up apache-doc (1.3.26-0woody5) ...

Setting up apache-common (1.3.26-0woody5) ...

Setting up apache (1.3.26-0woody5) ...
update-rc.d: warning: /etc/rc2.d/S75apache is not a link to ../init.d/a=
pache
update-rc.d: warning: /etc/rc3.d/S75apache is not a link to ../init.d/a=
pache   -
update-rc.d: warning: /etc/rc4.d/S75apache is not a link to ../init.d/a=
pache
Apache has switched to using logrotate. However, some of your logs
are stored outside the /var/log/apache directory, so you should
edit /etc/logrotate.d/apache to have them automatically rotated.

Adding alias /doc/ -> /usr/share/doc/ to srm.conf (for Debian docs).

Your config files will not be modified until you select Y at "save chan=
ges."
The DocumentRoot is set to /var/www.
Leaving existing site /var/www/index.html untouched.
Finding DSO mods.......................................found.

# LoadModule vhost_alias_module /usr/lib/apache/1.3/mod_vhost_alias.so
# LoadModule env_module /usr/lib/apache/1.3/mod_env.so                 =
        |
LoadModule config_log_module /usr/lib/apache/1.3/mod_log_config.so
# LoadModule mime_magic_module /usr/lib/apache/1.3/mod_mime_magic.so
LoadModule mime_module /usr/lib/apache/1.3/mod_mime.so
LoadModule negotiation_module /usr/lib/apache/1.3/mod_negotiation.so
LoadModule status_module /usr/lib/apache/1.3/mod_status.so
# LoadModule info_module /usr/lib/apache/1.3/mod_info.so
LoadModule includes_module /usr/lib/apache/1.3/mod_include.so
LoadModule autoindex_module /usr/lib/apache/1.3/mod_autoindex.so
LoadModule dir_module /usr/lib/apache/1.3/mod_dir.so
LoadModule cgi_module /usr/lib/apache/1.3/mod_cgi.so
LoadModule asis_module /usr/lib/apache/1.3/mod_asis.so
LoadModule imap_module /usr/lib/apache/1.3/mod_imap.so
# LoadModule action_module /usr/lib/apache/1.3/mod_actions.so
# LoadModule speling_module /usr/lib/apache/1.3/mod_speling.so
LoadModule userdir_module /usr/lib/apache/1.3/mod_userdir.so
LoadModule alias_module /usr/lib/apache/1.3/mod_alias.so
LoadModule rewrite_module /usr/lib/apache/1.3/mod_rewrite.so
LoadModule access_module /usr/lib/apache/1.3/mod_access.so
LoadModule auth_module /usr/lib/apache/1.3/mod_auth.so
# LoadModule anon_auth_module /usr/lib/apache/1.3/mod_auth_anon.so
# LoadModule dbm_auth_module /usr/lib/apache/1.3/mod_auth_dbm.so
# LoadModule db_auth_module /usr/lib/apache/1.3/mod_auth_db.so
LoadModule proxy_module /usr/lib/apache/1.3/libproxy.so
# LoadModule digest_module /usr/lib/apache/1.3/mod_digest.so
# LoadModule cern_meta_module /usr/lib/apache/1.3/mod_cern_meta.so
LoadModule expires_module /usr/lib/apache/1.3/mod_expires.so
# LoadModule headers_module /usr/lib/apache/1.3/mod_headers.so
# LoadModule usertrack_module /usr/lib/apache/1.3/mod_usertrack.so
LoadModule unique_id_module /usr/lib/apache/1.3/mod_unique_id.so
# LoadModule setenvif_module /usr/lib/apache/1.3/mod_setenvif.so
# LoadModule sys_auth_module /usr/lib/apache/1.3/mod_auth_sys.so
# LoadModule put_module /usr/lib/apache/1.3/mod_put.so                 =
        /
# LoadModule throttle_module /usr/lib/apache/1.3/mod_throttle.so
# LoadModule allowdev_module /usr/lib/apache/1.3/mod_allowdev.so
# LoadModule eaccess_module /usr/lib/apache/1.3/mod_eaccess.so
# LoadModule roaming_module /usr/lib/apache/1.3/mod_roaming.so

Pondering....................................... done.

Save these changes to the configuration files? [Y/n]=20

Rotated `/etc/apache/httpd.conf' at Mon Jun 28 15:20:27 BST 2004.
Rotated `/etc/apache/srm.conf' at Mon Jun 28 15:20:27 BST 2004.
Restart Apache now? [Y/n]=20
Stopping apache with apachectl ... done.
Waiting for apache to terminate ... done.
/usr/sbin/apachectl start: httpd started
Reloading apache modulesstart-stop-daemon: warning: failed to kill 1518=
: No such
 process

Reply via email to