Bug#225487: apache-ssl: Postinstall fails with a "sed" error
Hi Fabio-
This patch fixes the problem and allows me to generate the cert.
[EMAIL PROTECTED]:~$ diff -ur make-ssl-cert.orig make-ssl-cert
--- make-ssl-cert.orig 2003-12-31 12:51:49.0 -0500
+++ make-ssl-cert 2003-12-31 12:52:18.0 -0500
@@ -97,13 +97,13 @@
Email="$RET"
db_fset make-ssl-cert/email seen false
-sed -e s,@CountryName@,"$CountryName", \
--e s,@StateName@,"$StateName", \
--e s,@LocalityName@,"$LocalityName", \
--e s,@OrganisationName@,"$OrganisationName", \
--e s,@OUName@,"$OUName", \
--e s,@HostName@,"$HostName", \
--e s,@Email@,"$Email", \
+sed -e s/@CountryName@/"$CountryName"/ \
+-e s/@StateName@/"$StateName"/ \
+-e s/@LocalityName@/"$LocalityName"/ \
+-e s/@OrganisationName@/"$OrganisationName"/ \
+-e s/@OUName@/"$OUName"/ \
+-e s/@HostName@/"$HostName"/ \
+-e s/@Email@/"$Email"/ \
$template > /tmp/$$.req
export RANDFILE=/dev/random
...but I now get an error regarding the cert request:
hades:/etc/apache-ssl# apt-get -f install
Reading Package Lists... Done
Building Dependency Tree... Done
0 upgraded, 0 newly installed, 0 to remove and 7 not upgraded.
1 not fully installed or removed.
Need to get 0B of archives.
After unpacking 0B of additional disk space will be used.
Setting up apache-ssl (1.3.29.0.1-3) ...
+ make_selfsigned_cert
+ '[' '!' -f /etc/apache-ssl/apache.pem ']'
+ /usr/sbin/make-ssl-cert /usr/share/ssl-cert/ssleay.cnf
/etc/apache-ssl/apache.pem
Generating a 1024 bit RSA private key
.++
...++
writing new private key to '/etc/apache-ssl/apache.pem'
-
problems making Certificate Request
5332:error:0D07A098:asn1 encoding routines:ASN1_mbstring_copy:string too
short:a_mbstr.c:147:minsize=1
dpkg: error processing apache-ssl (--configure):
subprocess post-installation script returned error exit status 1
Errors were encountered while processing:
apache-ssl
E: Sub-process /usr/bin/dpkg returned an error code (1)
...and when I run 'apt-get -f install' again:
Starting web server: apache-sslProcessing config directory:
/etc/apache-ssl/conf.d
failed
invoke-rc.d: initscript apache-ssl, action "start" failed.
dpkg: error processing apache-ssl (--configure):
subprocess post-installation script returned error exit status 1
Errors were encountered while processing:
apache-ssl
E: Sub-process /usr/bin/dpkg returned an error code (1)
hades:/etc/apache-ssl#
I attached the output with 'set -x' in the postinstall script, as it was
rather large - this is with the above patch applied.
Regards,
Doug
Script started on Wed Dec 31 12:59:03 2003
hades:/etc/apache-ssl# apt-get -f install
...
Setting up apache-ssl (1.3.29.0.1-3) ...
+ make_selfsigned_cert
+ '[' '!' -f /etc/apache-ssl/apache.pem ']'
+ . /usr/share/debconf/confmodule
++ '[' '!' '' ']'
++ exec /usr/share/debconf/frontend /var/lib/dpkg/info/apache-ssl.postinst
configure ''
+ make_selfsigned_cert
+ '[' '!' -f /etc/apache-ssl/apache.pem ']'
+ . /usr/share/debconf/confmodule
++ '[' '!' 1 ']'
++ '[' -z '' ']'
++ exec
++ DEBCONF_REDIR=1
++ export DEBCONF_REDIR
++ _old_opts=configure
++ set -- capb CAPB
++ eval 'db_capb () {
echo "CAPB $@" >&3
# Set to newline to get whole line.
local IFS='\''
'\''
local _LINE
read -r _LINE
# Disgusting, but it'\''s the only good way to split the line,
# preserving all other whitespace.
RET="${_LINE#[! ][ ]}"
return ${_LINE%%[ ]*}
}'
++ set -- set SET
++ eval 'db_set () {
echo "SET $@" >&3
# Set to newline to get whole line.
local IFS='\''
'\''
local _LINE
read -r _LINE
# Disgusting, but it'\''s the only good way to split the line,
# preserving all other whitespace.
RET="${_LINE#[! ][ ]}"
return ${_LINE%%[ ]*}
}'
++ set -- reset RESET
++ eval 'db_reset () {
echo "RESET $@" >&3
# Set to newline to get whole line.
local IFS='\''
'\''
local _LINE
read -r _LINE
# Disgusting, but it'\''s the only good way to split the line,
# preserving all other whitespace.
RET="${_LINE#[! ][ ]}"
return ${_LINE%%[ ]*}
}'
++ set -- title TITLE
++ eval 'db_title () {
echo "TITLE $@" >&3
# Set to newline to get whole line.
local IFS='\''
'\''
local _LINE
read -r _LINE
# Disgusting, but it'\''s the only good way to split the line,
# preserving all other whitespace.
RET="${_LINE#[! ][ ]}"
return ${_LINE%%[ ]*}
Bug#225634: Apache no longer runs from inetd.
PS. This is the inetd.conf line I use: https stream tcp nowait.180 root /usr/sbin/tcpd /usr/sbin/apache It has worked fine for about a year. In httpd.conf I have: # ServerType is either inetd, or standalone. ServerType inetd
Bug#225634: Apache no longer runs from inetd.
On Wed, Dec 31, 2003 at 08:07:28AM +0100, Fabio Massimo Di Nitto wrote: > On Wed, 31 Dec 2003, Norbert Veber wrote: > > > Package: apache > > Version: 1.3.29.0.1-3 > > Severity: important > > > > Hello, > > > > I just noticed that my web page no longer works. I run apache with > > mod-ssl from inetd. > > > > Aparently this is caused by conf.d support: > > > > [EMAIL PROTECTED]:~]$ telnet localhost https > > Trying 127.0.0.1... > > Connected to localhost. > > here you are connected.. in order to get a page you need to send a > request. > > Try to use a normal browser and see what happens.. is that reproducible > also on non-SSL connection?? it could be a mod-ssl problem. Well, as my bug report states, my web page stopped working. I know this because I tried to access it via mozilla. It connects, but nothing happens afterwards. Eventually it times out. This is what prompted me to telnet to it. I do not know how to manually send a request to an https server. I do not run a non-SSL server. Obviously the problem is that apache is printing out random crap about its configuration files to the other end of the connection. I'm sure thats not part of the http(s) standard. :) Thanks, Norbert
Bug#225634: Apache no longer runs from inetd.
On Wed, Dec 31, 2003 at 12:20:07PM -0500, Norbert Veber wrote: > PS. This is the inetd.conf line I use: > > https stream tcp nowait.180 root /usr/sbin/tcpd > /usr/sbin/apache > > It has worked fine for about a year. > > In httpd.conf I have: > # ServerType is either inetd, or standalone. > > > ServerType inetd Also, if you want to connect to it yourself, its https://pyre.virge.net.
Bug#225487: apache-ssl: Postinstall fails with a "sed" error
Hi Fabio- On Wed, Dec 31, 2003 at 08:10:09AM +0100, Fabio Massimo Di Nitto wrote: > Hi Doug, > can you be so kind to add set -x to > /var/lib/dpkg/info/apache-ssl.postinst > and send me the output? > hades:/home/doug# vi /var/lib/dpkg/info/apache-ssl.postinst hades:/home/doug# apt-get -f install Reading Package Lists... Done Building Dependency Tree... Done 0 upgraded, 0 newly installed, 0 to remove and 7 not upgraded. 1 not fully installed or removed. Need to get 0B of archives. After unpacking 0B of additional disk space will be used. Setting up apache-ssl (1.3.29.0.1-3) ... + make_selfsigned_cert + '[' '!' -f /etc/apache-ssl/apache.pem ']' + /usr/sbin/make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache-ssl/apache.pem sed: -e expression #4, char 42: Unknown option to `s' dpkg: error processing apache-ssl (--configure): subprocess post-installation script returned error exit status 1 Errors were encountered while processing: apache-ssl E: Sub-process /usr/bin/dpkg returned an error code (1) hades:/home/doug#
Año nuevo
Title: Felicitacion de Navidad Si no puede ver correctamente esta animación, visite www.es-emoticon.com/feliz2004 www.es-emoticon.com Este mensaje esta dirigido a los que alguna vez han contactado con Emoticon. Si lo ha recibido por error y no desea recibir ningún comunicado de Emoticon, rogamos envíe un mensaje con asunto : BÓRRAME a [EMAIL PROTECTED] o a la dirección de membrete.
Año nuevo
Title: Felicitacion de Navidad Si no puede ver correctamente esta animación, visite www.es-emoticon.com/feliz2004 www.es-emoticon.com Este mensaje esta dirigido a los que alguna vez han contactado con Emoticon. Si lo ha recibido por error y no desea recibir ningún comunicado de Emoticon, rogamos envíe un mensaje con asunto : BÓRRAME a [EMAIL PROTECTED] o a la dirección de membrete.
Bug#225634: Apache no longer runs from inetd.
On Wed, 31 Dec 2003, Norbert Veber wrote: > Package: apache > Version: 1.3.29.0.1-3 > Severity: important > > Hello, > > I just noticed that my web page no longer works. I run apache with > mod-ssl from inetd. > > Aparently this is caused by conf.d support: > > [EMAIL PROTECTED]:~]$ telnet localhost https > Trying 127.0.0.1... > Connected to localhost. here you are connected.. in order to get a page you need to send a request. Try to use a normal browser and see what happens.. is that reproducible also on non-SSL connection?? it could be a mod-ssl problem. Fabio -- Our mission: make IPv6 the default IP protocol "We are on a mission from God" - Elwood Blues http://www.itojun.org/paper/itojun-nanog-200210-ipv6isp/mgp4.html
Bug#225287: libapache-mod-perl: Lovely theory, but my Apache still won't run.
Hi Robin, I could close this bug straight ahead since it has been fixed already in sid. Instead you should have checked the BTS where there are already several explanation and workaround. Fabio On Mon, 29 Dec 2003, Robin Lee Powell wrote: > Package: libapache-mod-perl > Version: 1.27-4 > Severity: normal > Followup-For: Bug #225287 > > This bug is *NOT* 'normal' severity. The package is unusable, that > makes it grave. > > While downgrading the perl packages is a lovely theory, the 5.8.0 > packages are no longer available, so mod_perl is, in fact, completely > unusable. This renders my Apache unusable as well, as I have several > things that require mod_perl. > > If there *is* a workaround that does not involve taking packages from > unstable, I would very much appreciate specific instructions on how to > take advantage of it. > > -Robin > > > -- System Information: > Debian Release: testing/unstable > Architecture: i386 > Kernel: Linux chain.digitalkingdom.org 2.4.22-1-k7-smp #5 SMP Sat Oct 4 > 14:42:01 EST 2003 i686 > Locale: LANG=C, LC_CTYPE=C > > Versions of packages libapache-mod-perl depends on: > ii apache-common 1.3.27.0-2 Support files for all Apache > webse > ii libc6 2.3.2.ds1-10 GNU C Library: Shared libraries > an > ii libdevel-symdump-perl 2.03-3 Perl module for inspecting perl's > ii libperl5.8 5.8.2-2 Shared Perl library. > ii liburi-perl 1.23-1 Manipulates and accesses URI > strin > ii libwww-perl 5.69-4 WWW client/server library for > Perl > ii perl [libmime-base64-perl] 5.8.2-2 Larry Wall's Practical Extraction > ii perl-base [perlapi-5.8.0] 5.8.2-2 The Pathologically Eclectic > Rubbis > > -- no debconf information > > > > -- Our mission: make IPv6 the default IP protocol "We are on a mission from God" - Elwood Blues http://www.itojun.org/paper/itojun-nanog-200210-ipv6isp/mgp4.html
Processed: Re: Bug#225430: Apache segfaults when starting - either by usign the startup script in /etc/init.d or by apachectl
Processing commands for [EMAIL PROTECTED]: > severity 225430 normal Bug#225430: Apache segfaults when starting - either by usign the startup script in /etc/init.d or by apachectl Severity set to `normal'. > reassign 225430 libapache-mod-perl Bug#225430: Apache segfaults when starting - either by usign the startup script in /etc/init.d or by apachectl Bug reassigned from package `apache' to `libapache-mod-perl'. > tags 225430 sarge Bug#225430: Apache segfaults when starting - either by usign the startup script in /etc/init.d or by apachectl There were no tags set. Tags added: sarge > merge 225430 224959 Bug#224959: apache does not start Bug#225430: Apache segfaults when starting - either by usign the startup script in /etc/init.d or by apachectl Bug#225287: Apache - Segmentation fault Merged 224959 225287 225430. > stop Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database)
Bug#225430: Apache segfaults when starting - either by usign the startup script in /etc/init.d or by apachectl
severity 225430 normal reassign 225430 libapache-mod-perl tags 225430 sarge merge 225430 224959 stop quit Hi Michelle, this bug has been fixed already in sid since a long time. Please check the BTS and debian-apache mailing list for reference next time. Thanks Fabio On Mon, 29 Dec 2003, Michelle Murrain wrote: > Package: apache > Version: 1.3.27.0-2 > Severity: grave > Justification: renders package unusable > > > > -- System Information: > Debian Release: testing/unstable > Architecture: i386 > Kernel: Linux sloth 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i686 > Locale: LANG=C, LC_CTYPE=C > > Versions of packages apache depends on: > ii apache-common 1.3.27.0-2 Support files for all Apache > webse > ii debconf 1.3.22 Debian configuration management > sy > ii dpkg1.10.18 Package maintenance system for > Deb > ii libc6 2.3.2.ds1-10 GNU C Library: Shared libraries > an > ii libdb4.14.1.25-10Berkeley v4.1 Database Libraries > [ > ii libexpat1 1.95.6-6 XML parsing C library - runtime > li > ii libmagic1 4.06-2 File type determination library > us > ii logrotate 3.6.5-2 Log rotation utility > ii mime-support3.23-1 MIME files 'mime.types' & > 'mailcap > ii perl [perl5]5.8.2-2 Larry Wall's Practical Extraction > > -- debconf information: > apache/enable-suexec: false > > I get the following error: > Starting web server: apache/etc/init.d/apache: line 70: 2305 > Segmentation fault start-stop-daemon --start --pidfile $PIDFILE > --exec $DAEMON > failed > > > > > -- Our mission: make IPv6 the default IP protocol "We are on a mission from God" - Elwood Blues http://www.itojun.org/paper/itojun-nanog-200210-ipv6isp/mgp4.html
Processed: Re: Bug#225056: apache: Segmentation fault on startup with virtual hosts
Processing commands for [EMAIL PROTECTED]: > reassign 225056 php4 Bug#225056: apache: Segmentation fault on startup with virtual hosts Bug reassigned from package `apache' to `php4'. > severity 225056 grave Bug#225056: apache: Segmentation fault on startup with virtual hosts Severity set to `grave'. > stop Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database)
Bug#225487: apache-ssl: Postinstall fails with a "sed" error
Hi Doug, can you be so kind to add set -x to /var/lib/dpkg/info/apache-ssl.postinst and send me the output? thanks Fabio On Mon, 29 Dec 2003, Doug Maxwell wrote: > Package: apache-ssl > Version: 1.3.29.0.1-3 > Severity: grave > Tags: sid > Justification: renders package unusable > > Error occurs immediately after entering information needed for creation > of self-signed certificate: > > [EMAIL PROTECTED]:~$ sudo apt-get -f install > Reading Package Lists... Done > Building Dependency Tree... Done > 0 upgraded, 0 newly installed, 0 to remove and 7 not upgraded. > 1 not fully installed or removed. > Need to get 0B of archives. > After unpacking 0B of additional disk space will be used. > Setting up apache-ssl (1.3.29.0.1-3) ... > sed: -e expression #4, char 42: Unknown option to `s' > dpkg: error processing apache-ssl (--configure): > subprocess post-installation script returned error exit status 1 > Errors were encountered while processing: > apache-ssl > E: Sub-process /usr/bin/dpkg returned an error code (1) > [EMAIL PROTECTED]:~$ > > > -- System Information: > Debian Release: testing/unstable > Architecture: i386 > Kernel: Linux hades 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i686 > Locale: LANG=C, LC_CTYPE=C > > Versions of packages apache-ssl depends on: > ii apache-common 1.3.29.0.1-3 Support files for all Apache > webse > ii debconf 1.3.22 Debian configuration management > sy > ii dpkg1.10.18 Package maintenance system for > Deb > ii libc6 2.3.2.ds1-10 GNU C Library: Shared libraries > an > ii libdb4.14.1.25-10Berkeley v4.1 Database Libraries > [ > ii libexpat1 1.95.6-6 XML parsing C library - runtime > li > ii libkeynote0 2.3-10 Decentralized Trust-Management > sys > ii libmagic1 4.06-2 File type determination library > us > ii libpam0g0.76-14 Pluggable Authentication Modules > l > ii libssl0.9.7 0.9.7c-5 SSL shared libraries > ii logrotate 3.6.5-2 Log rotation utility > ii mime-support3.23-1 MIME files 'mime.types' & > 'mailcap > ii openssl 0.9.7c-5 Secure Socket Layer (SSL) binary > a > ii perl [perl5]5.8.2-2 Larry Wall's Practical Extraction > ii ssl-cert1.0-6Simple debconf wrapper for > openssl > > -- debconf information: > apache-ssl/server-admin: [EMAIL PROTECTED] > * apache-ssl/enable-suexec: false > apache-ssl/init: true > apache-ssl/server-name: localhost > apache-ssl/document-root: /var/www > > My version of sed: > > ii sed 4.0.7-3 > > > > -- Our mission: make IPv6 the default IP protocol "We are on a mission from God" - Elwood Blues http://www.itojun.org/paper/itojun-nanog-200210-ipv6isp/mgp4.html
Bug#225056: apache: Segmentation fault on startup with virtual hosts
reassign 225056 php4 severity 225056 grave stop quit Hi Jeremy, thanks for the report, I am reassigning this bug to php4. Fabio On Mon, 29 Dec 2003, Jeremy Lunn wrote: > On Mon, Dec 29, 2003 at 09:04:02AM +0100, Fabio Massimo Di Nitto wrote: > > Can you show me your modules.conf?? if you are using php4, do you have the > > php4-imap extension enabled?? in that case please disable it and restart > > apache (php4 is broken and maintainers know about it). > > Interesting, that looks like it's the problem them (strange the way it > affected virtual hosts). > > Thanks, > > Jeremy > > -- Our mission: make IPv6 the default IP protocol "We are on a mission from God" - Elwood Blues http://www.itojun.org/paper/itojun-nanog-200210-ipv6isp/mgp4.html
Bug#225287: found solution
On Sun, 28 Dec 2003, Kevin Renskers wrote: > Okay, after even more searching through all the bug reports, I came > across http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=224049 (in > section libapache-mod-perl). > > And indeed, after disabling mod_perl, apache is working again. When will > this be fixed? And why wasn't this bug posted in the Apache section? As i wrote in the bug report and to the mailing list a new apache needs to flow from sid to sarge. when it is difficult to say. The problem has been fixed in sid long time ago. Fabio -- Our mission: make IPv6 the default IP protocol "We are on a mission from God" - Elwood Blues http://www.itojun.org/paper/itojun-nanog-200210-ipv6isp/mgp4.html
Re: Segmentation Fault after apache-ssl upgrade
Hi Felipe, this seems to be a problem with perl that has been recently updated in sarge. Soon a new version of apache should enter sarge as well to fix this problem. Fabio On Mon, 29 Dec 2003, Felipe Martínez Hermo wrote: > > Hi! > > I have just apt-get upgrade'd my system (Debian testing) and seems like > apache-* upgraded to version 1.3.27.0-2 > Apache restarted just right, but apache-ssl responds with segmentation > fault: > max:/home/felipe/apache# /etc/init.d/apache-ssl start > Starting web server: apache-ssl/etc/init.d/apache-ssl: line 65: 2207 > Segmentation fault start-stop-daemon --start --pidfile $PIDFILE --exec > $DAEMON > failed > > There is one difference between apache and apache-ssl in this particular > system: ssl is configured to interact with an Oracle database through Oracle > client 8.1.7 and perl-dbi but it had been working fine for 2 years > There's also something wrong with logs: > I found this at /var/log/apache-ssl/error.log.1: > [Sun Dec 28 06:25:21 2003] [notice] SIGUSR1 received. Doing graceful restart > > However, it doesn't seem to have restarted "gracefully" and both access.log > and error.log are empty > > > What else can I try? Sorry if I seem a little bit lost, but is the > first time > that apt-get is not going right. > > Thank you > -- Our mission: make IPv6 the default IP protocol "We are on a mission from God" - Elwood Blues http://www.itojun.org/paper/itojun-nanog-200210-ipv6isp/mgp4.html
Bug#225634: Apache no longer runs from inetd.
Package: apache Version: 1.3.29.0.1-3 Severity: important Hello, I just noticed that my web page no longer works. I run apache with mod-ssl from inetd. Aparently this is caused by conf.d support: [EMAIL PROTECTED]:~]$ telnet localhost https Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. Processing config directory: /etc/apache/conf.d Processing config file: /etc/apache/conf.d/mod-ssl-00-global.conf [Wed Dec 31 00:34:41 2003] [warn] module ssl_module is already loaded, skipping Processing config file: /etc/apache/conf.d/mod-ssl-01-vhost.conf -- System Information: Debian Release: testing/unstable Architecture: i386 Kernel: Linux pyre.virge.net 2.4.22-1-k7 #5 Sat Oct 4 14:11:12 EST 2003 i686 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 Versions of packages apache depends on: ii apache-common 1.3.29.0.1-3 Support files for all Apache webse ii debconf 1.3.22 Debian configuration management sy ii dpkg1.10.18 Package maintenance system for Deb ii libc6 2.3.2.ds1-10 GNU C Library: Shared libraries an ii libdb4.14.1.25-10Berkeley v4.1 Database Libraries [ ii libexpat1 1.95.6-6 XML parsing C library - runtime li ii libmagic1 4.06-2 File type determination library us ii libpam0g0.76-14.1Pluggable Authentication Modules l ii logrotate 3.6.5-2 Log rotation utility ii mime-support3.23-1 MIME files 'mime.types' & 'mailcap ii perl [perl5]5.8.2-2 Larry Wall's Practical Extraction -- debconf information: * apache/enable-suexec: true apache/server-name: pyre.virge.net apache/document-root: apache/server-port: apache/init: true apache/server-admin: [EMAIL PROTECTED]
