Bug#914606: apache2 setup-instance (apache-multi) logrotation

2018-11-25 Thread Horst Platz 
Package: apache2
Version: 2.4.25-3+deb9u6
Severity: normal

Dear Maintainer,

there is a problem with the setup-instance script for apache-multi
installation. The logrotation for the copyied instance is not working.
It looks like it is in debian stretch and buster/sid, in a kind of the
same way. In my fokus it's comming up with an installation from Ubuntu 18.04

What i did (stretch; buster/sid; ubuntu 18.04)

:~# apt-get install apache2
[...]

:~# sh /usr/share/doc/apache2/examples/setup-instance multi-xxx
Setting up /etc/apache2-multi-xxx ...
systemd is in use, no init script installed
use the 'apache2@multi-xxx.service' service to control your new instance
sample commands:
systemctl start apache2@multi-xxx.service
systemctl enable apache2@multi-xxx.service
Setting up symlinks: a2enmod-multi-xxx a2dismod-multi-xxx
a2ensite-multi-xxx a2dissite-multi-xxx a2enconf-multi-xxx
a2disconf-multi-xxx apache2ctl-multi-xxx


HINT "no init script installed"


:~# ls -la /etc/init.d/apache*
-rwxr-xr-x 1 root root 8181 Nov  3 12:34 /etc/init.d/apache2
-rwxr-xr-x 1 root root 2489 Nov  3 12:34 /etc/init.d/apache-htcacheclean

-> No init.d for the new multi-xxx apache


With in Debian 9.6 stretch

:~# cat /etc/logrotate.d/apache2-multi-xxx
/var/log/apache2-multi-xxx/*.log {
daily
missingok
rotate 14
compress
delaycompress
notifempty
create 640 root adm
sharedscripts
postrotate
if /etc/init.d/apache2-multi-xxx status > /dev/null ; then \
/etc/init.d/apache2-multi-xxx reload > /dev/null; \
fi;
endscript
prerotate
if [ -d /etc/logrotate.d/httpd-prerotate ]; then \
run-parts /etc/logrotate.d/httpd-prerotate; \
fi; \
endscript
}

:~# /etc/init.d/apache2-multi-xxx status
-su: /etc/init.d/apache2-multi-xxx: Datei oder Verzeichnis nicht gefunden

:~# /etc/init.d/apache2-multi-xxx reload
-su: /etc/init.d/apache2-multi-xxx: Datei oder Verzeichnis nicht gefunden



With in Debian buster/sid

:~$ cat /etc/logrotate.d/apache2-multi-xxx
/var/log/apache2-multi-xxx/*.log {
daily
missingok
rotate 14
compress
delaycompress
notifempty
create 640 root adm
sharedscripts
postrotate
if invoke-rc.d apache2-multi-xxx status > /dev/null
2>&1; then \
invoke-rc.d apache2-multi-xxx reload > /dev/null 2>&1; \
fi;
endscript
prerotate
if [ -d /etc/logrotate.d/httpd-prerotate ]; then \
run-parts /etc/logrotate.d/httpd-prerotate; \
fi; \
endscript
}


:~# invoke-rc.d apache2-multi-xxx status
Unit apache2-multi-xxx.service could not be found.
invoke-rc.d: initscript apache2-multi-xxx, action "status" failed.

:~# invoke-rc.d apache2-multi-xxx reload
/usr/sbin/invoke-rc.d: 527: /usr/sbin/invoke-rc.d:
/etc/init.d/apache2-multi-xxx: not found
invoke-rc.d: initscript apache2-multi-xxx, action "reload" failed.



In both cases the logrotation will fail because the reload is not
working. Also in the both cases the logrotate.d script for the multi-xxx
apache is a copy from the original logrotate.d apache2 script.

:~$ cat /usr/share/doc/apache2/examples/setup-instance
[...]
echo Setting up /etc/logrotate.d/apache2-$SUFFIX and
/var/log/apache2-$SUFFIX ...
cp -a /etc/logrotate.d/apache2 /etc/logrotate.d/apache2-$SUFFIX
perl -p -i -e s,apache2,apache2-$SUFFIX,g /etc/logrotate.d/apache2-$SUFFIX
[...]

As shown above the original apache has a init.d script installed and the
logrotation is working.


In that Ubuntu 18.04 installation i changed the
/etc/logrotate.d/apache2-multi-xxx in that way that i changed the reload
to systemd

from

[...]
if invoke-rc.d apache2-multi-xxx status > /dev/null
2>&1; then \
invoke-rc.d apache2-multi-xxx reload > /dev/null 2>&1; \
[...]


in to

[...]

if systemctl status apache2@multi-xxx.service >
/dev/null 2>&1; then \
systemctl reload apache2@multi-xxx.service >
/dev/null 2>&1; \
[...]

Looks like some day's after the logrotation is now workings as expected
for the multi-instance.

And in that case i think the upstream package for ubuntu 18.04 is
comming from Debian buster/sid.

Kind regards

 Horst

Processed: severity of 914297 is serious

2018-11-25 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> severity 914297 serious
Bug #914297 [apache2] apache2: getrandom call blocks on first startup, systemd 
kills with timeout
Severity set to 'serious' from 'important'
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
914297: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914297
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#840580: apache2-bin: crashes when issuing a restart while mod_cgid is enabled

2018-11-25 Thread Bernhard Übelacker 
Dear Maintainer,
tried to find out the actual location that the backtrace points to.

Unfortunately I could not make any clue out of the line
containing /usr/sbin/apache2(+0x29e450).

But at least, I think, the line containing mod_mpm_prefork.so(+0x4c08)
translates to function prefork_run in server/mpm/prefork/prefork.c.

As this is a rather big function, and looks like it is never left while
the server runs, and there are no local arrays accessed, the stack
canary may be overwritten by some function called from there.
But the stack canary is just checked when prefork_run exits.

Kind regards,
Bernhard



*** stack smashing detected ***: /usr/sbin/apache2 terminated
=== Backtrace: =
/lib/x86_64-linux-gnu/libc.so.6(+0x731af)[0x7f6d8e1c11af]| 
0x7f6d8e1c11af | 
/lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x37)[0x7f6d8e246aa7] | 
0x7f6d8e246aa7 | 
/lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x0)[0x7f6d8e246a70]  | 
0x7f6d8e246a70 | 
/usr/lib/apache2/modules/mod_mpm_prefork.so(+0x4c08)[0x7f6d8b462c08] | 
0x7f6d8b462c08 | 0x7f6193a75c08: 0x7f6193a75c03 : 
  callq  0x7f6193a73400 <__stack_chk_fail@plt>
/usr/sbin/apache2(+0x29e450)[0x7f6d8f2a3450] | 
0x7f6d8f2a3450 | 
=== Memory map: 
7f6d8f005000-7f6d8f09d000 r-xp  fe:00 3882   
/usr/sbin/apache2
7f6d8b45e000-7f6d8b465000 r-xp  fe:00 127839 
/usr/lib/apache2/modules/mod_mpm_prefork.so










apt install dpkg-dev devscripts mc gdb binutils apache2-bin apache2-dbg



# http://snapshot.debian.org/package/apache2/2.4.10-10%2Bdeb8u7/

wget 
http://snapshot.debian.org/archive/debian/20160916T101556Z/pool/main/a/apache2/apache2-bin_2.4.10-10%2Bdeb8u7_amd64.deb
wget 
http://snapshot.debian.org/archive/debian/20160916T101556Z/pool/main/a/apache2/apache2-dbg_2.4.10-10%2Bdeb8u7_amd64.deb

dpkg -i --force-depends apache2-bin_2.4.10-10+deb8u7_amd64.deb 
apache2-dbg_2.4.10-10+deb8u7_amd64.deb


mkdir apache2/orig -p
cdapache2/orig
dget 
http://snapshot.debian.org/archive/debian/20160916T101556Z/pool/main/a/apache2/apache2_2.4.10-10%2Bdeb8u7.dsc
dpkg-source -x apache2_2.4.10-10%2Bdeb8u7.dsc
cd ../..



a2dismod mpm_event
a2enmod mpm_prefork
systemctl stop apache2
systemctl start apache2




root@debian:~# gdb -q --pid 16415
...
(gdb) set width 0
(gdb) set pagination off
(gdb) directory /home/benutzer/apache2/orig/apache2-2.4.10/server
Source directories searched: 
/home/benutzer/apache2/orig/apache2-2.4.10/server:$cdir:$cwd
(gdb) b main
Breakpoint 1 at 0x556c539ec940: file main.c, line 439.
(gdb) disassemble prefork_run,prefork_run+3830
Dump of assembler code from 0x7f6193a74d60 to 0x7f6193a75c56:
   0x7f6193a74d60 :  push   %r15
...
   0x7f6193a74d81 : mov%fs:0x28,%rax
 ; Value loaded into $rax
   0x7f6193a74d8a : mov%rax,0xe8(%rsp)  
 ; Value stored in canary
...
   0x7f6193a75288 :   mov0xe8(%rsp),%rbx  
 ; Canary loaded into $rbx
   0x7f6193a75290 :   xor%fs:0x28,%rbx
 ; Canary compared to the original value
   0x7f6193a75299 :   mov%r13d,%eax
   0x7f6193a7529c :   jne0x7f6193a75c03 

...
   0x7f6193a75c03 :   callq  0x7f6193a73400 
<__stack_chk_fail@plt>
   0x7f6193a75c08 :   callq  0x7f6193a73300 
<__errno_location@plt>
...
   0x7f6193a75c4b :   jmpq   0x7f6193a75b9c 

   0x7f6193a75c50 : push   %rbp
End of assembler dump.






set width 0
set pagination off
directory /home/benutzer/apache2/orig/apache2-2.4.10/server
b main
run

Bug#840580: apache2-bin: crashes when issuing a restart while mod_cgid is enabled

2018-11-25 Thread Stefan Fritsch 
On Sunday, 25 November 2018 19:07:56 CET Bernhard Übelacker wrote:
> Dear Maintainer,
> tried to find out the actual location that the backtrace points to.
> 
> Unfortunately I could not make any clue out of the line
> containing /usr/sbin/apache2(+0x29e450).
> 
> But at least, I think, the line containing mod_mpm_prefork.so(+0x4c08)
> translates to function prefork_run in server/mpm/prefork/prefork.c.
> 
> As this is a rather big function, and looks like it is never left while
> the server runs, and there are no local arrays accessed, the stack
> canary may be overwritten by some function called from there.
> But the stack canary is just checked when prefork_run exits.
> 
> Kind regards,
> Bernhard

The  "bt full" gdb command is the important one. Please show its output as 
described in README.backtrace

Bug#914297: apache2: getrandom call blocks on first startup, systemd kills with timeout

2018-11-25 Thread Stefan Fritsch 
How long is the timeout after which it is killed? What is the status of 
systemd-random-seed.service in that case? I don't see why it should take so 
long for the random number generator to initialize. But maybe apache2 needs to 
add a dependency.

Please provide the output of

journalctl -b UNIT=apache2.service + UNIT=systemd-random-seed.service + 
_TRANSPORT=kernel|grep -i -e apache -e random

when apache2 has failed to start.