control: tags -1 + moreinfo control: severity -1 important Le vendredi 9 janvier 2026, 13:21:32 heure normale d’Europe centrale Juan-Rafael Fernandez a écrit : > Package: apache2 > Version: 2.4.66-2+b1 > Severity: grave > Justification: renders package unusable > > * What led up to the situation? > > I updated to 2.4.65-4 in Testing. > > * What was the outcome of this action? > > The server won't start and the following error is logged > > [:error] ... (30)Read-only file system: AH10082: Can't change owner of > /etc/apache2/md/challenges > [md:error] ... (30)Read-only file system: AH10047: setup challenges directory > AH00016: Configuration Failed > > The cause? This, from NEWS.Debian.gz > > ProtectSystem is set to full by default; > this mounts various system paths like /usr, /boot and > /etc as read-only, enhancing overall system integrity. > > /etc/ is mounted read-only but apache module mod_md (included in package > apache2) seems to need to write to /etc/apache2/md/challenges/). Maybe I > should > mention that I use Let's Encrypt certificates
Yes but normally it store at root of document... what is your mod_md configuration ? rouca > By the way, according to https://httpd.apache.org/docs/2.4/mod/mod_md.html > > "This module requires mod_watchdog to be loaded as well" > > I haven't been able to find mod_watchdog in the Testing repository. Is that > information obsolete? > > I'm filing this against apache2 because mod_md is included in that package. > > > -- System Information: > Debian Release: forky/sid > APT prefers testing > APT policy: (900, 'testing') > Architecture: amd64 (x86_64) > Foreign Architectures: i386 > > Kernel: Linux 6.17.13+deb14-amd64 (SMP w/4 CPU threads; PREEMPT) > Kernel taint flags: TAINT_USER > Locale: LANG=es_ES.UTF-8, LC_CTYPE=es_ES.UTF-8 (charmap=UTF-8), LANGUAGE not > set > Shell: /bin/sh linked to /usr/bin/dash > Init: systemd (via /run/systemd/system) > LSM: AppArmor: enabled > > Versions of packages apache2 depends on: > ii apache2-bin 2.4.66-2+b1 > ii apache2-data 2.4.66-2 > ii apache2-utils 2.4.66-2+b1 > ii init-system-helpers 1.69 > ii media-types 14.0.0 > ii perl 5.40.1-7 > ii procps 2:4.0.4-9 > > Versions of packages apache2 recommends: > ii ssl-cert 1.1.3 > > Versions of packages apache2 suggests: > pn apache2-doc <none> > pn apache2-suexec-pristine | apache2-suexec-custom <none> > ii chromium [www-browser] 143.0.7499.169-1 > ii firefox-esr [www-browser] 140.5.0esr-1 > ii google-chrome-stable [www-browser] 143.0.7499.192-1 > ii lynx [www-browser] 2.9.2-2 > pn ufw <none> > ii w3m [www-browser] 0.5.3+git20230121-2.3 > > Versions of packages apache2-bin depends on: > ii libapr1t64 1.7.6-3 > ii libaprutil1-dbd-sqlite3 1.6.3-4 > ii libaprutil1-ldap 1.6.3-4 > ii libaprutil1t64 1.6.3-4 > ii libbrotli1 1.1.0-2+b9 > ii libc6 2.42-6 > ii libcrypt1 1:4.5.1-1 > ii libcurl4t64 8.18.0~rc3-1 > ii libjansson4 2.14-2+b4 > ii libldap2 2.6.10+dfsg-1 > ii liblua5.4-0 5.4.8-1 > ii libnghttp2-14 1.64.0-1.1+b1 > ii libpcre2-8-0 10.46-1 > ii libssl3t64 3.5.4-1 > ii libsystemd0 259-1 > ii libxml2-16 2.15.1+dfsg-2+b1 > ii perl 5.40.1-7 > ii zlib1g 1:1.3.dfsg+really1.3.1-1+b2 > > Versions of packages apache2-bin suggests: > pn apache2-doc <none> > pn apache2-suexec-pristine | apache2-suexec-custom <none> > ii chromium [www-browser] 143.0.7499.169-1 > ii firefox-esr [www-browser] 140.5.0esr-1 > ii google-chrome-stable [www-browser] 143.0.7499.192-1 > ii lynx [www-browser] 2.9.2-2 > ii w3m [www-browser] 0.5.3+git20230121-2.3 > > Versions of packages apache2 is related to: > ii apache2 2.4.66-2+b1 > ii apache2-bin 2.4.66-2+b1 > > -- Configuration Files: > /etc/apache2/apache2.conf changed [not included] > /etc/apache2/conf-available/security.conf changed [not included] > /etc/apache2/conf-available/serve-cgi-bin.conf [file not found] > /etc/apache2/sites-available/000-default.conf changed [not included] > > -- no debconf information >
signature.asc
Description: This is a digitally signed message part.
