Bug#979664: apache2: autopkgtest regression in testing: Failed test 2 in t/modules/data.t at line 21
Source: apache2 Version: 2.4.46-2 X-Debbugs-CC: debian...@lists.debian.org Severity: serious User: debian...@lists.debian.org Usertags: regression Dear maintainer(s), With a recent change in testing the autopkgtest of your package started to fail. I copied some of the output at the bottom of this report. Can you please investigate the situation and fix it? More information about this bug and the reason for filing it can be found on https://wiki.debian.org/ContinuousIntegration/RegressionEmailInformation Paul https://ci.debian.net/data/autopkgtest/testing/amd64/a/apache2/9549366/log.gz # Failed test 2 in t/modules/data.t at line 21 t/modules/data.t Failed 1/2 subtests [...] Test Summary Report --- t/modules/data.t (Wstat: 0 Tests: 2 Failed: 1) Failed test: 2 Files=134, Tests=10102, 318 wallclock secs ( 3.23 usr 0.30 sys + 201.11 cusr 50.96 csys = 255.60 CPU) Result: FAIL Failed 1/134 test programs. 1/10102 subtests failed. [warning] server localhost:8529 shutdown [ error] error running tests (please examine t/logs/error_log) OpenPGP_signature Description: OpenPGP digital signature
Bug#978018: libapr1: Please add 64-bit atomics workaround for m68k and sh4
Control: tags -1 +patch Attaching a patch. Please include sh3 in this change as well. Adrian -- .''`. John Paul Adrian Glaubitz : :' : Debian Developer - glaub...@debian.org `. `' Freie Universitaet Berlin - glaub...@physik.fu-berlin.de `-GPG: 62FF 8A75 84E0 2956 9546 0006 7426 3B37 F5B5 F913 diff -Nru apr.old/apr-1.7.0/debian/changelog apr/apr-1.7.0/debian/changelog --- apr.old/apr-1.7.0/debian/changelog 2020-11-21 21:06:09.0 +0100 +++ apr/apr-1.7.0/debian/changelog 2020-12-24 18:01:25.611495190 +0100 @@ -1,3 +1,9 @@ +apr (1.7.0-4+ports) unstable; urgency=medium + + * Fix atomics for m68k, sh3 and sh4. + + -- John Paul Adrian Glaubitz Thu, 24 Dec 2020 18:01:15 +0100 + apr (1.7.0-4) unstable; urgency=low [ Debian Janitor ] diff -Nru apr.old/apr-1.7.0/debian/patches/generic-64bit-atomics.patch apr/apr-1.7.0/debian/patches/generic-64bit-atomics.patch --- apr.old/apr-1.7.0/debian/patches/generic-64bit-atomics.patch 2020-08-30 21:07:53.0 +0200 +++ apr/apr-1.7.0/debian/patches/generic-64bit-atomics.patch 2020-12-24 17:44:40.797741482 +0100 @@ -1,20 +1,24 @@ # quick and dirty fix for FTBFS on mipsel # There should be a proper configure check, see # https://bz.apache.org/bugzilla/show_bug.cgi?id=63566 apr.orig/include/arch/unix/apr_arch_atomic.h -+++ apr/include/arch/unix/apr_arch_atomic.h +Index: apr-1.7.0/include/arch/unix/apr_arch_atomic.h +=== +--- apr-1.7.0.orig/include/arch/unix/apr_arch_atomic.h apr-1.7.0/include/arch/unix/apr_arch_atomic.h @@ -26,6 +26,9 @@ /* noop */ #elif HAVE_ATOMIC_BUILTINS # define USE_ATOMICS_BUILTINS -+# if (__INTPTR_WIDTH__ == 32) && ( defined(__MIPSEL__) || defined(__powerpc__) ) ++# if (__INTPTR_WIDTH__ == 32) && ( defined(__MIPSEL__) || defined(__powerpc__) ) || defined(__m68k__) || defined(__sh__) +# define NEED_ATOMICS_GENERIC64 +# endif #elif defined(SOLARIS2) && SOLARIS2 >= 10 # define USE_ATOMICS_SOLARIS # define NEED_ATOMICS_GENERIC64 apr.orig/atomic/unix/builtins64.c -+++ apr/atomic/unix/builtins64.c +Index: apr-1.7.0/atomic/unix/builtins64.c +=== +--- apr-1.7.0.orig/atomic/unix/builtins64.c apr-1.7.0/atomic/unix/builtins64.c @@ -16,7 +16,7 @@ #include "apr_arch_atomic.h" @@ -24,8 +28,10 @@ APR_DECLARE(apr_uint64_t) apr_atomic_read64(volatile apr_uint64_t *mem) { apr.orig/atomic/unix/builtins.c -+++ apr/atomic/unix/builtins.c +Index: apr-1.7.0/atomic/unix/builtins.c +=== +--- apr-1.7.0.orig/atomic/unix/builtins.c apr-1.7.0/atomic/unix/builtins.c @@ -20,7 +20,11 @@ APR_DECLARE(apr_status_t) apr_atomic_init(apr_pool_t *p) diff -Nru apr.old/apr-1.7.0/debian/patches/generic-64bit-atomics.patch~ apr/apr-1.7.0/debian/patches/generic-64bit-atomics.patch~ --- apr.old/apr-1.7.0/debian/patches/generic-64bit-atomics.patch~ 1970-01-01 01:00:00.0 +0100 +++ apr/apr-1.7.0/debian/patches/generic-64bit-atomics.patch~ 2020-08-30 21:07:53.0 +0200 @@ -0,0 +1,40 @@ +# quick and dirty fix for FTBFS on mipsel +# There should be a proper configure check, see +# https://bz.apache.org/bugzilla/show_bug.cgi?id=63566 +--- apr.orig/include/arch/unix/apr_arch_atomic.h apr/include/arch/unix/apr_arch_atomic.h +@@ -26,6 +26,9 @@ + /* noop */ + #elif HAVE_ATOMIC_BUILTINS + # define USE_ATOMICS_BUILTINS ++# if (__INTPTR_WIDTH__ == 32) && ( defined(__MIPSEL__) || defined(__powerpc__) ) ++# define NEED_ATOMICS_GENERIC64 ++# endif + #elif defined(SOLARIS2) && SOLARIS2 >= 10 + # define USE_ATOMICS_SOLARIS + # define NEED_ATOMICS_GENERIC64 +--- apr.orig/atomic/unix/builtins64.c apr/atomic/unix/builtins64.c +@@ -16,7 +16,7 @@ + + #include "apr_arch_atomic.h" + +-#ifdef USE_ATOMICS_BUILTINS ++#if defined(USE_ATOMICS_BUILTINS) && ! defined(NEED_ATOMICS_GENERIC64) + + APR_DECLARE(apr_uint64_t) apr_atomic_read64(volatile apr_uint64_t *mem) + { +--- apr.orig/atomic/unix/builtins.c apr/atomic/unix/builtins.c +@@ -20,7 +20,11 @@ + + APR_DECLARE(apr_status_t) apr_atomic_init(apr_pool_t *p) + { ++#if defined (NEED_ATOMICS_GENERIC64) ++return apr__atomic_generic64_init(p); ++#else + return APR_SUCCESS; ++#endif + } + + APR_DECLARE(apr_uint32_t) apr_atomic_read32(volatile apr_uint32_t *mem) diff -Nru apr.old/apr-1.7.0/debian/symbols.common apr/apr-1.7.0/debian/symbols.common --- apr.old/apr-1.7.0/debian/symbols.common 2020-08-30 21:07:02.0 +0200 +++ apr/apr-1.7.0/debian/symbols.common 2020-12-24 17:54:31.659743330 +0100 @@ -588,4 +588,4 @@ apr_vformatter@Base 1.2.7 apr_vsnprintf@Base 1.2.7 apr_wait_for_io_or_timeout@Base 1.2.7 - (arch=mipsel powerpc)apr__atomic_generic64_init@Base 1.7.0-3~ + (arch=mipsel m68k powerpc sh3 sh4)apr__atomic_generic64_init@Base 1.7.0-3~
Bug#978018: libapr1: Please add 64-bit atomics workaround for m68k and sh4
Source: apr Version: 1.7.0-4 Severity: normal User: debian-...@lists.debian.org Usertags: m68k X-Debbugs-Cc: debian-...@lists.debian.org Hello! subversion currently FTBFS on m68k and sh4 because the configure process fails to properly link against libserf [1]: configure:5604: gcc -o conftest -g -O2 -fdebug-prefix-map=/build/subversion-5EzMph/subversion-1.14.0=. -specs=/usr/share/dpkg/pie-compile.specs -fstack-protector-strong -Wformat -Werror=format-security -pthread -Wdate-time -D_FORTIFY_SOURCE=2 -DLINUX -D_REENTRANT -D_GNU_SOURCE -D_LARGEFILE64_SOURCE -I/usr/include/apr-1.0 -I/usr/include/apr-1.0 -I/usr/include -I/usr/include/serf-1 -specs=/usr/share/dpkg/pie-link.specs -Wl,-z,relro -Wl,-z,nowconftest.c -lserf-1 -L/usr/lib/m68k-linux-gnu -laprutil-1 -L/usr/lib/m68k-linux-gnu -lapr-1 -lz >&5 /usr/bin/ld: /usr/lib/m68k-linux-gnu/libapr-1.so: undefined reference to `__sync_fetch_and_sub_8' /usr/bin/ld: /usr/lib/m68k-linux-gnu/libapr-1.so: undefined reference to `__sync_sub_and_fetch_8' /usr/bin/ld: /usr/lib/m68k-linux-gnu/libapr-1.so: undefined reference to `__sync_fetch_and_add_8' /usr/bin/ld: /usr/lib/m68k-linux-gnu/libapr-1.so: undefined reference to `__sync_lock_test_and_set_8' /usr/bin/ld: /usr/lib/m68k-linux-gnu/libapr-1.so: undefined reference to `__sync_val_compare_and_swap_8' collect2: error: ld returned 1 exit status This should be fixable using the same approach as for 32-bit MIPS and PowerPC [2]. Could you therefore apply the fix for m68k and sh4 as well so that subversions builds on these targets? Thanks, Adrian > [1] > https://buildd.debian.org/status/fetch.php?pkg=subversion=m68k=1.14.0-3=1608803200=0 > [2] > https://salsa.debian.org/apache-team/apr/-/commit/2df4f34a2fa3474806f89a15148afa7121c642bf -- .''`. John Paul Adrian Glaubitz : :' : Debian Developer - glaub...@debian.org `. `' Freie Universitaet Berlin - glaub...@physik.fu-berlin.de `-GPG: 62FF 8A75 84E0 2956 9546 0006 7426 3B37 F5B5 F913
Bug#889750: apr-util: Runs testuite during building even when "nocheck" is set
Source: apr-util Version: 1.6.1-1 Severity: normal Hi! I just tried building src:apr-util manually with "nocheck" added to DEB_BUILD_OPTIONS. However, the testsuite is still run anyway meaning that the check for "nocheck" in DEB_BUILD_OPTIONS in debian/rules does not work. Thanks, Adrian -- .''`. John Paul Adrian Glaubitz : :' : Debian Developer - glaub...@debian.org `. `' Freie Universitaet Berlin - glaub...@physik.fu-berlin.de `-GPG: 62FF 8A75 84E0 2956 9546 0006 7426 3B37 F5B5 F913
Bug#495400: apr_1.3.2-3(m68k/experimental): test suite fails
On 08/04/2017 11:23 PM, Stefan Fritsch wrote: > The bug has been open for 9 years and no m68k porter has looked at it. > Ususally apr test failures are toolchain/kernel/libc issues, so my > motivation to debug this for a very slow arch that has zero chance of ever > being part of a Debian release is very small. If no email is send to inform any of the porters, no one is going to know that there is an actual bug which needs to be worked on. The port-specific mailing lists exist for this very reason. You can't expect us to know about every bug filed on any package within Debian. If you have a problem with architecture X, talk to the people maintaining it. >> Here's a current build log [1]. m68k is alive and kicking with full >> C++11 support and over 10700 out of 12000 packages being up-to-date. > > Sorry, I did not know that the ports use the official buildd website > nowadays. Is there some tool like rmadison but that includes all > inofficial ports, too? I'm not sure what the current status here is. James Clarke will know more. He's been working on bringing these features to Debian Ports. There is already a transition tracker for Debian Ports: > https://ben.jrtc27.com/ > And the build log [1] seems to be built with "notest" so it does not help > for checking if the test failure still happens. I can test that. There is also a way to set up your own m68k environment [1]. Adrian > [1] https://wiki.debian.org/M68k/sbuildQEMU -- .''`. John Paul Adrian Glaubitz : :' : Debian Developer - glaub...@debian.org `. `' Freie Universitaet Berlin - glaub...@physik.fu-berlin.de `-GPG: 62FF 8A75 84E0 2956 9546 0006 7426 3B37 F5B5 F913
Bug#495400: apr_1.3.2-3(m68k/experimental): test suite fails
> Not sure if m68k is alive anymore. The build log urls are not reachable > anymore this bug report is no longer useful. Closing. Well, maybe you should just ask people instead of just closing bug reports without further notice? > I doubt that anyone is interested in debugging m68k issues How do you know without sending an email to debian-68k@l.d.o? Here's a current build log [1]. m68k is alive and kicking with full C++11 support and over 10700 out of 12000 packages being up-to-date. Adrian > [1] > https://buildd.debian.org/status/fetch.php?pkg=apr=m68k=1.6.2-1=1501871250=0 -- .''`. John Paul Adrian Glaubitz : :' : Debian Developer - glaub...@debian.org `. `' Freie Universitaet Berlin - glaub...@physik.fu-berlin.de `-GPG: 62FF 8A75 84E0 2956 9546 0006 7426 3B37 F5B5 F913
Re: testing and review requested for Wheezy update of apache2
On Tue, Feb 21, 2017 at 4:27 AM, Antoine Beaupré wrote: > security@lists.d.o is not a list, as far as i know. there's > debian-security@lists.d.o, but I never posted there... or did you mean > t...@security.debian.org? secur...@lists.debian.org goes to root (DSA) and listmaster AFAICT. -- bye, pabs https://wiki.debian.org/PaulWise
Re: Debian package on Windows
On Mon, Feb 22, 2016 at 10:05 PM, Jonathan Dowland wrote: > I think your message would be better addressed to the debian-devel mailing > list, who I have copied in to this reply so that more Debian Developers are > aware of it. (There's also the Apt developer's mailing list at the > harder-to-discover de...@lists.debian.org who I have not copied in, as they > are > likely all on -devel anyway) > > Personally (although I am not an Apt developer) I think it sounds like an > interesting idea, and there is some precedent as APT was the basis of the > "Fink" package management system for Apple Mac OS X. Not re-inventing the > wheel is a very good idea, lots of package management problems have been > discovered and solved with APT already (and it's sad to see things like Ruby > gems, Go packages etc. re-discover the very same problems over and over again) Looks like Microsoft went with a Linux syscall emulation layer for the Windows kernel: http://blog.dustinkirkland.com/2016/03/ubuntu-on-windows.html -- bye, pabs https://wiki.debian.org/PaulWise
Bug#815852: apache2: Obsolete IE configuration cruft should be removed from default-ssl.conf
Package: apache2 Version: 2.4.12-2ubuntu2 Severity: normal The default-ssl.conf configuration for apache2 contains these lines: > BrowserMatch "MSIE [2-6]" \ > nokeepalive ssl-unclean-shutdown \ > downgrade-1.0 force-response-1.0 > BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown They don't serve any purpose and should be removed. For IE 2-6: Upstream uses > BrowserMatch "MSIE [2-5]" \ > nokeepalive ssl-unclean-shutdown \ > downgrade-1.0 force-response-1.0 in httpd-ssl.conf.in, which excludes IE6. IE5 and below are rare enough that seems not worth including them in the default configuration for a new secure web server today. (I would argue the same is true for IE6.) For IE 7 and up: I used an IE7 VM from https://modern.ie/ to connect to a vhost which didn't enable ssl-unclean-shutdown. IE7 had no problem with standard connection closes, and nothing appeared in a debug-level SSL log. This directive does not appear to be necessary for any more modern versions of IE. -- Package-specific info: -- System Information: Debian Release: jessie/sid APT prefers wily-updates APT policy: (500, 'wily-updates'), (500, 'wily-security'), (500, 'wily') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.2.0-23-generic (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages apache2 depends on: ii apache2-bin2.4.12-2ubuntu2 ii apache2-data 2.4.12-2ubuntu2 ii apache2-utils 2.4.12-2ubuntu2 ii dpkg 1.18.2ubuntu5.1 ii lsb-base 4.1+Debian11ubuntu8 ii mime-support 3.58ubuntu1 ii perl 5.20.2-6ubuntu0.1 ii procps 1:3.3.9-1ubuntu8 Versions of packages apache2 recommends: ii ssl-cert 1.0.37 Versions of packages apache2 suggests: pn apache2-doc pn apache2-suexec-pristine | apache2-suexec-custom ii ufw 0.34-2 pn www-browser Versions of packages apache2-bin depends on: ii libapr1 1.5.2-3 ii libaprutil1 1.5.4-1 ii libaprutil1-dbd-sqlite3 1.5.4-1 ii libaprutil1-ldap 1.5.4-1 ii libc62.21-0ubuntu4.1 ii libldap-2.4-22.4.41+dfsg-1ubuntu2 ii liblua5.1-0 5.1.5-8 ii libpcre3 2:8.35-7.1ubuntu1 ii libssl1.0.0 1.0.2d-0ubuntu1.3 ii libxml2 2.9.2+zdfsg1-4ubuntu0.3 ii perl 5.20.2-6ubuntu0.1 ii zlib1g 1:1.2.8.dfsg-2ubuntu4 Versions of packages apache2-bin suggests: pn apache2-doc pn apache2-suexec-pristine | apache2-suexec-custom pn www-browser Versions of packages apache2 is related to: ii apache2 2.4.12-2ubuntu2 ii apache2-bin 2.4.12-2ubuntu2 -- Configuration Files: /etc/apache2/apache2.conf changed [not included] /etc/apache2/conf-available/charset.conf changed [not included] /etc/apache2/conf-available/security.conf changed [not included] -- no debconf information
Bug#790943: server certificates/key pairs and CA directories
On Sun, Aug 2, 2015 at 4:50 PM, Daniel Pocock wrote: Does anybody know which packages create or use the /etc/ssl/ssl.* That looks like a sysadmin created path, only one package even mentions it: https://codesearch.debian.net/search?q=/etc/ssl/ssl -- bye, pabs https://wiki.debian.org/PaulWise -- To UNSUBSCRIBE, email to debian-apache-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/CAKTje6HPc+DXRciJesw9cPSCptVbMQT=P_8czF7UK=gxfnf...@mail.gmail.com
Bug#790943: Root and local certificate location clash
On Fri, 03 Jul 2015 10:56:54 +0200 Daniel Pocock wrote: Some other packages refer to /etc/ssl/certs as a directory of trusted roots. E.g. according to this page: https://wiki.debian.org/ServicesSSL the whole directory was trusted by wget in wheezy but not in jessie. You have misunderstood the wiki page. The change for wget in jessie is that it now ignores non-CA certs in /etc/ssl/certs for verification purposes, whereas in wheezy you could also put individual service certs there too and avoid relying on the SSL mafia. -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Bug#787584: apache2: change default LANG in envvars to C.UTF-8?
Package: apache2 Severity: wishlist Control: affects -1 wiki.debian.org File: /etc/apache2/envvars I think it is probably time for the default LANG for apache2 to change from C to C.UTF-8, with appropriate warnings in NEWS.Debian etc. On wiki.debian.org, after the upgrade to Debian jessie we've had to make the following change to /etc/apache2/envvars to prevent MoinMoin from crashing when it encountered UTF-8 encoded page names. -export LANG=C +export LANG=C.UTF-8 -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Re: Bug#733564: pu: apache2 with ECDHE support
On Mon, Jun 16, 2014 at 6:06 AM, Adam D. Barratt wrote: Control: tags -1 + pending On Sun, 2014-05-25 at 17:55 +0200, Stefan Fritsch wrote: I have just uploaded apache2_2.2.22-13+deb7u2: Flagged for acceptance; sorry for the delay. Awesome, thanks! apache2 (2.2.22-13+deb7u2) wheezy; urgency=medium * Backport support for SSL ECC keys and ECDH ciphers. For anyone following the bug log, testing of the above change before the point release would be much appreciated. I'm already running it on www.engagemedia.org and according to ssllabs, the number of clients that can get PFS has increased. No reported issues with it so far. https://www.ssllabs.com/ssltest/analyze.html?d=engagemedia.org -- bye, pabs http://wiki.debian.org/PaulWise -- To UNSUBSCRIBE, email to debian-apache-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/caktje6g9amyg3qpq0x7hdrh0_kh9ffm8_m1_lpasa_d7nqe...@mail.gmail.com
Bug#664761: apache2/conf.d migration: what should webapp packagers do?
On Wed, Mar 21, 2012 at 1:18 AM, Jonathan Nieder wrote: Upgrading apache2 to the version in experimental breaks my local gitweb installation. Gitweb ships the following snippet in /etc/apache2/conf.d/gitweb: Alias /gitweb /usr/share/gitweb That looks like a highly inappropriate thing for gitweb to be doing. There is no way for the package to know what URL and filesystem paths (for data/config) the sysadmin wants gitweb to be installed at. The package needs to ask the sysadmin if they want to setup any instances, prompt them for the relevant data and run any scripts needed to create those instances. -- bye, pabs http://wiki.debian.org/PaulWise -- To UNSUBSCRIBE, email to debian-apache-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/CAKTje6Gb_wyOcNm\vfs-ed42jpf9j4msbrneuhikyulpo...@mail.gmail.com
Bug#613969: /etc/init.d/apache2 status fails to comply with LSB spec
Package: apache2.2-common Version: 2.2.16-6 Severity: normal Tags: patch As shipped the init script for Apache2 fails to return LSB compliant error codes when the status is queried. This is important when using LSB scripts with clustering solutions such as Pacemaker[1] that require init scripts to return correct error codes. The following patch fixes the apache2 init script to return the correct codes when quering status according to the LSB spec[2]. Please consider including the patch in a future point release update. Thanks! Patch: --- apache2.2-common.apache2.init 2011-02-18 14:49:37.0 + +++ /etc/init.d/apache2 2011-02-18 14:48:04.0 + @@ -266,7 +266,11 @@ exit 0 else echo Apache2$DIR_SUFFIX is NOT running. - exit 1 + if [ -e $PIDFILE ]; then + exit 1 + else + exit 3 + fi fi ;; *) [1] http://www.linux-ha.org/wiki/LSB_Resource_Agents [2] http://refspecs.freestandards.org/LSB_3.2.0/LSB-Core-generic/LSB-Core-generic/iniscrptact.html -- Package-specific info: List of enabled modules from 'apache2 -M': alias auth_basic authn_file authz_default authz_groupfile authz_host authz_user autoindex cgid deflate dir env mime negotiation reqtimeout setenvif status -- System Information: Debian Release: 6.0 APT prefers testing APT policy: (500, 'testing'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/4 CPU cores) Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages apache2 depends on: ii apache2-mpm-worker2.2.16-6 Apache HTTP Server - high speed th ii apache2.2-common 2.2.16-6 Apache HTTP Server common files apache2 recommends no packages. apache2 suggests no packages. Versions of packages apache2.2-common depends on: ii apache2-utils 2.2.16-6 utility programs for webservers ii apache2.2-bin 2.2.16-6 Apache HTTP Server common binary f ii libmagic1 5.04-5 File type determination library us ii lsb-base3.2-23.2squeeze1 Linux Standard Base 3.2 init scrip ii mime-support3.48-1 MIME files 'mime.types' 'mailcap ii perl5.10.1-17Larry Wall's Practical Extraction ii procps 1:3.2.8-9/proc file system utilities -- no debconf information -- To UNSUBSCRIBE, email to debian-apache-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110218145925.23161.38157.report...@nilptp013.adm.ynic.york.ac.uk
Bug#512778: Info on file permissions on ssl certificates
Dear Debian folks, Am Freitag, den 23.01.2009, 17:41 +0100 schrieb Paul Menzel: Could you please elaborate on the SSL part. I used make-ssl-cert from the ssl-cert package as described. But one thing is not clear for me. The snakeoil key file is stored under /etc/ssl/private/ which is only readable by root. The pem-file is readable by everyone. $ ls -l /etc/ssl/certs/ssl-cert-snakeoil.pem -rw-r--r-- 1 root root 631 2009-01-21 19:14 /etc/ssl/certs/ssl-cert-snakeoil.pem 1st question. Is there also a *.crt file created by default as the other files seem to be symlinks to crt-files (ca-certificates)? If not, why not? Running make-ssl-cert with custom setting also creates only an symbolic link (pem) which is associated with the crt file. 2nd question. When I create another certificate for a different host name, a crt file is stored somewhere. Is there a location recommended by the FHS? /etc/? 3rd question. The created file is readable and writable by root only. I tried it out and it worked, but how can it be read by www-data the user for running apache? Thanks, Paul signature.asc Description: Dies ist ein digital signierter Nachrichtenteil
Bug#512778: Info on file permissions on ssl certificates
Subject: Info on file permissions on ssl certificates Package: apache2.2-common Version: 2.2.9-10+lenny2 Severity: wishlist Dear Debian folks, thank you for packaging Apache HTTP server and for the nice README.Debian file. Could you please elaborate on the SSL part. I used make-ssl-cert from the ssl-cert package as described. But one thing is not clear for me. The snakeoil key file is stored under /etc/ssl/private/ which is only readable by root. The pem-file is readable by everyone. $ ls -l /etc/ssl/certs/ssl-cert-snakeoil.pem -rw-r--r-- 1 root root 631 2009-01-21 19:14 /etc/ssl/certs/ssl-cert-snakeoil.pem 1st question. Is there also a *.crt file created by default as the other files seem to be symlinks to crt-files (ca-certificates)? If not, why not? 2nd question. When I create another certificate for a different host name, a crt file is stored somewhere. Is there a location recommended by the FHS? /etc/? 3rd question. The created file is readable and writable by root only. I tried it out and it worked, but how can it be read by www-data the user for running apache? Thanks a lot, Paul signature.asc Description: Dies ist ein digital signierter Nachrichtenteil
Bug#499978: ssl-cert: [INTL:nl] Dutch translation for po-debconf template
Package: ssl-cert Version: 1.0.22 Tags: l10n, patch Severity: wishlist Thanks Please find attached the Dutch translation of the debconf template of ssl-cert. I would be glad if you use it in the next upload. For translation updates please contact the Dutch Translations Team [EMAIL PROTECTED] With kind regards, Paul # translation of ssl-cert_1.0.22_nl.po to Dutch # #Translators, if you are not familiar with the PO format, gettext #documentation is worth reading, especially sections dedicated to #this format, e.g. by running: # info -n '(gettext)PO Files' # info -n '(gettext)Header Entry' # #Some information specific to po-debconf are available at #/usr/share/doc/po-debconf/README-trans # or http://www.debian.org/intl/l10n/po-debconf/README-trans # #Developers do not need to manually edit POT or PO files. # # Paul Gevers [EMAIL PROTECTED], 2008. msgid msgstr Project-Id-Version: ssl-cert_1.0.22_nl\n Report-Msgid-Bugs-To: [EMAIL PROTECTED] POT-Creation-Date: 2008-06-13 09:20+0200\n PO-Revision-Date: 2008-09-23 21:38-0500\n Last-Translator: Paul Gevers [EMAIL PROTECTED]\n Language-Team: Dutch [EMAIL PROTECTED]\n MIME-Version: 1.0\n Content-Type: text/plain; charset=ISO-8859-15\n Content-Transfer-Encoding: 8bit\n X-Generator: KBabel 1.11.4\n Plural-Forms: nplurals=2; plural=(n != 1);\n #. Type: string #. Description #: ../templates:2001 msgid Host name: msgstr Computernaam: #. Type: string #. Description #: ../templates:2001 msgid Please enter the host name to use in the SSL certificate. msgstr Welke computernaam wilt u gebruiken voor het SSL-certificaat? #. Type: string #. Description #: ../templates:2001 msgid It will become the 'commonName' field of the generated SSL certificate. msgstr De naam zal in het 'commonName' veld komen van het gegenereerde SSL-certificaat. #. Type: title #. Description #: ../templates:3001 msgid Configure an SSL Certificate. msgstr Een SSL-certificaat configureren. #. Type: note #. Description #: ../templates:4001 msgid Local SSL certificates must be replaced msgstr Lokale SSL-certificaten moeten worden vervangen. #. Type: note #. Description #: ../templates:4001 msgid A security certificate which was automatically created for your local system needs to be replaced due to a flaw which renders it insecure. This will be done automatically. msgstr Een automatisch aangemaakt veiligheidscertificaat voor uw lokale systeem moet worden vervangen vanwege een fout die het onveilig maakt. Dit gebeurt automatisch. #. Type: note #. Description #: ../templates:4001 msgid If you don't know anything about this, you can safely ignore this message. msgstr U kunt dit bericht veilig negeren, als u niet weet waar het hier over gaat. signature.asc Description: OpenPGP digital signature
Bug#486629: apache2 refusing to restart
[EMAIL PROTECTED]:~$ sudo lsof -nP -i tcp:80 COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME apache21372 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache21413 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache21464 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache21870 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache21939 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache22586 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache22626 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache22932 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache22949 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache23011 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache23062 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache23114 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache23346 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache23395 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache23416 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache23603 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache23946 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache24044 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache24089 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache24177 root3u IPv6 13782 TCP *:80 (LISTEN) apache24201 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache24202 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache24203 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache24204 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache24205 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache24414 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache24632 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache25177 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache25795 www-data3u IPv6 13782 TCP *:80 (LISTEN) firefox-b 5805 pwb 48u IPv4 661014 TCP 127.0.0.1:44101-127.0.0.1:80 (ESTABLISHED) apache26212 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache26371 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache26403 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache26959 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache27529 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache27648 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache27995 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache28370 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache28658 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache28747 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache28750 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache29167 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache29306 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache29666 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache29730 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache29751 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache29752 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache29753 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache29792 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache2 10528 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache2 10578 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache2 10718 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache2 10984 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache2 11049 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache2 11091 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache2 11432 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache2 11506 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache2 11569 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache2 11884 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache2 11929 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache2 12113 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache2 12698 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache2 13057 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache2 13116 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache2 13257 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache2 13313 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache2 13319 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache2 13352 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache2 13354 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache2 13355 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache2 13616 www-data3u IPv6 13782 TCP *:80 (LISTEN) apache2 13622 www-data3u
Bug#486629: apache2 refusing to restart
Which apache2-mpm-* package are you using? [EMAIL PROTECTED]:~$ dpkg -l apache2-mpm-prefork Desired=Unknown/Install/Remove/Purge/Hold | Status=Not/Inst/Cfg-files/Unpacked/Failed-cfg/Half-inst/trig-aWait/Trig-pend |/ Err?=(none)/Hold/Reinst-required/X=both-problems (Status,Err: uppercase=bad) ||/ Name Version Description +++-=-=-== ii apache2-mpm-prefork 2.2.9-1 Traditional model for Apache HTTPD -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#486629: apache2 refusing to restart
Hi Stefan, It was already set to 4, I read in the script it something about increasing it to atleast 12, So to be on the safe side I increased it to 30. That makes it take abit longer to restart but thats a better solution than forcing it to stop and then having to reboot to clean things up. Thanking you for your assistance, Paul. On Sat, 21 Jun 2008, Stefan Fritsch wrote: Hi Paul, it seems if there is a large number of child processes, apache can take a long time to close all the listening sockets. If this is your problem, then apache should die some time after an unsuccessful restart. In this case, you could try to increase the wait time in the init script (there is a t=4 in there, try to increase it to 10 or however long it takes apache to die in your setup). Does this help? If yes, what wait time works for you? Cheers, Stefan -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#486629: apache2 refusing to restart
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=366124 You can use lsof or netstat -tlnp (as root) to determine which processes keep the listening sockets open. Does this fit your problem? Stefan I have restarted apache to capture some more information sudo /etc/init.d/apache2 restart Restarting web server: apache2(98)Address already in use: make_sock: could not bind to address [::]:80 (98)Address already in use: make_sock: could not bind to address 0.0.0.0:80 no listening sockets available, shutting down Unable to open logs failed! netstat -tlnp tcp6 0 0 :::80 :::*LISTEN 4220/apache2 Is there any traces or dumps I can do to provide more information. Paul. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#486629: apache2 refusing to restart
package: apache2 version: 2.2.9-1 Severity: Critical Why does apache2 refuse to restart or reload the configuration and if you attempt it then the whole system needs to be rebooted. Any package that dies bad enough to require a reboot has something badly broken in it. waitpid(6285, 0xbf851c18, WNOHANG|WSTOPPED) = 0 waitpid(12158, 0xbf851c18, WNOHANG|WSTOPPED) = 0 getpgid(0x1099) = 4223 getpgrp() = 4223 kill(4249, SIG_0) = 0 rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0 rt_sigaction(SIGCHLD, NULL, {SIG_DFL}, 8) = 0 rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 nanosleep({1, 0}, {1, 0}) = 0 waitpid(4249, 0xbf851c18, WNOHANG|WSTOPPED) = 0 waitpid(4250, 0xbf851c18, WNOHANG|WSTOPPED) = 0 waitpid(4251, 0xbf851c18, WNOHANG|WSTOPPED) = 0 waitpid(4252, 0xbf851c18, WNOHANG|WSTOPPED) = 0 waitpid(4253, 0xbf851c18, WNOHANG|WSTOPPED) = 0 waitpid(5869, 0xbf851c18, WNOHANG|WSTOPPED) = 0 waitpid(6273, 0xbf851c18, WNOHANG|WSTOPPED) = 0 waitpid(6284, 0xbf851c18, WNOHANG|WSTOPPED) = 0 waitpid(6285, 0xbf851c18, WNOHANG|WSTOPPED) = 0 waitpid(12158, 0xbf851c18, WNOHANG|WSTOPPED) = 0 getpgid(0x1099) = 4223 getpgrp() = 4223 kill(4249, SIG_0) = 0 rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0 rt_sigaction(SIGCHLD, NULL, {SIG_DFL}, 8) = 0 rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 nanosleep({1, 0}, {1, 0}) = 0 waitpid(4249, 0xbf851c18, WNOHANG|WSTOPPED) = 0 waitpid(4250, 0xbf851c18, WNOHANG|WSTOPPED) = 0 waitpid(4251, 0xbf851c18, WNOHANG|WSTOPPED) = 0 waitpid(4252, 0xbf851c18, WNOHANG|WSTOPPED) = 0 waitpid(4253, 0xbf851c18, WNOHANG|WSTOPPED) = 0 waitpid(5869, 0xbf851c18, WNOHANG|WSTOPPED) = 0 waitpid(6273, 0xbf851c18, WNOHANG|WSTOPPED) = 0 waitpid(6284, 0xbf851c18, WNOHANG|WSTOPPED) = 0 waitpid(6285, 0xbf851c18, WNOHANG|WSTOPPED) = 0 waitpid(12158, 0xbf851c18, WNOHANG|WSTOPPED) = 0 getpgid(0x1099) = 4223 getpgrp() = 4223 kill(4249, SIG_0) = 0 rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0 rt_sigaction(SIGCHLD, NULL, {SIG_DFL}, 8) = 0 rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 nanosleep({1, 0}, {1, 0}) = 0 waitpid(4249, 0xbf851c18, WNOHANG|WSTOPPED) = 0 w -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#486629: apache2 refusing to restart
My apologies for the brief bug, it was sent after a 13 hour day at work. Some times I have noticed the system is abit sluggish when I restart apache, the main problem is with apache, it creates lots of child processes that refuse to die, the biggest problem is it then locks up the ports it is using and the only way to kill apache properly at the moment is to restart the whole system. When apache is working it is stable, its been happening for awhile and I was hoping it would have been fixed during the normal update sequence. [EMAIL PROTECTED]:~$ dpkg -l libapr1 Desired=Unknown/Install/Remove/Purge/Hold | Status=Not/Inst/Cfg-files/Unpacked/Failed-cfg/Half-inst/trig-aWait/Trig-pend |/ Err?=(none)/Hold/Reinst-required/X=both-problems (Status,Err: uppercase=bad) ||/ Name Version Description +++-=-=-== ii libapr1 1.2.12-3 The Apache Portable Runtime Library [EMAIL PROTECTED]:~$ dpkg -l libaprutil1 Desired=Unknown/Install/Remove/Purge/Hold | Status=Not/Inst/Cfg-files/Unpacked/Failed-cfg/Half-inst/trig-aWait/Trig-pend |/ Err?=(none)/Hold/Reinst-required/X=both-problems (Status,Err: uppercase=bad) ||/ Name Version Description +++-=-=-== ii libaprutil1 1.2.12+dfsg-6 The Apache Portable Runtime Utility Library [EMAIL PROTECTED]:~$ On Tue, 17 Jun 2008, Stefan Fritsch wrote: Hi, On Tue, 17 Jun 2008, Paul wrote: Why does apache2 refuse to restart or reload the configuration and if you attempt it then the whole system needs to be rebooted. Any package that dies bad enough to require a reboot has something badly broken in it. Please be more verbose. What happens exactly? Does the system just become unresponsive, does it run out of memory, etc.? Can you call top while you restart and do you see what's happening in the output? Also, what architecture are you using? What are the versions of libapr1 and libaprutil1 that you have installed? (These information get automatically added by reportbug. I recommend you use reportbug in the future.) Cheers, Stefan -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#453783: apache2: CVE-2007-4465
Dear Stefan, ... I think reporting it to the Firefox bugzilla would be a good idea. Had done so: https://bugzilla.mozilla.org/show_bug.cgi?id=406777 https://bugzilla.mozilla.org/show_bug.cgi?id=356280 If it affects only one buggy browser, it's low impact. ... If that buggy browser is IE ... ... I still do not think it is important enough for a security advisory. So far I failed in producing an exploit for IE... even though that is expected/reported to be easy! (The Firefox bug trumps any fix you may make.) Thanks, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#453783: apache2: CVE-2007-4465
Package: apache2 Severity: grave Justification: user security hole Seems to me that Debian (sarge or etch or even sid) apache packages are not yet patched against http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4465 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4465 Seems to me that the obvious workarounds of turning Indexes off or having an index.html everywhere, protects just fine; and wonder why Apache does not say so. Cheers, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia -- System Information: Debian Release: 3.1 Architecture: i386 (i686) Kernel: Linux 2.6.8-spm1.11 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#453783: apache2: CVE-2007-4465
Dear Stefan, This is actually a bug in MSIE, see CVE-2006-5152. Not a bug in IE only, I have a demo that exploits it under Firefox. (In fact my demo does not seem to work for IE, yet...) Not really related to CVE-2006-5152. In fact that is a non-issue: the CVE references my posts, but fails to reference my retraction http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/049828.html ... no plan to backport ... it is of low impact. I do not think that XSS and cookie theft (thus access to all data protected by web login) is of low impact. ... setting AddDefaultCharset also protects from the issue. AddDefaultCharset is on in the default configurations ... Thanks for that other workaround: yes it seems to protect my machines. Now I am puzzled why AddDefaultCharset was commented out in my configs. Still puzzled why Apache did not mention these workarounds. Cheers, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#453783: apache2: CVE-2007-4465
Dear Stefan, If you can exploit that with Firefox, Firefox should be fixed. Can you give more details? I would be very interested. Will do, offline (because it affects the main web login site of my Uni). Essentially, I found that Firefox will inherit the charset of the parent page, when that had been selected manually (does not inherit the charset specified in headers or meta). I guess this is a new bug in Firefox, maybe they should be told... Any broswer that interprets ascii as utf7 without being told to do so is severely buggy. And CVE-2006-5152 is about MSIE, not about Apache. Your retraction was about Apache. So IE encoding autoselect is severely buggy: I almost agree. Whatever people think CVE-2006-5152 is about, I meant my posts to be about Apache. (No use trying to get MS to fix IE.) If it affects only one buggy browser, it's low impact. ... If that buggy browser is IE, used by 90% of the (deluded) population, then is it not low impact. Cheers, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#430886: a2ensite rewritten to allow globbing/multiple site enabling
Package: apache2 Version: 2.2.3-3 Severity: wishlist Hi, as an Ubuntu triager, I'd like to share with you a rewritten a2ensite file made by Speeves (sorry complete name not available). This is on Ubuntu bug: https://launchpad.net/bugs/84142 Ubuntu bug description is: [BEGIN] Binary package hint: apache2-common I have modified a2ensite to : 1. enable multiple sites at a time, (including file globbing). (Both from the command-line, and from the Site Name? prompt) 2. modified the sites-available listing to be columnar, as opposed to space-delimited. (Helps when you have hundreds of sites available). 3. allow for interactive or non-interactive modes, (using -f). (interactive mode prompts for confirmation before enabling a site). 4. generates a help message (-h). 5. I have also written a man page a2ensite(8), which documents all of the features that I have included in this revision. [END] Possible problem with it would be: [BEGIN] Is it possible for a2ensite to list only those sites that are not already enabled? Similarly, a2enmod should do the same. [END] -- http://www.fastmail.fm - Email service worth paying for. Try it for free a2ensite Description: application/shellscript a2ensite.8 Description: Troff document
Bug#393913: suggested fix wrong for apache2: After an upgrade index.php wouldn't load automatically
The author is correct that the line is missing, but the problem is that the line was moved to mod_dir.conf, which is a NEW file in 2.2, but wasn't symlinked into mods-enabled. We're doing upgrading incorrectly in general. I'm wondering if the proper way to do it is to look at the existing active modules list and do a a2dismod module a2enmod module to bring over any new files? That has its own potential issues, but in this particular case, the real bug is that mod_dir.conf didn't get symlinked in. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#383267: apache: 383267: more info
I have this problem too. I modified /var/lib/dpkg/info/apache.* to include these lines at the very start: echo $* set -x The results were: # apt-get -f install Reading package lists... Done Building dependency tree... Done 0 upgraded, 0 newly installed, 0 to remove and 2 not upgraded. 1 not fully installed or removed. Need to get 0B of archives. After unpacking 0B of additional disk space will be used. Setting up apache (1.3.34-3) ... configure 1.3.34-2 + set -e + . /usr/share/debconf/confmodule ++ '[' '!' '' ']' ++ PERL_DL_NONLAZY=1 ++ export PERL_DL_NONLAZY ++ '[' '' ']' ++ exec /usr/share/debconf/frontend /var/lib/dpkg/info/apache.postinst configure 1.3.34-2 + set -e + . /usr/share/debconf/confmodule ++ '[' '!' 1 ']' ++ '[' -z '' ']' ++ exec ++ '[' '' ']' ++ exec ++ DEBCONF_REDIR=1 ++ export DEBCONF_REDIR + '[' -e /etc/apache/apache_not_to_be_run ']' + '[' -e /etc/default/apache ']' + '[' -e /usr/lib/apache/suexec ']' + db_set apache/enable-suexec false + _db_cmd 'SET apache/enable-suexec' false + printf '%s\n' 'SET apache/enable-suexec false' + IFS=' ' + read -r _db_internal_line + RET='20 Unsupported command configure (full line was configure 1.3.34-2) received from confmodule.' + case ${_db_internal_line%%[ ]*} in + return 20 dpkg: error processing apache (--configure): subprocess post-installation script returned error exit status 20 Errors were encountered while processing: apache E: Sub-process /usr/bin/dpkg returned an error code (1) -- bye, pabs http://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Bug#358543: apache: fails to install
Package: apache Severity: grave Justification: renders package unusable Upon install of apache, I get the following error message: dpkg: error processing apache (--configure): subprocess post-installation script returned error exit status 1 Errors were encountered while processing: apache E: Sub-process /usr/bin/dpkg returned an error code (1) -- System Information: Debian Release: 3.1 Architecture: i386 (i686) Kernel: Linux 2.6.8-2-686 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#336318: compiling mod_watch in apache2
Package: apache2 Version: 2.0.55-3 Severity: wishlist Is it possible to add mod_watch: http://www.snert.com/Software/mod_watch/ into apache2? So I can add this for monitoring my virtualhosts? We sell webhosting and want to monitor per virtualhost its bandwidth. With this mod it is possible.. but it would be great to have it precompiled into my apache2 Or somebody has another option thanks! Paul -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.4.27-speakup Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1) Versions of packages apache2 depends on: ii apache2-mpm-prefork 2.0.55-3 traditional model for Apache2 apache2 recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#314168: apache-perl: Dot at end of filename not treated as significant
Package: apache-perl Version: 1.3.33-4 Severity: normal When making GET requests for a file in the form path/leafname.exe apache will return a file in the same path which has a trailing dot I.E. Both the requests 'GET /~paul/testfile.exe.' and 'GET /~paul/testfile.exe' return the file '/home/paul/public_html/testfile.exe.' not the trailing dot in the filename. This only is the case for requsts for .exe, .zip, .html files but strangly not .ini files -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.4.22-1-k7 Locale: LANG=en_GB, LC_CTYPE=en_GB (charmap=ISO-8859-1) Versions of packages apache-perl depends on: ii apache-common 1.3.33-4 support files for all Apache webse ii debconf 1.4.46 Debian configuration management sy ii dpkg1.10.27 Package maintenance system for Deb ii libapache-mod-perl 1.29.0.3-4 integration of perl with the Apach ii libc6 2.3.2.ds1-20 GNU C Library: Shared libraries an ii libdb4.24.2.52-18Berkeley v4.2 Database Libraries [ ii libexpat1 1.95.8-1 XML parsing C library - runtime li ii libmagic1 4.12-1 File type determination library us ii libperl5.8 5.8.4-8 Shared Perl library ii logrotate 3.7-2Log rotation utility ii mime-support3.31-1 MIME files 'mime.types' 'mailcap -- debconf information: apache-perl/old-pidfile-set: apache-perl/upgrade-from-apache-conflict: apache-perl/server-port: 80 apache-perl/init: true * apache-perl/enable-suexec: false apache-perl/server-name: localhost apache-perl/server-admin: [EMAIL PROTECTED] apache-perl/document-root: /var/www -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#294673: Yup, PCRE is pretty screwed up
I can confirm this occured with the introduction of Apache2 packages version 2.0.53-3. It seems perhaps the hand-merging of Joe Orton's patch had some unforseen but nasty consequences. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
unsubscribe [EMAIL PROTECTED]
-- Paul Nicholas McCubbins [EMAIL PROTECTED]
Bug#229505: apache-ssl: post-installation script fails (still)
reopen 229505 thanks On Sun 25 Jan 2004, Fabio Massimo Di Nitto wrote: this was a bug in ssl-cert that has been fixed in sid already and it should enter testing in a couple of days. It's now March, and when doing a fresh install of testing on a box, I still get this error: 7830:error:0D07A098:asn1 encoding routines:ASM1_mbstring_copy:string too short:a_mbstr.c:147:minsize=1 I left the organisationalUnitName field empty, it doesn't apply. Versions involved: apache-ssl 1.3.29.0.1-3 ssl-cert 1.0-7 As it's still not resolved, I'm reopening this bug now. If it belongs to ssl-cert, fine; reassign (although it's starting to look like using ssl-cert is a bug in itself, if I look at the open bug reports there). Please don't close the bug before it's actually fixed... Paul Slootman
Bug#227653: apache2-common: More like half-enabled
Package: apache2-common Version: 2.0.48-4 Severity: normal Followup-For: Bug #227653 When mod_suexec is enabled, Apache prints the following line in error.log as it starts up: suEXEC mechanism enabled (wrapper: /usr/lib/apache2/suexec2) When mod_suexec is disabled (suexec.load isn't linked in /etc/apache2/mods-enabled), that line is not printed, and no entry for mod_suexec appears in server-info. However, even in these circumstances, the server seems to use suEXEC anyway as long as /usr/lib/apache2/suexec2 exists. So the problem isn't that it's configured to be on by default, it's that it's on even when it's configured not to be. -- System Information: Debian Release: testing/unstable Architecture: i386 Kernel: Linux schala 2.4.22 #1 Sat Dec 27 10:55:09 EST 2003 i686 Locale: LANG=C, LC_CTYPE=C Versions of packages apache2-common depends on: ii debconf 1.4.5Debian configuration management sy ii debianutils 2.6.2Miscellaneous utilities specific t ii libapr0 2.0.48-4 The Apache Portable Runtime ii libc6 2.3.2.ds1-10 GNU C Library: Shared libraries an ii libdb4.14.1.25-16Berkeley v4.1 Database Libraries [ ii libexpat1 1.95.6-6 XML parsing C library - runtime li ii libldap22.1.23-1 OpenLDAP libraries ii libssl0.9.7 0.9.7c-5 SSL shared libraries ii mime-support3.23-1 MIME files 'mime.types' 'mailcap ii net-tools 1.60-9 The NET-3 networking toolkit ii openssl 0.9.7c-5 Secure Socket Layer (SSL) binary a ii ssl-cert1.0-6Simple debconf wrapper for openssl ii zlib1g 1:1.2.1-3compression library - runtime -- no debconf information
Bug#224233: apache: upgrade bombs with sed errors
or defined by a module not included in the server configuration invoke-rc.d: initscript apache, action start failed. dpkg: error processing apache (--configure): subprocess post-installation script returned error exit status 1 Setting up libmm13 (1.3.0-1) ... Setting up php4 (4.3.3-4) ... sed: invalid option -- s Usage: sed [OPTION]... {script-only-if-no-other-script} [input-file]... -n, --quiet, --silent suppress automatic printing of pattern space -e script, --expression=script add the script to the commands to be executed -f script-file, --file=script-file add the contents of script-file to the commands to be executed --help display this help and exit -V, --version output version information and exit If no -e, --expression, -f, or --file option is given, then the first non-option argument is taken as the sed script to interpret. All remaining arguments are names of input files; if no input files are specified, then the standard input is read. E-mail bug reports to: [EMAIL PROTECTED] . Be sure to include the word ``sed'' somewhere in the ``Subject:'' field. sed: invalid option -- s Usage: sed [OPTION]... {script-only-if-no-other-script} [input-file]... -n, --quiet, --silent suppress automatic printing of pattern space -e script, --expression=script add the script to the commands to be executed -f script-file, --file=script-file add the contents of script-file to the commands to be executed --help display this help and exit -V, --version output version information and exit If no -e, --expression, -f, or --file option is given, then the first non-option argument is taken as the sed script to interpret. All remaining arguments are names of input files; if no input files are specified, then the standard input is read. E-mail bug reports to: [EMAIL PROTECTED] . Be sure to include the word ``sed'' somewhere in the ``Subject:'' field. Errors were encountered while processing: apache E: Sub-process /usr/bin/dpkg returned an error code (1) [EMAIL PROTECTED]:/etc/apache$ -- Paul Telford | 1024D/431B38BA | [EMAIL PROTECTED] | [EMAIL PROTECTED] C903 0E85 9AF5 1B80 6A5F F169 D7E9 4363 431B 38BA
Bug#224233: apache-common: sed error
I know you already marked this pending, but here's some more information just in case it helps you. After some more digging I found that this is caused by modules-config which is not compatible with older versions of sed. [EMAIL PROTECTED]:/usr/share/apache$ dpkg -l apache-common Desired=Unknown/Install/Remove/Purge/Hold | Status=Not/Installed/Config-files/Unpacked/Failed-config/Half-installed |/ Err?=(none)/Hold/Reinst-required/X=both-problems (Status,Err: uppercase=bad) ||/ Name Version Description +++--- ii apache-common1.3.29.0.1-2 Support files for all Apache webservers [EMAIL PROTECTED]:/usr/share/apache$ grep sed -s /usr/sbin/modules-config sed -s 's/AddModule mod_perl.c/LoadModule perl_module \/usr\/lib\/apache\/1.3\/mod_perl.so/g' | \ [EMAIL PROTECTED]:/usr/share/apache$ dpkg -l sed Desired=Unknown/Install/Remove/Purge/Hold | Status=Not/Installed/Config-files/Unpacked/Failed-config/Half-installed |/ Err?=(none)/Hold/Reinst-required/X=both-problems (Status,Err: uppercase=bad) ||/ Name Version Description +++--- ii sed 3.02-8 The GNU sed stream editor. After upgrading sed this particular error goes away. [EMAIL PROTECTED]:/usr/share/apache$ dpkg -l sed Desired=Unknown/Install/Remove/Purge/Hold | Status=Not/Installed/Config-files/Unpacked/Failed-config/Half-installed |/ Err?=(none)/Hold/Reinst-required/X=both-problems (Status,Err: uppercase=bad) ||/ Name Version Description +++--- ii sed 4.0.7-3 The GNU sed stream editor Looks like a versioned depends is needed. Older versions of sed can't use the -s option. Thanks, -- Paul Telford | 1024D/431B38BA | [EMAIL PROTECTED] | [EMAIL PROTECTED] C903 0E85 9AF5 1B80 6A5F F169 D7E9 4363 431B 38BA