header set Server - not working
Hai I am using apache 1.3.26 on debian woody. Now I need to customize http headers for security reasons. I have enabled mod_headers module, then I include as Header set Server test But this is not set, I couldn't even unset also. But If I include as Header append Author myname , then its working. What may be the problem? Sarav __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Bug#286975: apache: FTBFS - x86/testing (31mrule: command not found)
Package: apache Version: 1.3.33-2 Severity: serious Justification: no longer builds from source Hi, I'm sorry to be filing this as I'm finding it hard to believe that this could be a problem for anyone but me. However a fresh apt-get source of apache, with the build-depends installed and no customisation at all fails. Nobody in #debian had experienced this when I asked and there's no match for 'apache FTBFS' on -devel or -user archives for the last couple of months. SUMMARY $ apt-get source apache # apt-get build-dep apache $ cd apache-1.3.33 apache-1.3.33$ dpkg-buildpackage -rfakeroot -b ../configure: line 1: 31mrule: command not found + using installation path layout: Debian (config.layout) configure:Error: No such rule named 'SHARED_CHAIN' make: *** [debian/stampdir/configure-stamp-apache] Error 1 DETAILED Full output of dpkg-buildpackage is attached. I note that the first line of every file named 'configure' in the source dir is a standard hash-bang. -- System Information: Debian Release: 3.1 APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.4.27-1-686 Locale: LANG=en_GB, LC_CTYPE=en_GB (charmap=ISO-8859-1) Versions of packages apache depends on: ii apache-common 1.3.33-2 Support files for all Apache webse ii debconf 1.4.30.10Debian configuration management sy ii dpkg1.10.25 Package maintenance system for Deb ii libc6 2.3.2.ds1-18 GNU C Library: Shared libraries an ii libdb4.24.2.52-17Berkeley v4.2 Database Libraries [ ii libexpat1 1.95.8-1 XML parsing C library - runtime li ii libmagic1 4.12-1 File type determination library us ii logrotate 3.7-2Log rotation utility ii mime-support3.28-1 MIME files 'mime.types' 'mailcap ii perl5.8.4-3 Larry Wall's Practical Extraction -- debconf information: apache/server-name: localhost apache/document-root: /var/www apache/server-port: 80 * apache/enable-suexec: false apache/init: true apache/server-admin: [EMAIL PROTECTED] dpkg-buildpackage: source package is apache dpkg-buildpackage: source version is 1.3.33-2 dpkg-buildpackage: source maintainer is Fabio M. Di Nitto [EMAIL PROTECTED] dpkg-buildpackage: host architecture is i386 fakeroot debian/rules clean dh_testdir dh_testroot rm -f debian/apache{,-ssl,-perl}.{presubj,init,conffiles,config,dirs,docs,examples,lintian,intro.html} rm -f debian/apache{,-ssl,-perl}.{logrotate,postinst,postrm,preinst,prerm,httpd.conf} rm -f debian/apaci{,-ssl,-perl,.append{,-ssl,-perl}} rm -f debian/{apache-common.examples,apache-dev.docs,libapache-mod-perl.docs} rm -f debian/{*.gz,local-apxs*,apxs*} o debian/o debian/buildinfo.Debian rm -rf debian/logos debian/logos.ssl chmod +x debian/{ubersed,modules-config,sys-build.mk,scripts/*.*,scripts/modchk} /usr/bin/make -f debian/sys-build.mk source.clean make[1]: Entering directory `/home/jon/code/apache-1.3.33' make[1]: Leaving directory `/home/jon/code/apache-1.3.33' rm -rf build-tree-* rm -rf debian.diff debian/stampdir rm -rf libapache-mod-perl-1.29 dh_clean debian/rules build *** unpacking/patching common tree *** /usr/bin/make -f debian/sys-build.mk source.make make[1]: Entering directory `/home/jon/code/apache-1.3.33' Extracting upstream tarball upstream/tarballs/apache_1.3.33.tar.gz successful. Extracting upstream tarball upstream/tarballs/apache-contrib-1.0.8a-nomodcvs.tar.gz successful. Extracting upstream tarball upstream/tarballs/pkg.eapi-2.8.22-1.3.33.tar.gz successful. Applying patch 001_ab_overzealous_connections successful. Applying patch 002_apxs_assumes_dso successful. Applying patch 003_apxs_wrong_prefix successful. Applying patch 005_mime_type_fix successful. Applying patch 006_phf_dot_log successful. Applying patch 007_regex_must_conform_to_posix_for_LFS_to_work successful. Applying patch 008_suexec_combined successful. Applying patch 009_suexec_of_death successful. Applying patch 010_dbm_part_2_the_revenge successful. Applying patch 011_find_dbm_libdb41_fix successful. Applying patch 012_hurd_compile_fix_for_upstream successful. Applying patch 013_hurd_libdb_fix successful. Applying patch 014_mod_auth_db_libdb41_fix successful. Applying patch 015_suexec_uid_min successful. Applying patch 017_uncrack_proxy_ftp_eapi_bit successful. Applying patch 018_suexec_reopenlog successful. Applying patch 019_apxs_dont_extra_libs successful. Applying patch 030_autoindex_studly successful. Applying patch 031_autoindex_indexes successful. Applying patch 032_autoindex_generator successful. Applying patch 033_-F_NO_SETSID successful. Applying patch 034_ab.8_formatting_error successful. Applying patch 100_proxy_content_base successful. Applying patch 101_httpd_manpage successful. Applying patch 102_inetdfix successful. Applying patch 500_configure_hashbang
Bug#286975: apache: FTBFS - x86/testing (31mrule: command not found)
On Thu, Dec 23, 2004 at 01:18:06PM +0100, Fabio Massimo Di Nitto wrote: I know for sure that configure explicitly requires bash, did you replace /bin/bash with another shell? Can you verify the bash md5sum? ~$ md5sum `which sh` `which bash` 6a01accdaa1baad9b2af1bcda2d80769 /bin/sh 6a01accdaa1baad9b2af1bcda2d80769 /bin/bash This is my best guess atm.. otherwise would it be possible for you to test the same in a fresh sarge/sid chroot? that would really help to isolate the problem between your installed system and my build-test env. I'd be happy to help in any way possible, although things might be delayed over the christmas break as my machine will most likely be off. Can I achieve this using pbuilder?
Bug#286975: apache: FTBFS - x86/testing (31mrule: command not found)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi Jon, Jon Dowland wrote: | Package: apache | Version: 1.3.33-2 | Severity: serious | Justification: no longer builds from source | | Hi, I'm sorry to be filing this as I'm finding it hard to believe that | this could be a problem for anyone but me. Unfortunatly i cannot reproduce it here at all, neither on sarge or sid. | | cd build-tree-apache/apache_1.3.33 LDFLAGS= CFLAGS=-O1 -g -Wall -D_LARGEFILE_SOURCE - -D_FILE_OFFSET_BITS=64 ./configure --suexec-logfile=/var/log/apache/suexec.log --target=apache - --with-layout=Debian --enable-suexec --suexec-caller=www-data --suexec-docroot=/var/www - --includedir=/usr/include/apache-1.3 --without-confadjust --without-execstrip --enable-shared=max - --enable-rule=SHARED_CHAIN --enable-module=most --enable-module=status --enable-module=auth_digest - --enable-module=log_referer --enable-module=log_agent --enable-module=auth_db - --activate-module=src/modules/extra/mod_macro.c | Configuring for Apache, Version 1.3.33 | ../configure: line 1: rule_[01: command not found I know for sure that configure explicitly requires bash, did you replace /bin/bash with another shell? Can you verify the bash md5sum? This is my best guess atm.. otherwise would it be possible for you to test the same in a fresh sarge/sid chroot? that would really help to isolate the problem between your installed system and my build-test env. Thanks Fabio - -- Self-Service law: The last available dish of the food you have decided to eat, will be inevitably taken from the person in front of you. -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFByrd8hCzbekR3nhgRAnyMAJ9oj0YrLvR9q/e/yPTbxEp/FmFPLQCgjsCZ nqqFxdUNeMKZrnq5c2qq7vo= =LhWo -END PGP SIGNATURE-
Bug#286975: apache: FTBFS - x86/testing (31mrule: command not found)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jon Dowland wrote: |This is my best guess atm.. otherwise would it be possible for you to test |the same |in a fresh sarge/sid chroot? that would really help to isolate the problem |between your installed system and my build-test env. | | | I'd be happy to help in any way possible, although things might be | delayed over the christmas break as my machine will most likely be off. | Can I achieve this using pbuilder? Yes. I did test with pbuilder too and i still can't reproduce the bug. Perhaps something related to your user environment? Fabio PS i will leave for xmas holydays in a few hours too... so if we don't manage to figure out the problem, don't worry.. we will work on it on monday. - -- Self-Service law: The last available dish of the food you have decided to eat, will be inevitably taken from the person in front of you. -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFByrxhhCzbekR3nhgRAi13AJ9YCnU7i3MG/8MuscUHCWhkEV9P5ACggS21 7zDLuTqmzp81QLhc88NIgN0= =q/mw -END PGP SIGNATURE-
Bug#286740: apache: log directory should have same permissions as logfiles (possible information disclosure)
On Wed, Dec 22, 2004 at 07:05:13PM -0800, Matt Zimmerman wrote: On Tue, Dec 21, 2004 at 09:41:35PM +, Jan Minar wrote: Package: apache Version: 1.3.33-2 Severity: minor Tags: security Hi. /var/log/apache is world-readable, so users can e.g. check whether certain operation triggered an error. And given that the error strings are pretty standardized, they can guess what string has been added to the logfile, judging by the number of bytes that was appended to the log. As this is not very obvious to the system administrator, and as there is no use of /var/log/apache directory being readable and searchable while the files in it are not, apart from the information disclosure described above, I think it should be chmod-ed 750, just as the logs in it are chmod 640. I don't see a scenario where this could result in a meaningful security issue. I do, but I don't think it's worth my time to write PoCs for every unimportant marginally important security issue out there. The user can just as easily find out that an error was caused by noticing the 5xx error returned by the server in response to the request. Only if it was an error returned to them. Also, the log files can have far more detail than just the error code. Cheers, -- )^o-o^|jabber: [EMAIL PROTECTED] | .v Ke-mail: jjminar FastMail FM ` - .' phone: +44(0)7981 738 696 \ __/Jan icq: 345 355 493 __|o|__Min irc: [EMAIL PROTECTED] pgp5pzQMeHhb8.pgp Description: PGP signature
libapache-mod-perl : libperl.so does not have a corresponding .info file
Hi, i've just run a apt-get dist-upgrade on my machine on debian/testing, everything went well except for the mod_perl upgrade, here are the information: mathieu:/home/mathieu# apt-get dist-upgrade Reading Package Lists... Done Building Dependency Tree... Done Calculating Upgrade... Done The following packages have been kept back: eterm libdirectfb-dev pstoedit 0 upgraded, 0 newly installed, 0 to remove and 3 not upgraded. 1 not fully installed or removed. Need to get 0B of archives. After unpacking 0B of additional disk space will be used. Do you want to continue? [Y/n] Setting up libapache-mod-perl (1.29.0.2-16) ... Error: libperl.so does not have a corresponding .info file. The above errors might cause apache to not work properly or start Please refer to the documentation on how to fix it or report it to Debian Apache Mailing List debian-apache@lists.debian.org if in doubt on how to proceed dpkg: error processing libapache-mod-perl (--configure): subprocess post-installation script returned error exit status 20 Errors were encountered while processing: libapache-mod-perl E: Sub-process /usr/bin/dpkg returned an error code (1) mathieu:/home/mathieu# Can someone point me to any direction in solving this issue ? Thanks. Mathieu
Bug#287012: apache: Should warn on nonsensical configuration
Package: apache Version: 1.3.33-2 Severity: wishlist It just took me 3 hours and a lots of cursing to find this: Listen 433 VirtualHost foo.localhost:443 (Note the port numbers differ.) Under such circumstances, apache really should warn about possible misconfiguration. I don't know whether this can actually be a valid config setup. If not, erring, not warning would be more appropriate. Cheers, Jan. -- System Information: Debian Release: 3.1 APT prefers testing APT policy: (700, 'testing') Architecture: i386 (i686) Kernel: Linux 2.4.28-jan Locale: LANG=C, LC_CTYPE=cs_CZ.ISO-8859-2 (charmap=ISO-8859-2) Versions of packages apache depends on: ii apache-common 1.3.33-2 Support files for all Apache webse ii debconf 1.4.30.10Debian configuration management sy ii dpkg1.10.25 Package maintenance system for Deb ii libc6 2.3.2.ds1-18 GNU C Library: Shared libraries an ii libdb4.24.2.52-17Berkeley v4.2 Database Libraries [ ii libexpat1 1.95.8-1 XML parsing C library - runtime li ii libmagic1 4.12-1 File type determination library us ii logrotate 3.7-2Log rotation utility ii mime-support3.28-1 MIME files 'mime.types' 'mailcap ii perl5.8.4-3 Larry Wall's Practical Extraction -- debconf information: apache/init: true apache/server-port: 80 apache/document-root: /var/www apache/server-admin: [EMAIL PROTECTED] apache/server-name: localhost * apache/enable-suexec: false -- )^o-o^|jabber: [EMAIL PROTECTED] | .v Ke-mail: jjminar FastMail FM ` - .' phone: +44(0)7981 738 696 \ __/Jan icq: 345 355 493 __|o|__Min irc: [EMAIL PROTECTED] pgpKGBgBdH6yd.pgp Description: PGP signature
Processed: issue is resolved
Processing commands for [EMAIL PROTECTED]: close 276717 Bug#276717: apache2-mpm-prefork: mod_auth_ldap segfaults 'close' is deprecated; see http://www.debian.org/Bugs/Developer#closing. Bug closed, send any further explanations to simon raven [EMAIL PROTECTED] thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database)
Bug#287012: apache: Should warn on nonsensical configuration
Ce jour Thu, 23 Dec 2004, Jan Minar a dit: Package: apache Version: 1.3.33-2 Severity: wishlist It just took me 3 hours and a lots of cursing to find this: Listen 433 VirtualHost foo.localhost:443 (Note the port numbers differ.) Under such circumstances, apache really should warn about possible misconfiguration. I don't know whether this can actually be a valid config setup. If not, erring, not warning would be more appropriate. Cheers, Jan. apachectl configtest is there for a reason ;). apachectl -S works nice for vhosts. eric signature.asc Description: Digital signature
Bug#276717: issue is resolved
close 276717 thanks the SEGV in the module seems to have been fixed since the last updates. it's ok to close this now. thank you, eric -- Cold pizza and cold coffee, second best thing to cold pizza and warm beer. -- me signature.asc Description: Digital signature
Bug#286740: apache: log directory should have same permissions as logfiles (possible information disclosure)
On Thu, Dec 23, 2004 at 01:20:02PM +, Jan Minar wrote: On Wed, Dec 22, 2004 at 07:05:13PM -0800, Matt Zimmerman wrote: The user can just as easily find out that an error was caused by noticing the 5xx error returned by the server in response to the request. Only if it was an error returned to them. Also, the log files can have far more detail than just the error code. The detail is irrelevant, since the user can't read the file. In both cases, they can find out that an error occurred. -- - mdz
Bug#286740: apache: log directory should have same permissions as logfiles (possible information disclosure)
On Thu, Dec 23, 2004 at 09:44:00AM -0800, Matt Zimmerman wrote: On Thu, Dec 23, 2004 at 01:20:02PM +, Jan Minar wrote: On Wed, Dec 22, 2004 at 07:05:13PM -0800, Matt Zimmerman wrote: The user can just as easily find out that an error was caused by noticing the 5xx error returned by the server in response to the request. Only if it was an error returned to them. Also, the log files can have far more detail than just the error code. The detail is irrelevant, since the user can't read the file. In both cases, they can find out that an error occurred. Please read the original bugreport. -- )^o-o^|jabber: [EMAIL PROTECTED] | .v Ke-mail: jjminar FastMail FM ` - .' phone: +44(0)7981 738 696 \ __/Jan icq: 345 355 493 __|o|__Min irc: [EMAIL PROTECTED] pgpHq4B2Gf5qT.pgp Description: PGP signature
Bug#287033: fails with libgcc1/woody, but doesn't depend on newer
Package: apache2-mpm-worker Version: 2.0.52-3 Severity: important apache2 emits the following into error.log: (with libgcc1=1:3.0.4-7) libgcc_s.so.1 must be installed for pthread_cancel to work and starts only 1 thread, accepts connections, but doesn't serve requests. A desktop system or a server upgraded fully to testing distribution would pull libgcc1 in from some other dependency, masking the problem. If someone were to *only* upgrade apache and dependencies, it fails. I am unable to determine in more detail which package, either apache2-mpm-worker, or some library it uses, should have it's package depend on libgcc1 of a newer version (libgcc1=3.4.2-2 at least works) -- System Information Debian Release: 3.0 Architecture: i386 Kernel: Linux bob 2.6.9-1-k7 #1 Thu Nov 25 03:20:07 EST 2004 i686 Locale: LANG=C, LC_CTYPE=C Versions of packages apache2-mpm-worker depends on: ii apache2-common 2.0.52-3 Next generation, scalable, extenda ii libapr0 2.0.52-3 The Apache Portable Runtime ii libc6 2.3.2.ds1-18 GNU C Library: Shared libraries an ii libdb4.24.2.52-17Berkeley v4.2 Database Libraries [ ii libexpat1 1.95.8-1 XML parsing C library - runtime li ii libldap22.1.30-3 OpenLDAP libraries ii libssl0.9.7 0.9.7e-2 SSL shared libraries ii zlib1g 1:1.2.2-3compression library - runtime
problem with libapache-mod-php4
Hello all, I am having the following problem with libapache-mod-php4 and I do not know how to fix it. If anyone knows what is the problem and how to fix it, i'd appreciate some guidance. Thank you. START ** zeus:~# apt-get upgrade Reading Package Lists... Done Building Dependency Tree... Done 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 4 not fully installed or removed. Need to get 0B of archives. After unpacking 0B of additional disk space will be used. Do you want to continue? [Y/n] y Setting up libapache-mod-php4 (4.3.10-2) ... Error: mod_webkit.so does not have a corresponding .info file. The above errors might cause apache to not work properly or start Please refer to the documentation on how to fix it or report it to Debian Apache Mailing List debian-apache@lists.debian.org if in doubt on how to proceed dpkg: error processing libapache-mod-php4 (--configure): subprocess post-installation script returned error exit status 20 dpkg: dependency problems prevent configuration of php4: php4 depends on libapache-mod-php4 (= 4:4.3.10-2) | libapache2-mod-php4 (= 4:4.3.10-2) | caudium-php4 (= 4:4.3.10-2); however: Package libapache-mod-php4 is not configured yet. Package libapache2-mod-php4 is not installed. Package caudium-php4 is not installed. dpkg: error processing php4 (--configure): dependency problems - leaving unconfigured dpkg: dependency problems prevent configuration of php4-imap: php4-imap depends on phpapi-20020918; however: Package phpapi-20020918 is not installed. Package libapache-mod-php4 which provides phpapi-20020918 is not configured yet. dpkg: error processing php4-imap (--configure): dependency problems - leaving unconfigured dpkg: dependency problems prevent configuration of php4-pgsql: php4-pgsql depends on phpapi-20020918; however: Package phpapi-20020918 is not installed. Package libapache-mod-php4 which provides phpapi-20020918 is not configured yet. dpkg: error processing php4-pgsql (--configure): dependency problems - leaving unconfigured Errors were encountered while processing: libapache-mod-php4 php4 php4-imap php4-pgsql E: Sub-process /usr/bin/dpkg returned an error code (1) zeus:~# *** END *