Bug#292122: /etc/apache-ssl/httpd.conf is modified without questions on upgrade
Package: apache-ssl Version: 1.3.33-3 Severity: important When I just upgraded apache-ssl, the postinst script did these modifications without asking me: canardo:/etc/apache-ssl# cvs diff -u httpd.conf Index: httpd.conf === RCS file: /usr/local/cvsroot/canardo_etc/apache-ssl/httpd.conf,v retrieving revision 1.16 diff -u -r1.16 httpd.conf --- httpd.conf 5 Jan 2005 14:29:46 - 1.16 +++ httpd.conf 25 Jan 2005 08:21:01 - @@ -37,7 +37,7 @@ ### Section 2: 'Main' server configuration BindAddress www.mork.no -Port 80 +Port 443 Listen www.mork.no:443 Listen www.mork.no:80 User www-data @@ -417,3 +417,9 @@ Include /etc/cacti/apache.conf /VirtualHost + +# Automatically added by the post-installation script +# as part of the transition to a config directory layout +# similar to apache2, and that will help users to migrate +# from apache to apache2 or revert back easily +Include /etc/apache-ssl/conf.d This is quite serious, since changing the bind port changes the configuration in a way which cannot be done safely. How would you know what the admins intentions are? Luckily, I also had a virtual server running on port 443, so I noticed an uexpected error caused by the above change. Bjørn -- System Information: Debian Release: 3.1 APT prefers testing APT policy: (650, 'testing'), (600, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.8-2-686 Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1) Versions of packages apache-ssl depends on: ii apache-common 1.3.33-3 support files for all Apache webse ii debconf 1.4.30.11Debian configuration management sy ii dpkg1.10.26 Package maintenance system for Deb ii libc6 2.3.2.ds1-20 GNU C Library: Shared libraries an ii libdb4.24.2.52-17Berkeley v4.2 Database Libraries [ ii libexpat1 1.95.8-1 XML parsing C library - runtime li ii libmagic1 4.12-1 File type determination library us ii libssl0.9.7 0.9.7e-2 SSL shared libraries ii logrotate 3.7-2Log rotation utility ii mime-support3.28-1 MIME files 'mime.types' 'mailcap ii openssl 0.9.7e-2 Secure Socket Layer (SSL) binary a ii perl5.8.4-5 Larry Wall's Practical Extraction ii ssl-cert1.0-11 Simple debconf wrapper for openssl -- debconf information: apache-ssl/server-name: www.mork.no apache-ssl/server-admin: [EMAIL PROTECTED] * apache-ssl/enable-suexec: true apache-ssl/init: true apache-ssl/document-root: /home/www/mork.no
Bug#292122: /etc/apache-ssl/httpd.conf is modified without questions on upgrade
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Bjørn Mork wrote: | Package: apache-ssl | Version: 1.3.33-3 | Severity: important | | When I just upgraded apache-ssl, the postinst script did these modifications | without asking me: This is sounds quite impossible because apache uses debconf via ucf to ask if it is allowed to modify configurations or not and the level of interaction is decided by the user via dpkg-reconfigure debconf. If you have set it to non-interactive than of course things do not get asked. Please let me know if i missed something and if you can kindly check the above values. Thanks Fabio - -- Self-Service law: The last available dish of the food you have decided to eat, will be inevitably taken from the person in front of you. -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFB9gphhCzbekR3nhgRAjCtAJsGJxKuoGSZixTgfGl4GjRmrOFrgwCggLpY MV9x6ADi2z3cDVjwdWBNXYU= =5ttB -END PGP SIGNATURE-
Bug#292122: /etc/apache-ssl/httpd.conf is modified without questions on upgrade
Fabio Massimo Di Nitto [EMAIL PROTECTED] writes: Bjørn Mork wrote: | Package: apache-ssl | Version: 1.3.33-3 | Severity: important | | When I just upgraded apache-ssl, the postinst script did these modifications | without asking me: This is sounds quite impossible because apache uses debconf via ucf to ask if it is allowed to modify configurations or not and the level of interaction is decided by the user via dpkg-reconfigure debconf. If you have set it to non-interactive than of course things do not get asked. I don't think I have, but I have been wrong once before ;-) Can't find any evidence of it though: canardo:/etc/apache-ssl# egrep -v ^# /etc/debconf.conf Config: configdb Templates: templatedb Name: config Driver: File Mode: 644 Reject-Type: password Filename: /var/cache/debconf/config.dat Name: passwords Driver: File Mode: 600 Backup: false Required: false Accept-Type: password Filename: /var/cache/debconf/passwords.dat Name: configdb Driver: Stack Stack: config, passwords Name: templatedb Driver: File Mode: 644 Filename: /var/cache/debconf/templates.dat canardo:/etc/apache-ssl# egrep -A5 '^Name: debconf' /var/cache/debconf/config.dat Name: debconf/frontend Template: debconf/frontend Value: Dialog Owners: debconf Flags: seen Name: debconf/priority Template: debconf/priority Value: medium Owners: debconf Flags: seen canardo:/etc/apache-ssl# echo x$DEBIAN_FRONTEND x Anything else I should check? Bjørn
Bug#292122: /etc/apache-ssl/httpd.conf is modified without questions on upgrade
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Bjørn Mork wrote: | Fabio Massimo Di Nitto [EMAIL PROTECTED] writes: | | |Bjørn Mork wrote: || Package: apache-ssl || Version: 1.3.33-3 || Severity: important || || When I just upgraded apache-ssl, the postinst script did these modifications || without asking me: | |This is sounds quite impossible because apache uses debconf via ucf to ask if it is |allowed to modify configurations or not and the level of interaction is decided |by the user via dpkg-reconfigure debconf. | |If you have set it to non-interactive than of course things do not get asked. | | | I don't think I have, but I have been wrong once before ;-) Can't | find any evidence of it though: | they look ok... | Anything else I should check? If you can efford to do a test break it would be great if you can rever the changes to the old config and do: dpkg-reconfigure apache-ssl and see if for some reason it happens again. Thanks Fabio - -- Self-Service law: The last available dish of the food you have decided to eat, will be inevitably taken from the person in front of you. -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFB9hUchCzbekR3nhgRAq2bAJ4kh9eegmSk1v1TGP6xn5g61ZBKuQCghMb9 pW1cWHjFHvwlVyypWKansjc= =IRPA -END PGP SIGNATURE-
Bug#292122: /etc/apache-ssl/httpd.conf is modified without questions on upgrade
Fabio Massimo Di Nitto [EMAIL PROTECTED] writes: Bjørn Mork wrote: | Anything else I should check? If you can efford to do a test break it would be great if you can rever the changes to the old config and do: dpkg-reconfigure apache-ssl and see if for some reason it happens again. No, that didn't provoke it. I got the questions I already had answered but /etc/apache-ssl/httpd.conf was not changed. That includes the Include /etc/apache-ssl/conf.d which was not added either this time. Then I tried downgrading to 1.3.33-2 and upgrading again, but that didn't change the config either. Hmm, seems I can't reproduce the error so it should probably be archived as a bogus report. Please feel free to do so if you like. I am still wondering how the file got changed, though... Bjørn
Bug#292122: /etc/apache-ssl/httpd.conf is modified without questions on upgrade
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Bjørn Mork wrote: | Fabio Massimo Di Nitto [EMAIL PROTECTED] writes: | |Bjørn Mork wrote: | || Anything else I should check? | |If you can efford to do a test break it would be great if you can rever the changes |to the old config and do: | |dpkg-reconfigure apache-ssl | |and see if for some reason it happens again. | | | No, that didn't provoke it. I got the questions I already had | answered but /etc/apache-ssl/httpd.conf was not changed. That | includes the | | Include /etc/apache-ssl/conf.d | | which was not added either this time. | | Then I tried downgrading to 1.3.33-2 and upgrading again, but that | didn't change the config either. | | Hmm, seems I can't reproduce the error so it should probably be | archived as a bogus report. Please feel free to do so if you like. | | I am still wondering how the file got changed, though... | | | Bjørn Ah hold on.. one more test please.. i forgot about the md5sum check. Put the old config in place and edit (very carefully!) /var/lib/ucf/hashfile with the proper md5sum for /etc/apache-ssl/httpd.conf and test the upgrade again. Thanks Fabio - -- Self-Service law: The last available dish of the food you have decided to eat, will be inevitably taken from the person in front of you. -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFB9h8whCzbekR3nhgRAn9JAJ9CA8RrtJyZXtiADCHUGo8q1JNeAACbBp+5 d8FmBY0hv6af8SfdwQrpucM= =dvn7 -END PGP SIGNATURE-
Re: Need to remove and add virtualhosts to start apache
On Mon, Jan 24, 2005 at 10:34:21PM -0500, Adam Rosi-Kessel wrote: This is a very strange, unreproducible problem that occurs frequently enough that I'm concerned. This sounds like hardware failure. Have you tried running memtest86 on the system? (I saw you said it seems stable otherwise, but I'd check that first.) Yes, all of the diagnostics check out. Memory tests fine. Although the problem is not always reproducible, it always 100% consistent when it happens: remove some virtualhosts, start apache, and add them back in, restart apache, and everything is fine. The machine has been up for as much as five or six months at a time without any problems at all. It's only when (1) apache is upgraded or (2) the machine is rebooted that I've witnessed this problem. I know it sounds more like a car problem than a software problem, but I'm pretty convinced it's not hardware. As a Lisper i like car problems ;-) A quick shot into the dark: could this be DNS related? I think you never told us what sort of virtual hosting you do. Iff you have enough virtual hosts whose domain name doesn't resolve _and_ your server is set up in a way that requires DNS lookups _and_ you have a lot of virtual hosts the startup process might timeout. Hmm, doesn't sound too likely ... Ralf Mattes -- Adam Rosi-Kessel http://adam.rosi-kessel.org -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#292122: /etc/apache-ssl/httpd.conf is modified without questions on upgrade
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Bjørn Mork wrote: | Fabio Massimo Di Nitto [EMAIL PROTECTED] writes: | | |Ah hold on.. one more test please.. i forgot about the md5sum check. | |Put the old config in place and edit (very carefully!) /var/lib/ucf/hashfile |with the proper md5sum for /etc/apache-ssl/httpd.conf |and test the upgrade again. | | | | Yup, that's it: | | canardo:/etc/apache-ssl# md5sum -vc /var/lib/ucf/hashfile | /etc/logrotate.d/clamav-daemon FAILED | /etc/clamav/clamav.confmd5sum: can't open /etc/clamav/clamav.conf | /etc/papersize OK | /etc/nagios/checkcommands.cfg FAILED | /etc/clamav/freshclam.conf OK | /etc/clamav/clamd.conf OK | /etc/fonts/local.conf OK | /etc/apache-ssl/modules.conf OK | /etc/sensors.conf OK | /etc/apache-ssl/httpd.conf OK | md5sum: 2 of 9 file(s) failed MD5 check | canardo:/etc/apache-ssl# grep Port httpd.conf | Port 80 | SSLCacheServerPort /var/run/gcache_port | canardo:/etc/apache-ssl# apt-get dist-upgrade | Reading Package Lists... Done | Building Dependency Tree... Done | Calculating Upgrade... Done | The following packages will be upgraded: | apache-common apache-ssl apache-utils | 3 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. | Need to get 0B/1599kB of archives. | After unpacking 0B of additional disk space will be used. | Do you want to continue? [Y/n] | Preconfiguring packages ... | (Reading database ... 61097 files and directories currently installed.) | Preparing to replace apache-utils 1.3.33-2 (using .../apache-utils_1.3.33-3_i386.deb) ... | Unpacking replacement apache-utils ... | Preparing to replace apache-common 1.3.33-2 (using .../apache-common_1.3.33-3_i386.deb) ... | Unpacking replacement apache-common ... | Preparing to replace apache-ssl 1.3.33-2 (using .../apache-ssl_1.3.33-3_i386.deb) ... | Stopping web server: apache-ssl. | Stopping web server: apache-sslNo process in pidfile `/var/run/apache-ssl.pid' found running; none killed. | . | Unpacking replacement apache-ssl ... | Setting up apache-utils (1.3.33-3) ... | Setting up apache-common (1.3.33-3) ... | | Setting up apache-ssl (1.3.33-3) ... | Replacing config file /etc/apache-ssl/httpd.conf with new version | Starting web server: apache-ssl[Tue Jan 25 11:46:24 2005] [warn] VirtualHost www.mork.no:443 overlaps with VirtualHost www.mork.no:443, the first has precedence, perhaps you need a NameVirtualHost directive | [Tue Jan 25 11:46:24 2005] [warn] VirtualHost www.mork.no:443 overlaps with VirtualHost www.mork.no:443, the first has precedence, perhaps you need a NameVirtualHost directive | [Tue Jan 25 11:46:24 2005] [warn] VirtualHost www.mork.no:443 overlaps with VirtualHost www.mork.no:443, the first has precedence, perhaps you need a NameVirtualHost directive | [Tue Jan 25 11:46:24 2005] [warn] VirtualHost www.mork.no:443 overlaps with VirtualHost www.mork.no:443, the first has precedence, perhaps you need a NameVirtualHost directive | [Tue Jan 25 11:46:24 2005] [warn] VirtualHost www.mork.no:443 overlaps with VirtualHost www.mork.no:443, the first has precedence, perhaps you need a NameVirtualHost directive | [Tue Jan 25 11:46:24 2005] [warn] VirtualHost www.mork.no:443 overlaps with VirtualHost www.mork.no:443, the first has precedence, perhaps you need a NameVirtualHost directive | [Tue Jan 25 11:46:24 2005] [warn] VirtualHost www.mork.no:443 overlaps with VirtualHost www.mork.no:443, the first has precedence, perhaps you need a NameVirtualHost directive | [Tue Jan 25 11:46:24 2005] [warn] NameVirtualHost www.mork.no:80 has no VirtualHosts | . | | canardo:/etc/apache-ssl# grep Port httpd.conf | Port 443 | SSLCacheServerPort /var/run/gcache_port | | | Bjørn All right, i know remember exactly what the problem was/is. Basically older versions of apache-ssl had some problems to work properly with the default port != 443 and that was somehow hardencoded in the config manager for the port. We need to relax it and make it configurable as the other apache flavours. Thanks Fabio - -- Self-Service law: The last available dish of the food you have decided to eat, will be inevitably taken from the person in front of you. -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFB9iXVhCzbekR3nhgRAra9AJ44glG+5S2hCvC+FMWzjRYZfw5KmgCgjuz3 6fTA42Y1MLY7uRt+sL/m7hk= =kA29 -END PGP SIGNATURE-
Bug#292122: /etc/apache-ssl/httpd.conf is modified without questions on upgrade
Fabio Massimo Di Nitto [EMAIL PROTECTED] writes: Ah hold on.. one more test please.. i forgot about the md5sum check. Put the old config in place and edit (very carefully!) /var/lib/ucf/hashfile with the proper md5sum for /etc/apache-ssl/httpd.conf and test the upgrade again. Yup, that's it: canardo:/etc/apache-ssl# md5sum -vc /var/lib/ucf/hashfile /etc/logrotate.d/clamav-daemon FAILED /etc/clamav/clamav.confmd5sum: can't open /etc/clamav/clamav.conf /etc/papersize OK /etc/nagios/checkcommands.cfg FAILED /etc/clamav/freshclam.conf OK /etc/clamav/clamd.conf OK /etc/fonts/local.conf OK /etc/apache-ssl/modules.conf OK /etc/sensors.conf OK /etc/apache-ssl/httpd.conf OK md5sum: 2 of 9 file(s) failed MD5 check canardo:/etc/apache-ssl# grep Port httpd.conf Port 80 SSLCacheServerPort /var/run/gcache_port canardo:/etc/apache-ssl# apt-get dist-upgrade Reading Package Lists... Done Building Dependency Tree... Done Calculating Upgrade... Done The following packages will be upgraded: apache-common apache-ssl apache-utils 3 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. Need to get 0B/1599kB of archives. After unpacking 0B of additional disk space will be used. Do you want to continue? [Y/n] Preconfiguring packages ... (Reading database ... 61097 files and directories currently installed.) Preparing to replace apache-utils 1.3.33-2 (using .../apache-utils_1.3.33-3_i386.deb) ... Unpacking replacement apache-utils ... Preparing to replace apache-common 1.3.33-2 (using .../apache-common_1.3.33-3_i386.deb) ... Unpacking replacement apache-common ... Preparing to replace apache-ssl 1.3.33-2 (using .../apache-ssl_1.3.33-3_i386.deb) ... Stopping web server: apache-ssl. Stopping web server: apache-sslNo process in pidfile `/var/run/apache-ssl.pid' found running; none killed. . Unpacking replacement apache-ssl ... Setting up apache-utils (1.3.33-3) ... Setting up apache-common (1.3.33-3) ... Setting up apache-ssl (1.3.33-3) ... Replacing config file /etc/apache-ssl/httpd.conf with new version Starting web server: apache-ssl[Tue Jan 25 11:46:24 2005] [warn] VirtualHost www.mork.no:443 overlaps with VirtualHost www.mork.no:443, the first has precedence, perhaps you need a NameVirtualHost directive [Tue Jan 25 11:46:24 2005] [warn] VirtualHost www.mork.no:443 overlaps with VirtualHost www.mork.no:443, the first has precedence, perhaps you need a NameVirtualHost directive [Tue Jan 25 11:46:24 2005] [warn] VirtualHost www.mork.no:443 overlaps with VirtualHost www.mork.no:443, the first has precedence, perhaps you need a NameVirtualHost directive [Tue Jan 25 11:46:24 2005] [warn] VirtualHost www.mork.no:443 overlaps with VirtualHost www.mork.no:443, the first has precedence, perhaps you need a NameVirtualHost directive [Tue Jan 25 11:46:24 2005] [warn] VirtualHost www.mork.no:443 overlaps with VirtualHost www.mork.no:443, the first has precedence, perhaps you need a NameVirtualHost directive [Tue Jan 25 11:46:24 2005] [warn] VirtualHost www.mork.no:443 overlaps with VirtualHost www.mork.no:443, the first has precedence, perhaps you need a NameVirtualHost directive [Tue Jan 25 11:46:24 2005] [warn] VirtualHost www.mork.no:443 overlaps with VirtualHost www.mork.no:443, the first has precedence, perhaps you need a NameVirtualHost directive [Tue Jan 25 11:46:24 2005] [warn] NameVirtualHost www.mork.no:80 has no VirtualHosts . canardo:/etc/apache-ssl# grep Port httpd.conf Port 443 SSLCacheServerPort /var/run/gcache_port Bjørn
Rita
Title: brig upgrade ordinary sonoma beside regretted pauline fiftieth Find your medications without delay! A whole variety of pills! Have a look! All your needs in one shop! inelegant osseous parole won't heel recondite index vexation lodestone product dynamo connotative servitor against purvey waring fuchsia daffodil ceremony hinterland buttress dying corpuscular horrendous buses irrecoverable catalina clytemnestra mourn Internal Virus Database is out-of-date. Checked by AVG Anti-Virus. Version: 7.0.300 / Virus Database: 265.6.8 - Release Date: 1/3/2005
love Naked 7 - 15 y.o surf lols
We have again returned back and our special studio again pleases you high quality lo - nude site. Good advice is beyond all price. You will be able to compare those word silicone girls that bored everyone to one death and the SALT - untouched beauty we present. It is wise to apply the oil of refined politeness to the mechanism of friendship. 3 big collections of lolita card videos inside: 2 fully exclusive Russian collections + really rare Japan AVI`s collection. http://www.geocities.com/silas_hemphill_45/?s=umcm=jUjhcf.UjhZjdfR,gfibjW,VSd Best friend, my well-spring in the wilderness!Bachelors have consciences, married men have wives. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]