On 2013-01-03 22:49, Miroslav Lachman wrote:
> Scot Hetzel wrote:
>> On Wed, Jan 2, 2013 at 2:37 PM, Miroslav Lachman<000.f...@quip.cz>  wrote:
>>> Is somewhere written policy or portmgr recommendation about ports behavior
>>> on install / deinstall?
>>> I am talking about some ports doing "nasty" things.
>>>
>>> Some ports are stopping services on deinstall, some not.
>>
>> I prefer that when a port is uninstalled, that the service is stopped.
>> If it isn't stopped, it could pose a security risk to the system at a
>> later time.
> 
> Only if it will be optional. I am "the god in my world (my system)" and I 
> should know better than anybody else if I need to stop the daemon at any time.
> 
> The maintainer of any port can't know all the dependencies on my system and 
> my workflow with updating ports.
> Somebody can consider stopping (or restarting) Apache on upgrade as "good 
> thing", but it can be just a small piece of bigger upgrade process with lot 
> of dependencies like Apache modules, PHP, PHP extensions and libraries used 
> by both Apache and PHP extensions. So if for example Apache is upgraded and 
> it will made upgrade of PCRE with different library version number, then 
> restart of Apache will fail on PHP not loading missing old PCRE library.
> So the Apache should be restarted after upgrade of all the modules and 
> libraries, not after upgrade of it self.
> 
>> We still need to come up with a way of restarting the service after
>> the upgrade.  Currently, it has to be done manually to start the
>> service.
>>
>>> Some ports are editing "my config files" on deinstall, so even on upgrade
>>> procedure I must check if port did some changes before I can restart target
>>> daemon.
>>>
>> Most ports don't edit the config files as they install the original
>> config file to a different name.
>>
>>> For example some Apache modules (mod_bw, mod_xsendfile...) are commenting
>>> out load_module lines in httpd.conf so I got syntax error on Apache restart
>>> after upgrade of mentioned module and Apache failed to start.
>>>
>> Apache 2.x is an exception, as the installation of a Apache module
>> requires apachectl to add/re-enable the module in the httpd.conf file.
>>   Upon deinstallation, apachectl is used to disable the module in the
>> httpd.conf file.  It doesn't remove the LoadModule directive, it just
>> adds a '#" sign in front of it.  When the port is re-installed, all
>> apachectl has to do is remove the '#' sign.  A restart of Apache
>> should then load the module again.
>>
>> What errors are you getting when re-installing an Apache module?
> 
> Apache modules are not enabled by default. I am talking about 3rd party 
> modules. In some cases, they do nothing with httpd.conf, in other cases, they 
> are adding commented line and I must manualy uncomment this line, so it is my 
> will to have this module loaded / enabled.
> 
> But upgrade or reinstall or deinstall of this module causes commenting this 
> line out. It is undesirable.
> If I enable this module and this module will be updated 10 times a year, why 
> am I forced to re-enable it 10 times again?
> 
> Real world example follows:
> 
> root@spare ~/# uname -srmi
> FreeBSD 8.3-RC2 amd64 GENERIC
> 
> ___________________________________________________
> Only Apache is installed, no 3rd party modules
> 
> root@spare ~/# pkg_info -E ap22\* apache22-\*
> apache22-2.2.23_4
> 
> ___________________________________________________
> Copy the config file for later comparision
> 
> root@spare ~/# cp -P /usr/local/etc/apache22/httpd.conf httpd.conf.orig
> 
> ___________________________________________________
> Install mod_xsendfile
> 
> root@spare ~/# portmaster www/mod_xsendfile
> 
> ===>>> Installation of www/mod_xsendfile (ap22-mod_xsendfile-0.12_2) complete
> 
> ___________________________________________________
> There is commented LoadModule line after install added to httpd.conf
> 
> root@spare ~/# diff -U 2 httpd.conf.orig /usr/local/etc/apache22/httpd.conf
> --- httpd.conf.orig     2013-01-03 12:56:22.000000000 +0100
> +++ /usr/local/etc/apache22/httpd.conf  2013-01-03 21:25:03.000000000 +0100
> @@ -75,4 +75,5 @@
>  LoadModule rewrite_module libexec/apache22/mod_rewrite.so
>  LoadModule php5_module        libexec/apache22/libphp5.so
> +#LoadModule xsendfile_module   libexec/apache22/mod_xsendfile.so
> 
> ___________________________________________________
> I must manually uncomment the line (which is OK, I don't need to modules be 
> auto enabled as services are not enabled in rc.conf)
> 
> root@spare ~/# vi /usr/local/etc/apache22/httpd.conf
> 
> LoadModule xsendfile_module   libexec/apache22/mod_xsendfile.so
> 
> ___________________________________________________
> Then I added some configuration to VirtualHost
> 
> root@spare ~/# vi 
> /usr/local/etc/apache22/vhosts/available/www.example.com.conf
> 
>     XSendFile  on
>     XSendFilePath      /vol0/web/test
> 
> ___________________________________________________
> Diff shows that module is enabled
> 
> root@spare ~/# diff -U 2 httpd.conf.orig /usr/local/etc/apache22/httpd.conf
> --- httpd.conf.orig     2013-01-03 12:56:22.000000000 +0100
> +++ /usr/local/etc/apache22/httpd.conf  2013-01-03 21:26:46.000000000 +0100
> @@ -75,4 +75,5 @@
>  LoadModule rewrite_module libexec/apache22/mod_rewrite.so
>  LoadModule php5_module        libexec/apache22/libphp5.so
> +LoadModule xsendfile_module   libexec/apache22/mod_xsendfile.so
> 
> ___________________________________________________
> Syntax check
> 
> root@spare ~/# httpd -t
> Syntax OK
> 
> ___________________________________________________
> Reinstallation of the module (same as upgrading)
> 
> root@spare ~/# portmaster ap22-mod_xsendfile-0.12_2
> 
> ===>>> Creating a backup package for old version ap22-mod_xsendfile-0.12_2
>         ===>>> Package saved to /usr/ports/packages/portmaster-backup
> 
> Don't forget to remove all mod_xsendfile-related directives in your httpd.conf
> 
> ===>  Installing for ap22-mod_xsendfile-0.12_2
> ===>   Generating temporary packing list
> ===>  Checking if www/mod_xsendfile already installed
> /usr/local/share/apache22/build/instdso.sh 
> SH_LIBTOOL='/usr/local/share/apr/build-1/libtool' 
> /usr/ports/www/mod_xsendfile/work/mod_xsendfile-0.12/mod_xsendfile.la 
> /usr/local/libexec/apache22
> /usr/local/share/apr/build-1/libtool --mode=install cp 
> /usr/ports/www/mod_xsendfile/work/mod_xsendfile-0.12/mod_xsendfile.la 
> /usr/local/libexec/apache22/
> libtool: install: cp 
> /usr/ports/www/mod_xsendfile/work/mod_xsendfile-0.12/.libs/mod_xsendfile.so 
> /usr/local/libexec/apache22/mod_xsendfile.so
> libtool: install: cp 
> /usr/ports/www/mod_xsendfile/work/mod_xsendfile-0.12/.libs/mod_xsendfile.lai 
> /usr/local/libexec/apache22/mod_xsendfile.la
> libtool: install: cp 
> /usr/ports/www/mod_xsendfile/work/mod_xsendfile-0.12/.libs/mod_xsendfile.a 
> /usr/local/libexec/apache22/mod_xsendfile.a
> libtool: install: chmod 644 /usr/local/libexec/apache22/mod_xsendfile.a
> libtool: install: ranlib /usr/local/libexec/apache22/mod_xsendfile.a
> chmod 755 /usr/local/libexec/apache22/mod_xsendfile.so
> [preparing module `xsendfile' in /usr/local/etc/apache22/httpd.conf]
> ===>   Registering installation for ap22-mod_xsendfile-0.12_2
> 
> ===>>> Creating a package for new version ap22-mod_xsendfile-0.12_2
>         ===>>> Package saved to /usr/ports/packages/All
> 
> ===>>> Re-installation of ap22-mod_xsendfile-0.12_2 complete
> 
> 
> ___________________________________________________
> And there is a problem - syntax error, because module was disabled (commented 
> out on deinstall) and some directives remained in VirtualHost definition - 
> Apache will not start!
> 
> root@spare ~/# httpd -t
> Syntax error on line 57 of 
> /usr/local/etc/apache22/vhosts/available/www.example.com.conf:
> Invalid command 'XSendFile', perhaps misspelled or defined by a module not 
> included in the server configuration
> 
> ___________________________________________________
> Diff shows commented out line
> 
> root@spare ~/# diff -U 2 httpd.conf.orig /usr/local/etc/apache22/httpd.conf
> --- httpd.conf.orig     2013-01-03 12:56:22.000000000 +0100
> +++ /usr/local/etc/apache22/httpd.conf  2013-01-03 21:32:26.000000000 +0100
> @@ -75,4 +75,5 @@
>  LoadModule rewrite_module libexec/apache22/mod_rewrite.so
>  LoadModule php5_module        libexec/apache22/libphp5.so
> +#LoadModule xsendfile_module   libexec/apache22/mod_xsendfile.so
> 
> ___________________________________________________
> 
> I think this behavior is wrong.
> 
> Why am I forced to manualy re-enable all 3rd party modules on each upgrade?
> 
> Modules should not disable something that is explicitly enabled by user / 
> system administrator.
> 
> 
> Miroslav Lachman
> 
> PS: I know about deinstall message "Don't forget to remove all 
> mod_xsendfile-related directives in your httpd.conf" but it can be considered 
> as maintainer's "joke" in case of module upgrade

The point is at the moment the port is uninstalled the port has no knowledge 
about the reason (uninstall permanent / reinstall / upgrade ) so the assumption 
is permanent.

What I really don't get is users complaining about critical machines, special 
workflow and then thy do builds on that *critical* system with a script that 
can be interrupted by < fill in several reasons >.

Have you ever thought about a tinderbox, poudriere or simmilar which builds 
customized packages all the time in a clean environment?
If the build is finished you have all the sort of buildlogs and can do an 
package upgrade in seconds on a prod machine ( it takes me 10min to update a 
hand full of machines ).
After the upgrade all I have to do is for services like apache an "svn diff" 
and maybe an "svn revert httpd.conf" then fire my daemon_restart scrip and go 
to the next machine.

Sample restart script for local services.
http://people.freebsd.org/~ohauer/scripts/daemon_status

_______________________________________________
freebsd-ports@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"

Reply via email to