Re: Need Some Help

[Yadd]

On 3/7/24 20:52, Ali Ramzan wrote:

Hi,

I am currently using Debian Apache version on my Debian server, but when 
I perform a scan, I am alerted to several vulnerabilities. Specifically, 
the Apache version 2.4.x is vulnerable to multiple CVEs, including 
2023-31122, 2023-43622, and 2023-45802.


I have a couple of questions: When will Debian release Apache version 
2.4.58, which resolves these vulnerabilities? Also, where can I find a 
link to this release and its release date? Finally, is there any way for 
me to fix these vulnerabilities in the meantime?


Hi,

version 2.4.58 doesn't contain important CVE fixes, only minor/medium. 
So it will be updated during a Debian point release and not in security 
branch.


Cheers,
Yadd

Need Some Help

[Ali Ramzan]

Hi,

I am currently using Debian Apache version on my Debian server, but when I
perform a scan, I am alerted to several vulnerabilities. Specifically, the
Apache version 2.4.x is vulnerable to multiple CVEs, including 2023-31122,
2023-43622, and 2023-45802.

I have a couple of questions: When will Debian release Apache version
2.4.58, which resolves these vulnerabilities? Also, where can I find a link
to this release and its release date? Finally, is there any way for me to
fix these vulnerabilities in the meantime?

apt policy apache2
apache2:
  Installed: 2.4.56-1~deb11u2
  Candidate: 2.4.56-1~deb11u2
  Version table:
 *** 2.4.56-1~deb11u2 500
500 http://ftp.de.debian.org/debian bullseye/main amd64 Packages
100 /var/lib/dpkg/status
root@vcloudproxy-02:~# lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description:Debian GNU/Linux 11 (bullseye)
Release:11
Codename:   bullseye

Thanks
Ali

Request help with public IP address for Debian's Apache build

[retrovirus-...@juno.com]

Hello Apache developers,

I used to have a Windows build of Apache1, along with the tomcat. I was quite 
successful to have the public ip address to host the defined directory. Now, I 
am on a Debian type build, particularly Apache2. There is no httpd.conf to be 
found so everything is different. I haven't documented much on my Apache1 
attempt. I was young, and I didn't have a means of purchasing a domain name nor 
keep the server active 24/7. Now, I don't have httpd.conf and am working on a 
new Apache2.

Do you happened to know how to get the public ip address to host my defined 
Apache2 directory? I am willing to listen on router configurations, firewalls 
(I am currently using the firewall-config), and Apache2 scripts.

--
Sincerely,
retrovirus-...@juno.com

Re: help needed to complete regression fix for apache2 Bug#858373

[Brian Kroth]

Hi, sorry for the delay. Gmail filed this one into spam :-(

Unfortunately, I don't have access to that environment anymore to confirm.
I'll pass this on to the folks that do so hopefully they can.

My recollection from this issue was that I'd tested it against different
package versions and the 400 ErrorDocuments had worked beforehand (we used
them for ModSec types of things primarily, and I'm confident that mode was
working well before hand and after), though possibly not in that particular
protocol error context. I vaguely recall having issues reproducing a
working ErrorDocument with non-cgi methods in that protocol error mode
style test as well, but I don't recall if rhat was only in the newer
versions of the software that I had been testing with or true before that
update as well.

Anyways, thanks much for following up. Sorry I don't have more info to
offer at the moment.

Cheers,
Brian

On Fri, Jul 21, 2017, 08:44 Antoine Beaupré  wrote:

> TL;DR: New proposed package (deb7u11) doesn't ctually show a new
> regression, please test:
>
>
> https://people.debian.org/~anarcat/debian/wheezy-lts/apache2_2.2.22-13+deb7u11_amd64.changes
>
> In particular, Brian Kroth: are you *sure* you had that ErrorDocument
> 400 working in apache2_2.2.22-13+deb7u7 (ie. before the DLA-841-1
> upload)? In my tests, it didn't actually work at all. It wouldn't
> trigger a segfault, but the CGI script wouldn't get called either. In
> the above package, we don't segfault anymore, but we yield a 400 + 500
> error message (because the ErrorDocument fails). The solution, here, is
> obviously to update to a later Apache version (e.g. update to jessie,
> really) to get that functionality working, from my perspective.
>
> More technical details follow.
>
> On 2017-07-21 09:24:00, Stefan Fritsch wrote:
> > Hi Antoine,
> >
> > On Wednesday, 19 July 2017 15:45:20 CEST Antoine Beaupre wrote:
> >> As I mentioned in the #858373 bug report, I started looking at fixing
> >> the regression introduced by the 2.2.22-13+deb7u8 upload, part of
> >> DLA-841-1. The problem occurs when a CGI(d) ErrorDocument is configured
> >> to handle 400 error messages that can be triggered with a simple "GET /
> >> HTTP/1.0\n\n". Such a request segfaults Apache in Wheezy right now.
> >
> >> Unfortunately, re-introducing the protocol initialization code isn't
> >> sufficient: it does fix the segfaults, but the ErrorDocument handling is
> >> not quite working yet. Instead of seeing the output of the
> >> ErrorDocument, after 10 seconds, I get the raw 400 message, doubled with
> >> a 500 error document warning:
> >
> >> Note that I have also tried to see if sending "\r\n" instead of just
> >> "\n" in my "hello world" example would work around the issue: it
> >> doesn't, unfortunately.
> >>
> >> I am at a loss as where to go from here, to be honest. The patch
> >> (attached) at least fixes the segfault, which resolves the primary issue
> >> at hand here (DoS by crashing processes!) but it would be nice to
> >> actually fix the ErrorDocument as well..
> >
> > This sounds familiar. Maybe it's simply broken in 2.2.22. Can you
> compare with
> > 2.2.22-13+deb7u7 if that bug has been there already?
>
> Well, the problem is - how do I reproduce this? I can't generate the
> same 400 error message in deb7u7 (I tried!) with the previous techniques
> because the new request handling code isn't there. That is, the
> following query just works:
>
> # printf "GET / HTTP/1.0\n\n" | nc localhost 80 | head -1
> HTTP/1.1 200 OK
>
>
> Furthermore, generating a 400 error, when it works in deb7u7, doesn't
> trigger the ErrorDocument - not sure why:
>
> # printf "G ET / HTTP/1.0\r\n\r\n" | nc localhost 80
> HTTP/1.1 400 Bad Request
> Date: Fri, 21 Jul 2017 13:40:48 GMT
> Server: Apache/2.2.22 (Debian)
> Vary: Accept-Encoding
> Content-Length: 302
> Connection: close
> Content-Type: text/html; charset=iso-8859-1
>
> 
> 
> 400 Bad Request
> 
> Bad Request
> Your browser sent a request that this server could not understand.
> 
> 
> Apache/2.2.22 (Debian) Server at wheezy.raw Port 80
> 
>
> Logs show the following:
>
> [Fri Jul 21 13:40:48 2017] [error] [client 127.0.0.1] Invalid URI in
> request G ET / HTTP/1.0
>
> ... whether or not the 400 ErrorDocument directive is present. Notice
> how the ErrorDocument isn't triggered at all here.
>
> Of course, a 404 ErrorDocument still works correctly:
>
> # printf "GET /wtf HTTP/1.0\r\n\r\n" | nc localhost 80
> HTTP/1.1 404 Not Found
> Date: Fri, 21 Jul 2017 13:23:46 GMT
> Server: Apache/2.2.22 (Debian)
> Vary: Accept-Encoding
> Connection: close
> Content-Type: text/plain
>
> Hello, World.
>
> I get this behavior consistently with deb7u7 and the proposed deb7u11
> (which only adds a 500 error document to *certain* 400 errors,
> basically). I find that is an acceptable compromise to fix a segfault,
> and, from my perspective, doesn't introduce a regression.
>
> > In 2.2.30, there is this fix, which is obviously missing from 

Processed: Re: help needed to complete regression fix for apache2 Bug#858373

[Debian Bug Tracking System]

Processing control commands:

> fixed 858373 2.2.22-13+deb7u7
Bug #858373 [apache2.2-common] apache2: segfaults upon recieving bad request 
when using worker/event mpm and cgid errordoc
There is no source info for the package 'apache2.2-common' at version 
'2.2.22-13+deb7u7' with architecture ''
Unable to make a source version for version '2.2.22-13+deb7u7'
Marked as fixed in versions 2.2.22-13+deb7u7.
> tags 858373 +pending +patch
Bug #858373 [apache2.2-common] apache2: segfaults upon recieving bad request 
when using worker/event mpm and cgid errordoc
Added tag(s) pending.
Bug #858373 [apache2.2-common] apache2: segfaults upon recieving bad request 
when using worker/event mpm and cgid errordoc
Added tag(s) patch.

-- 
858373: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858373
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#858373: help needed to complete regression fix for apache2 Bug#858373

[Antoine Beaupré]

Control: fixed 858373 2.2.22-13+deb7u7
Control: tags 858373 +pending +patch

On 2017-07-21 09:44:38, Antoine Beaupré wrote:
> TL;DR: New proposed package (deb7u11) doesn't actually show a new
> regression, please test:
>
> https://people.debian.org/~anarcat/debian/wheezy-lts/apache2_2.2.22-13+deb7u11_amd64.changes
>
> In particular, Brian Kroth: are you *sure* you had that ErrorDocument
> 400 working in apache2_2.2.22-13+deb7u7 (ie. before the DLA-841-1
> upload)? In my tests, it didn't actually work at all. It wouldn't
> trigger a segfault, but the CGI script wouldn't get called either. In
> the above package, we don't segfault anymore, but we yield a 400 + 500
> error message (because the ErrorDocument fails). The solution, here, is
> obviously to update to a later Apache version (e.g. update to jessie,
> really) to get that functionality working, from my perspective.

Timing out on this one: I will assume that 2.2.22-13+deb7u7 didn't
segfault, but then didn't yield a proper ErrorDocument either (because I
cannot reproduce that behavior).

I have uploaded deb7u11 and will send the associated DLA-841-2
regression update when it hits the archives.

A.

-- 
Seul a un caractère scientifique ce qui peut être réfuté. Ce qui n'est
pas réfutable relève de la magie ou de la mystique.
- Karl Popper

Bug#858373: help needed to complete regression fix for apache2 Bug#858373

[Antoine Beaupré]

TL;DR: New proposed package (deb7u11) doesn't actually show a new
regression, please test:

https://people.debian.org/~anarcat/debian/wheezy-lts/apache2_2.2.22-13+deb7u11_amd64.changes

In particular, Brian Kroth: are you *sure* you had that ErrorDocument
400 working in apache2_2.2.22-13+deb7u7 (ie. before the DLA-841-1
upload)? In my tests, it didn't actually work at all. It wouldn't
trigger a segfault, but the CGI script wouldn't get called either. In
the above package, we don't segfault anymore, but we yield a 400 + 500
error message (because the ErrorDocument fails). The solution, here, is
obviously to update to a later Apache version (e.g. update to jessie,
really) to get that functionality working, from my perspective.

More technical details follow.

On 2017-07-21 09:24:00, Stefan Fritsch wrote:
> Hi Antoine,
>
> On Wednesday, 19 July 2017 15:45:20 CEST Antoine Beaupre wrote:
>> As I mentioned in the #858373 bug report, I started looking at fixing
>> the regression introduced by the 2.2.22-13+deb7u8 upload, part of
>> DLA-841-1. The problem occurs when a CGI(d) ErrorDocument is configured
>> to handle 400 error messages that can be triggered with a simple "GET /
>> HTTP/1.0\n\n". Such a request segfaults Apache in Wheezy right now.
>
>> Unfortunately, re-introducing the protocol initialization code isn't
>> sufficient: it does fix the segfaults, but the ErrorDocument handling is
>> not quite working yet. Instead of seeing the output of the
>> ErrorDocument, after 10 seconds, I get the raw 400 message, doubled with
>> a 500 error document warning:
>
>> Note that I have also tried to see if sending "\r\n" instead of just
>> "\n" in my "hello world" example would work around the issue: it
>> doesn't, unfortunately.
>> 
>> I am at a loss as where to go from here, to be honest. The patch
>> (attached) at least fixes the segfault, which resolves the primary issue
>> at hand here (DoS by crashing processes!) but it would be nice to
>> actually fix the ErrorDocument as well..
>
> This sounds familiar. Maybe it's simply broken in 2.2.22. Can you compare 
> with 
> 2.2.22-13+deb7u7 if that bug has been there already?

Well, the problem is - how do I reproduce this? I can't generate the
same 400 error message in deb7u7 (I tried!) with the previous techniques
because the new request handling code isn't there. That is, the
following query just works:

# printf "GET / HTTP/1.0\n\n" | nc localhost 80 | head -1
HTTP/1.1 200 OK


Furthermore, generating a 400 error, when it works in deb7u7, doesn't
trigger the ErrorDocument - not sure why:

# printf "G ET / HTTP/1.0\r\n\r\n" | nc localhost 80
HTTP/1.1 400 Bad Request
Date: Fri, 21 Jul 2017 13:40:48 GMT
Server: Apache/2.2.22 (Debian)
Vary: Accept-Encoding
Content-Length: 302
Connection: close
Content-Type: text/html; charset=iso-8859-1



400 Bad Request

Bad Request
Your browser sent a request that this server could not understand.


Apache/2.2.22 (Debian) Server at wheezy.raw Port 80


Logs show the following:

[Fri Jul 21 13:40:48 2017] [error] [client 127.0.0.1] Invalid URI in request G 
ET / HTTP/1.0

... whether or not the 400 ErrorDocument directive is present. Notice
how the ErrorDocument isn't triggered at all here.

Of course, a 404 ErrorDocument still works correctly:

# printf "GET /wtf HTTP/1.0\r\n\r\n" | nc localhost 80
HTTP/1.1 404 Not Found
Date: Fri, 21 Jul 2017 13:23:46 GMT
Server: Apache/2.2.22 (Debian)
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain

Hello, World.

I get this behavior consistently with deb7u7 and the proposed deb7u11
(which only adds a 500 error document to *certain* 400 errors,
basically). I find that is an acceptable compromise to fix a segfault,
and, from my perspective, doesn't introduce a regression.

> In 2.2.30, there is this fix, which is obviously missing from 2.2.22:
>
>   *) core, modules: Avoid error response/document handling by the core if some
>  handler or input filter already did it while reading the request (causing
>  a double response body).  [Yann Ylavic]
>
> I could not find a changelog entry about the 10s delay, but it's possible 
> that 
> that has been fixed as well. If the issue is not a regression, you should 
> simply release the patch that you have. The fix for the error document seems 
> rather invasive:
>
> https://svn.apache.org/r1683808

But that's another big patch to backport:

 20 files changed, 196 insertions(+), 129 deletions(-)

Not sure we want to pile yet another backport on top of the pile we
already have. Now I really regret not updating to 2.2.34. :(

Since this issue doesn't seem to be a regression (the ErrorDocument
didn't seem to get called at all, previously), I think I'll just post a
test package with the regression fix and be done with it for now.

I'm more confident in the upload now, and hopefully it won't break too
many things now. At least we don't segfault. ;)

I'll be available to upload the test package tomorrow or by the end of
next week, if there 

Re: help needed to complete regression fix for apache2 Bug#858373

[Stefan Fritsch]

Hi Antoine,

On Wednesday, 19 July 2017 15:45:20 CEST Antoine Beaupre wrote:
> As I mentioned in the #858373 bug report, I started looking at fixing
> the regression introduced by the 2.2.22-13+deb7u8 upload, part of
> DLA-841-1. The problem occurs when a CGI(d) ErrorDocument is configured
> to handle 400 error messages that can be triggered with a simple "GET /
> HTTP/1.0\n\n". Such a request segfaults Apache in Wheezy right now.

> Unfortunately, re-introducing the protocol initialization code isn't
> sufficient: it does fix the segfaults, but the ErrorDocument handling is
> not quite working yet. Instead of seeing the output of the
> ErrorDocument, after 10 seconds, I get the raw 400 message, doubled with
> a 500 error document warning:

> Note that I have also tried to see if sending "\r\n" instead of just
> "\n" in my "hello world" example would work around the issue: it
> doesn't, unfortunately.
> 
> I am at a loss as where to go from here, to be honest. The patch
> (attached) at least fixes the segfault, which resolves the primary issue
> at hand here (DoS by crashing processes!) but it would be nice to
> actually fix the ErrorDocument as well..

This sounds familiar. Maybe it's simply broken in 2.2.22. Can you compare with 
2.2.22-13+deb7u7 if that bug has been there already?

In 2.2.30, there is this fix, which is obviously missing from 2.2.22:

  *) core, modules: Avoid error response/document handling by the core if some
 handler or input filter already did it while reading the request (causing
 a double response body).  [Yann Ylavic]

I could not find a changelog entry about the 10s delay, but it's possible that 
that has been fixed as well. If the issue is not a regression, you should 
simply release the patch that you have. The fix for the error document seems 
rather invasive:

https://svn.apache.org/r1683808

Cheers,
Stefan

Bug#858373: help needed to complete regression fix for apache2 Bug#858373

[Antoine Beaupré]

And then, obviously, I forget the patch.

Sorry for the noise.

-- 
The secret of life is to have no fear; it's the only way to function.
- Stokely Carmichael
diff -Nru apache2-2.2.22/debian/changelog apache2-2.2.22/debian/changelog
--- apache2-2.2.22/debian/changelog	2017-07-17 03:50:16.0 -0400
+++ apache2-2.2.22/debian/changelog	2017-07-19 14:12:44.0 -0400
@@ -1,3 +1,12 @@
+apache2 (2.2.22-13+deb7u11) UNRELEASED; urgency=high
+
+  * Non-maintainer upload by the LTS Security Team.
+  * fix regression introduced in 2.2.22-13+deb7u8 that re-introduced
+something like CVE-2015-0253 when fixing CVE-2016-8743 (Closes:
+#858373)
+
+ -- Antoine Beaupré   Wed, 19 Jul 2017 14:12:44 -0400
+
 apache2 (2.2.22-13+deb7u10) wheezy-security; urgency=high
 
   * CVE-2017-9788: The value placeholder in [Proxy-]Authorization headers of
diff -Nru apache2-2.2.22/debian/patches/CVE-2016-8743-regression.patch apache2-2.2.22/debian/patches/CVE-2016-8743-regression.patch
--- apache2-2.2.22/debian/patches/CVE-2016-8743-regression.patch	1969-12-31 19:00:00.0 -0500
+++ apache2-2.2.22/debian/patches/CVE-2016-8743-regression.patch	2017-07-19 14:12:44.0 -0400
@@ -0,0 +1,23 @@
+Description: fix regression introduced in CVE-2016-8743
+ The messy CVE-2016-8743 patchset introduced an error in protocol
+ initialization in some error cases. This makes sure that invalid
+ requests doesn't segfault apache.
+ .
+ This is similar, but not directly related to CVE-2015-0253.
+Origin: https://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/server/protocol.c?r1=1642403=1668879=1668879=patch
+Bug-Debian: 858373
+Forwarded: not-needed
+Author: Antoine Beaupré
+Last-update: 2017-07-19
+
+--- a/server/protocol.c
 b/server/protocol.c
+@@ -637,6 +637,8 @@ static int read_request_line(request_rec
+ else if (APR_STATUS_IS_EINVAL(rv)) {
+ r->status = HTTP_BAD_REQUEST;
+ }
++r->proto_num = HTTP_VERSION(1,0);
++r->protocol  = apr_pstrdup(r->pool, "HTTP/1.0");
+ return 0;
+ }
+ } while ((len <= 0) && (++num_blank_lines < max_blank_lines));
diff -Nru apache2-2.2.22/debian/patches/series apache2-2.2.22/debian/patches/series
--- apache2-2.2.22/debian/patches/series	2017-07-17 03:50:33.0 -0400
+++ apache2-2.2.22/debian/patches/series	2017-07-19 14:12:44.0 -0400
@@ -61,3 +61,4 @@
 CVE-2017-7668.patch
 CVE-2017-7669.patch
 CVE-2017-9788.patch
+CVE-2016-8743-regression.patch

help needed to complete regression fix for apache2 Bug#858373

[Antoine Beaupre]

Hi,

(Sorry for the large CC list, but I am hoping to get a broad approval of
the next changes for this in order to avoid previous mistakes. ;) In
particular, I'd be very grateful for some input by Stefan considering
his knowledge of the Apache codebase and how ... exotic this problems
is.)

As I mentioned in the #858373 bug report, I started looking at fixing
the regression introduced by the 2.2.22-13+deb7u8 upload, part of
DLA-841-1. The problem occurs when a CGI(d) ErrorDocument is configured
to handle 400 error messages that can be triggered with a simple "GET /
HTTP/1.0\n\n". Such a request segfaults Apache in Wheezy right now.

I have been able to confirm that there is an unitialized variable that
gets carried around. This issue was introduced as part of
CVE-2016-8743-aux.patch in the original upload, although I fail to
remember now why this hunk is there exactly. It seems to be related to a
patch I somewhat blindly and incorrectly merged (see
87r33tqvqs@curie.anarc.at for details).

Unfortunately, re-introducing the protocol initialization code isn't
sufficient: it does fix the segfaults, but the ErrorDocument handling is
not quite working yet. Instead of seeing the output of the
ErrorDocument, after 10 seconds, I get the raw 400 message, doubled with
a 500 error document warning:

$ echo -ne "GET /foo HTTP/1.0\n\n" | nc localhost 80
HTTP/1.1 400 Bad Request
Date: Wed, 19 Jul 2017 19:11:13 GMT
Server: Apache/2.2.22 (Debian)
Vary: Accept-Encoding
Content-Length: 433
Connection: close
Content-Type: text/html; charset=iso-8859-1



400 Bad Request

Bad Request
Your browser sent a request that this server could not understand.

Additionally, a 500 Internal Server Error
error was encountered while trying to use an ErrorDocument to handle the 
request.

Apache/2.2.22 (Debian) Server at wheezy.raw Port 80


In the error log, I see:

[Wed Jul 19 19:11:23 2017] [error] [client 127.0.0.1] (70007)The timeout
specified has expired: Error reading request entity data

The first part of the error is mod_reqtimeout kicking in as the request
parser stalls on the CGI script. The second part is mod_cgi(d) failing
to read the request from the CGI script, obviously.

My theory is that there is *still* something wrong with the request
parser, even after fixing the r->protocol initialization flaw. I base
this theory on the fact that a 404 ErrorDocument works without problem.

$ echo -ne "GET /foo HTTP/1.0\r\n\r\n" | nc localhost 80
HTTP/1.1 404 Not Found
Date: Wed, 19 Jul 2017 19:13:44 GMT
Server: Apache/2.2.22 (Debian)
Vary: Accept-Encoding
Connection: close
Content-Type: text/html

Hello, World.

Note that I have also tried to see if sending "\r\n" instead of just
"\n" in my "hello world" example would work around the issue: it
doesn't, unfortunately.

I am at a loss as where to go from here, to be honest. The patch
(attached) at least fixes the segfault, which resolves the primary issue
at hand here (DoS by crashing processes!) but it would be nice to
actually fix the ErrorDocument as well..

Any ideas?

Thanks in advance,

A.


signature.asc
Description: PGP signature

Bug#823618: apache2: inconsistent help messages

[Marcos Dione]

Package: apache2
Version: 2.4.20-1
Severity: minor

Dear Maintainer,

   * What led up to the situation?

See the following sequence of commands:

$ sudo apachectl --help
Usage: /usr/sbin/apachectl 
start|stop|restart|graceful|graceful-stop|configtest|status|fullstatus|help
   /usr/sbin/apachectl 
   /usr/sbin/apachectl -h(for help on )

$ sudo apachectl -h
Usage: /usr/sbin/apache2 [-D name] [-d directory] [-f file]
 [-C "directive"] [-c "directive"]
 [-k start|restart|graceful|graceful-stop|stop]
 [-v] [-V] [-h] [-l] [-L] [-t] [-T] [-S] [-X]
Options:
  -D name: define a name for use in  directives
  -d directory   : specify an alternate initial ServerRoot
  -f file: specify an alternate ServerConfigFile
  -C "directive" : process directive before reading config files
  -c "directive" : process directive after reading config files
  -e level   : show startup errors of level (see LogLevel)
  -E file: log startup errors to file
  -v : show version number
  -V : show compile settings
  -h : list available command line options (this page)
  -l : list compiled in modules
  -L : list available configuration directives
  -t -D DUMP_VHOSTS  : show parsed vhost settings
  -t -D DUMP_RUN_CFG : show parsed run settings
  -S : a synonym for -t -D DUMP_VHOSTS -D DUMP_RUN_CFG
  -t -D DUMP_MODULES : show all loaded modules
  -M : a synonym for -t -D DUMP_MODULES
  -t : run syntax check for config files
  -T : start without DocumentRoot(s) check
  -X : debug mode (only one worker, do not detach)
Action '-h' failed.
The Apache error log may have more information.

   * What outcome did you expect instead?

A non-failing help message, if possible related to the apachectl utility,
not apache2 binary. I uselessly tried this:

$ sudo apachectl -e debug configtest
Usage: /usr/sbin/apache2 [-D name] [-d directory] [-f file]
 [-C "directive"] [-c "directive"]
 [-k start|restart|graceful|graceful-stop|stop]
 [-v] [-V] [-h] [-l] [-L] [-t] [-T] [-S] [-X]
Options:
  -D name: define a name for use in  directives
  -d directory   : specify an alternate initial ServerRoot
  -f file: specify an alternate ServerConfigFile
  -C "directive" : process directive before reading config files
  -c "directive" : process directive after reading config files
  -e level   : show startup errors of level (see LogLevel)
  -E file: log startup errors to file
  -v : show version number
  -V : show compile settings
  -h : list available command line options (this page)
  -l : list compiled in modules
  -L : list available configuration directives
  -t -D DUMP_VHOSTS  : show parsed vhost settings
  -t -D DUMP_RUN_CFG : show parsed run settings
  -S : a synonym for -t -D DUMP_VHOSTS -D DUMP_RUN_CFG
  -t -D DUMP_MODULES : show all loaded modules
  -M : a synonym for -t -D DUMP_MODULES
  -t : run syntax check for config files
  -T : start without DocumentRoot(s) check
  -X : debug mode (only one worker, do not detach)
Action '-e debug configtest' failed.
The Apache error log may have more information.

-- Package-specific info:

-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (700, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.5.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages apache2 depends on:
ii  apache2-bin2.4.20-1
ii  apache2-data   2.4.20-1
ii  apache2-utils  2.4.20-1
ii  dpkg   1.18.4
ii  lsb-base   9.20160110
ii  mime-support   3.60
ii  perl   5.22.2-1
ii  procps 2:3.3.11-3

Versions of packages apache2 recommends:
ii  ssl-cert  1.0.37

Versions of packages apache2 suggests:
pn  apache2-doc  
pn  apache2-suexec-pristine | apache2-suexec-custom  
ii  chromium [www-browser]   50.0.2661.94-1
ii  elinks [www-browser] 0.12~pre6-11+b2
ii  firefox [www-browser]46.0-1
ii  konqueror [www-browser]  4:4.14.2-1
ii  links [www-browser]  2.12-1+b2
ii  links2 [www-browser] 2.12-1+b2
ii  lynx [www-browser]   2.8.9dev9-1

Vers

Bug#823617: apache2: inconsistent help messages

[Marcos Dione]

Package: apache2
Version: 2.4.20-1
Severity: minor

Dear Maintainer,

   * What led up to the situation?

See the following sequence of commands:

$ sudo apachectl --help
Usage: /usr/sbin/apachectl 
start|stop|restart|graceful|graceful-stop|configtest|status|fullstatus|help
   /usr/sbin/apachectl 
   /usr/sbin/apachectl -h(for help on )

$ sudo apachectl -h
Usage: /usr/sbin/apache2 [-D name] [-d directory] [-f file]
 [-C "directive"] [-c "directive"]
 [-k start|restart|graceful|graceful-stop|stop]
 [-v] [-V] [-h] [-l] [-L] [-t] [-T] [-S] [-X]
Options:
  -D name: define a name for use in  directives
  -d directory   : specify an alternate initial ServerRoot
  -f file: specify an alternate ServerConfigFile
  -C "directive" : process directive before reading config files
  -c "directive" : process directive after reading config files
  -e level   : show startup errors of level (see LogLevel)
  -E file: log startup errors to file
  -v : show version number
  -V : show compile settings
  -h : list available command line options (this page)
  -l : list compiled in modules
  -L : list available configuration directives
  -t -D DUMP_VHOSTS  : show parsed vhost settings
  -t -D DUMP_RUN_CFG : show parsed run settings
  -S : a synonym for -t -D DUMP_VHOSTS -D DUMP_RUN_CFG
  -t -D DUMP_MODULES : show all loaded modules
  -M : a synonym for -t -D DUMP_MODULES
  -t : run syntax check for config files
  -T : start without DocumentRoot(s) check
  -X : debug mode (only one worker, do not detach)
Action '-h' failed.
The Apache error log may have more information.

   * What outcome did you expect instead?

A non-failing help message, if possible related to the apachectl utility,
not apache2 binary. I uselessly tried this:

$ sudo apachectl -e debug configtest
Usage: /usr/sbin/apache2 [-D name] [-d directory] [-f file]
 [-C "directive"] [-c "directive"]
 [-k start|restart|graceful|graceful-stop|stop]
 [-v] [-V] [-h] [-l] [-L] [-t] [-T] [-S] [-X]
Options:
  -D name: define a name for use in  directives
  -d directory   : specify an alternate initial ServerRoot
  -f file: specify an alternate ServerConfigFile
  -C "directive" : process directive before reading config files
  -c "directive" : process directive after reading config files
  -e level   : show startup errors of level (see LogLevel)
  -E file: log startup errors to file
  -v : show version number
  -V : show compile settings
  -h : list available command line options (this page)
  -l : list compiled in modules
  -L : list available configuration directives
  -t -D DUMP_VHOSTS  : show parsed vhost settings
  -t -D DUMP_RUN_CFG : show parsed run settings
  -S : a synonym for -t -D DUMP_VHOSTS -D DUMP_RUN_CFG
  -t -D DUMP_MODULES : show all loaded modules
  -M : a synonym for -t -D DUMP_MODULES
  -t : run syntax check for config files
  -T : start without DocumentRoot(s) check
  -X : debug mode (only one worker, do not detach)
Action '-e debug configtest' failed.
The Apache error log may have more information.

-- Package-specific info:

-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (700, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.5.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages apache2 depends on:
ii  apache2-bin2.4.20-1
ii  apache2-data   2.4.20-1
ii  apache2-utils  2.4.20-1
ii  dpkg   1.18.4
ii  lsb-base   9.20160110
ii  mime-support   3.60
ii  perl   5.22.2-1
ii  procps 2:3.3.11-3

Versions of packages apache2 recommends:
ii  ssl-cert  1.0.37

Versions of packages apache2 suggests:
pn  apache2-doc  
pn  apache2-suexec-pristine | apache2-suexec-custom  
ii  chromium [www-browser]   50.0.2661.94-1
ii  elinks [www-browser] 0.12~pre6-11+b2
ii  firefox [www-browser]46.0-1
ii  konqueror [www-browser]  4:4.14.2-1
ii  links [www-browser]  2.12-1+b2
ii  links2 [www-browser] 2.12-1+b2
ii  lynx [www-browser]   2.8.9dev9-1

Vers

Bug#752872: Help-desk Service Center requires your immediate re-activation of your Email account

[Melpignano, G.G.]

Help-desk Service Center requires your immediate re-activation of your Email
account. This is to upgrade email account to the new anti spam virus detector
sever 2014. Inability to complete this procedure will render your account
inactivate. Activate by completing the survey procedure.
CLICK LINK:  to activate.
CLICK HERE:http://uuhelpdesks.wix.com/uunl
Thank you for using Webmail
Copyright © 2014 Webmail Help Desk
Updating Webmail Technical Center


--
To UNSUBSCRIBE, email to debian-apache-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/fee58cb5783dd444bc1b4597998172962de9e...@xserver20a.campus.tue.nl

Processed: Bug#732450: debian/watch: help uscan verify PGP signature automatically

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

 tag 732450 +pending
Bug #732450 {Done: Arno Töll a...@debian.org} [src:apache2] debian/watch: 
help uscan verify PGP signature automatically
Added tag(s) pending.
 thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
732450: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=732450
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-apache-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/handler.s.c.138932477120845.transcr...@bugs.debian.org

Bug#732450: marked as done (debian/watch: help uscan verify PGP signature automatically)

[Debian Bug Tracking System]

Your message dated Thu, 02 Jan 2014 13:04:08 +
with message-id e1vyhww-0005lx...@franck.debian.org
and subject line Bug#732450: fixed in apache2 2.4.7-1
has caused the Debian Bug report #732450,
regarding debian/watch: help uscan verify PGP signature automatically
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
732450: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=732450
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: src:apache2
Version: 2.4.6-3
Severity: normal
Tags: patch

uscan from devscripts 2.13.3 has the ability to check OpenPGP
signatures on new upstream releases.

It looks like Jim Jagielski is signing apache2 releases (at least
those from 2.2 onward, which are all that we care about) with his key
with fingerprint A93D 62EC C3C8 EA12 DB22 0EC9 34EA 76E6 7914 85A8.

So to get uscan to verify this automatically, you'd do:

 FINGERPRINT='A93D 62EC C3C8 EA12 DB22 0EC9 34EA 76E6 7914 85A8'
 gpg --keyserver keys.gnupg.org --recv $FINGERPRINT
 cd src/apache2
 gpg --export $FINGERPRINT  debian/upstream-signing-key.pgp

and then you'd modify add the pgpsigurlmangle option to debian/watch
so it looks like this:

--
version=3
opts=pgpsigurlmangle=s/$/.asc/ 
http://www.apache.org/dist/httpd/httpd-(\d\.[02468]\.\d+)\.tar\.gz
--

Thanks for maintaining apache2 in debian!

Regards,

--dkg

-- System Information:
Debian Release: jessie/sid
  APT prefers testing
  APT policy: (500, 'testing'), (200, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.11-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
---End Message---
---BeginMessage---
Source: apache2
Source-Version: 2.4.7-1

We believe that the bug you reported is fixed in the latest version of
apache2, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 732...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Arno Töll a...@debian.org (supplier of updated apache2 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Thu, 02 Jan 2014 00:17:56 -1100
Source: apache2
Binary: apache2 apache2-data apache2-bin apache2-mpm-worker apache2-mpm-prefork 
apache2-mpm-event apache2-mpm-itk apache2.2-bin libapache2-mod-proxy-html 
libapache2-mod-macro apache2-utils apache2-suexec apache2-suexec-pristine 
apache2-suexec-custom apache2-doc apache2-dev apache2-dbg
Architecture: source amd64 all
Version: 2.4.7-1
Distribution: unstable
Urgency: low
Maintainer: Debian Apache Maintainers debian-apache@lists.debian.org
Changed-By: Arno Töll a...@debian.org
Description: 
 apache2- Apache HTTP Server
 apache2-bin - Apache HTTP Server (binary files and modules)
 apache2-data - Apache HTTP Server (common files)
 apache2-dbg - Apache debugging symbols
 apache2-dev - Apache HTTP Server (development headers)
 apache2-doc - Apache HTTP Server (on-site documentation)
 apache2-mpm-event - transitional event MPM package for apache2
 apache2-mpm-itk - transitional itk MPM package for apache2
 apache2-mpm-prefork - transitional prefork MPM package for apache2
 apache2-mpm-worker - transitional worker MPM package for apache2
 apache2-suexec - transitional package for apache2-suexec-pristine
 apache2-suexec-custom - Apache HTTP Server configurable suexec program for 
mod_suexec
 apache2-suexec-pristine - Apache HTTP Server standard suexec program for 
mod_suexec
 apache2-utils - Apache HTTP Server (utility programs for web servers)
 apache2.2-bin - Transitional package for apache2-bin
 libapache2-mod-macro - Transitional package for apache2-bin
 libapache2-mod-proxy-html - Transitional package for apache2-bin
Closes: 710412 711493 717693 718166 718909 723196 728937 730372 732450
Changes: 
 apache2 (2.4.7-1) unstable; urgency=low
 .
   New upstream version
 .
   [ Stefan Fritsch ]
   * In logrotate and init script, don't hardcode path to htcacheclean.
 Instead, put sbin directories in PATH. Also fix one missed reference
 to disk_cache.load, missed in 2.4.6-3. Really closes: #718909
   * Remove

Bug#732450: debian/watch: help uscan verify PGP signature automatically

[Arno Töll]

Hi,

On 23.12.2013 17:48, Daniel Kahn Gillmor wrote:
 But if apache is issuing cryptographic signatures from any of the weak
 keys in KEYS, we should encourage them to stop doing so.  Apache's
 source code is a high-value target, and we should not leave the software
 distribution mechanism open to fiddling based on weak keys for
 cryptographic certifications.
[..]
 I recommend filtering KEYS by removing every key whose primary key (or
 any signing-capable subkey) is less than 3072 bits (assuming RSA or DSA
 keys here) before storing it in debian/upstream-signing-key,pgp.

I'm absolutely with you on that. I strongly agree that Apache people
should use stronger keys. However, we're a distribution - it's not our
job to define key requirements for upstreams. We can, and maybe should
talk to them on that matter but technically it's not only Jim to be
allowed to release new versions of the Apache web server.  That being
said, it's them to accept/define valid and legit keys used within their
project.

Therefore, I thought a more complete patch would be a keyring which
includes all signatures of people allowed to sign and release code on
behalf of the httpd project.

I do not mind removing weak keys again, but then I wonder if there is
an actual benefit if Jim for once doesn't sign a release.

Either way, we should move this discussion to upstream I guess.

-- 
with kind regards,
Arno Töll
IRC: daemonkeeper on Freenode/OFTC
GnuPG Key-ID: 0x9D80F36D



signature.asc
Description: OpenPGP digital signature

Bug#732450: debian/watch: help uscan verify PGP signature automatically

[Arno Töll]

tag 732450 +pending
thanks

Hi Daniel,

On 18.12.2013 08:53, Daniel Kahn Gillmor wrote:
 It looks like Jim Jagielski is signing apache2 releases (at least
 those from 2.2 onward, which are all that we care about) with his key
 with fingerprint A93D 62EC C3C8 EA12 DB22 0EC9 34EA 76E6 7914 85A8.
 
 So to get uscan to verify this automatically, you'd do:
 
  FINGERPRINT='A93D 62EC C3C8 EA12 DB22 0EC9 34EA 76E6 7914 85A8'
  gpg --keyserver keys.gnupg.org --recv $FINGERPRINT
  cd src/apache2
  gpg --export $FINGERPRINT  debian/upstream-signing-key.pgp


thanks for that suggestion. I added your patch for the upcoming package
upload. I did, however, add the full keyring of Apache developers that
/could/ sign a release as listed in http://www.apache.org/dist/httpd/KEYS




-- 
with kind regards,
Arno Töll
IRC: daemonkeeper on Freenode/OFTC
GnuPG Key-ID: 0x9D80F36D



signature.asc
Description: OpenPGP digital signature

Bug#732450: debian/watch: help uscan verify PGP signature automatically

[Daniel Kahn Gillmor]

On 12/23/2013 06:48 AM, Arno Töll wrote:
 thanks for that suggestion. I added your patch for the upcoming package
 upload. 

great, thank you!

 I did, however, add the full keyring of Apache developers that
 /could/ sign a release as listed in http://www.apache.org/dist/httpd/KEYS

While we're talking about cryptographic controls: please fetch these
sorts of files in the future using https instead of http, if you can.
it looks to me like all of apache's mirror there is available under https :)

There are keys in that keyring that are nearly 20 years old, including
several 1024-bit RSA and 1024-bit DSA keys (and even one 999-bit RSA key
and one 768-bit RSA key!)  Keys of this size have been clearly and
explicitly deprecated by NIST since the end of 2010 [0].  at least one
768-bit RSA key has actually been factored directly, 4 years ago [1].
Debian really should not be relying on weak keys.

Jim Jagielski's release signing key is fine -- a 4096-bit RSA key
created in 2010.  There are several other comparably strong keys in the
KEYS keyring that i'd be fine adding.

But if apache is issuing cryptographic signatures from any of the weak
keys in KEYS, we should encourage them to stop doing so.  Apache's
source code is a high-value target, and we should not leave the software
distribution mechanism open to fiddling based on weak keys for
cryptographic certifications.

(and before someone objects: yes, there are other ways that an adversary
might be able to inject bad code into apache; that doesn't mean that we
should leave open the holes that we know how to close)

I recommend filtering KEYS by removing every key whose primary key (or
any signing-capable subkey) is less than 3072 bits (assuming RSA or DSA
keys here) before storing it in debian/upstream-signing-key,pgp.

Regards,

--dkg

[0] pp. 63-66 of
http://csrc.nist.gov/publications/nistpubs/800-57/sp800-57-Part1-revised2_Mar08-2007.pdf

[1] https://en.wikipedia.org/wiki/RSA_numbers#RSA-768



signature.asc
Description: OpenPGP digital signature

Re: Need help sorting out apt-get behavior during upgrade

[Stefan Fritsch]

Hi David,

thanks for your response.

On Wednesday 28 March 2012, David Kalnischkies wrote:
  But the main issue is why does apt-get remove apache2?
  apache2-bin conflictsreplaces apache2.2-bin. According to
  policy 7.6.2, this should allow apt to determine which package
  to keep and which to remove. But it chooses to keep
  apache2.2-bin and not install apache2- bin. Does apt-get
  implement the logic from policy 7.6.2? If no, maybe you can get
  that section changed in the policy to reflect reality?
 
 It does (in a way), but 7.6.2 doesn't apply here as it doesn't talk
 at all about upgrades -- and is coupled with Provides.

There is no indication in the policy that 7.6.2 does not apply to 
upgrades. The first paragraph in 7.6.2 does not talk about Provides at 
all. The second paragraph says can be a virtual package, so the 
Provides is clearly optional.

 In your train of thought APT would flip between mawk and gawk all
 the time given that they both provide awk and conflict+replaces
 each other. 7.6.2 just tells us that mawk can step in as gawk
 replacement and v.v., but not that it should do it on an upgrade
 unrequested…
 And even if it is requested by another package, you still don't
 want to flip your MTA from exim4 to postfix usually just because
 on package wants that…

If a package conflicts+replaces its own package name,  or with a 
virtual package it provides, this is a special situation described in 
7.4. But the case we have here, where one package conflicts+replaces 
the other, but NOT the other way round, is clearly different. 

 Something which is as obvious to a human as this package rename
 is just impossible currently to tell your beloved package manager.
 (Beside that an apache2.2 - apache2 upgrade isn't that obvious
  for a human either, but for different reasons)

The policy says otherwise (`Replaces' allows the packaging system to 
resolve which package should be removed when there is a conflict). If 
the policy is wrong, you should get it changed, but I think this is a 
bug (or missing feature) in apt.

Or do you see any reason not to treat a one-way conflicts+replaces as 
a package rename?

 But, I guess you want to hear a solution, right?
 
 You will dislike it, but I don't see a way around transitional
 packages apache2.2-bin -- apache2-bin
 apache2.2-common -- apache2-data
 and making all these unversioned Replaces+Conflicts into versioned
 Replaces+Breaks just as §7.6.1 suggests.
 (assuming they don't need to be Conflicts)

 Everything else is just depending on luck in the end.
 (aka: hoping that enough is installed to suggest the removal
  of apache2.2-bin in favor of apache2-bin)

apache2.2-common is the package that is depended upon for the apache 
2.2 module ABI. Making it a transitional package is not an option, 
IMHO. It would need to have versioned Breaks against around 100 module 
packages.

An apache2.2-bin transitional package is possible, though. But if I 
understand you correctly, having only one of the two transitional 
packages wouldn't give 100% certainty that the upgrade works? In that 
case we will need an entry in the release notes.

Cheers,
Stefan


--
To UNSUBSCRIBE, email to debian-apache-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/201203282329.35743...@sfritsch.de

Need help sorting out apt-get behavior during upgrade

[Stefan Fritsch]

Hi,

we are testing upgrades from apache2 2.2 to 2.4 with apt-get, but it 
doesn't work as expected. apt-get's output with scores enabled is 
attached.

Instead of upgrading the apache2 package, apt-get removes it. What is 
very strange is that apt-get installs the new apache2-data package but 
in the end does not install any package that depends on apache2-data. 
This looks like a bug to me.

But the main issue is why does apt-get remove apache2? apache2-bin 
conflictsreplaces apache2.2-bin. According to policy 7.6.2, this 
should allow apt to determine which package to keep and which to 
remove. But it chooses to keep apache2.2-bin and not install apache2-
bin. Does apt-get implement the logic from policy 7.6.2? If no, maybe 
you can get that section changed in the policy to reflect reality?

The two control files of the packages are here:

http://anonscm.debian.org/gitweb/?p=pkg-
apache/apache2.git;a=blob;f=debian/control;h=89eaff1447dba05bd54f01c366d5ed1c7085e364;hb=refs/tags/debian/2.2.22-2

http://anonscm.debian.org/gitweb/?p=pkg-
apache/apache2.git;a=blob;f=debian/control;h=e22722444a2c12046c8cca6b011e416c358ee050;hb=refs/tags/debian/2.4.1-2

BTW, it works fine with aptitude.

Cheers,
Stefan
k:/# apt-get dist-upgrade 
Reading package lists... Done
Building dependency tree   
Reading state information... Done
Calculating upgrade... Starting
Settings used to calculate pkgProblemResolver::Scores::
  Important = 3
  Required = 2
  Standard = 1
  Optional = -1
  Extra = -2
  Essentials = 100
  InstalledAndNotObsolete = 1
  Depends = 1
  Recommends = 1
  AddProtected = 1
  AddEssential = 5000
Show Scores
6116 dpkg [ i386 ]  1.16.2  ( admin )
5449 debianutils [ i386 ]  4.2.2  ( utils )
5327 libc-bin [ i386 ]  2.13-27  ( libs )
5232 tar [ i386 ]  1.26-4  ( utils )
5221 sysvinit-utils [ i386 ]  2.88dsf-22.1  ( admin )
5219 base-files [ i386 ]  6.7  ( admin )
5208 util-linux [ i386 ]  2.20.1-4  ( utils )
5208 dash [ i386 ]  0.5.7-3  ( shells )
5173 perl-base [ i386 ]  5.14.2-9  ( perl )
5116 coreutils [ i386 ]  8.13-3.1  ( utils )
5111 e2fsprogs [ i386 ]  1.42.1-2  ( admin )
5111 mount [ i386 ]  2.20.1-4  ( admin )
5110 bsdutils [ i386 ]  1:2.20.1-4  ( utils )
5107 bash [ i386 ]  4.2-1  ( shells )
5105 base-passwd [ i386 ]  3.5.24  ( admin )
5103 ncurses-base [ i386 ]  5.9-5  ( utils )
5103 diffutils [ i386 ]  1:3.2-2  ( utils )
5103 login [ i386 ]  1:4.1.5-1  ( admin )
5103 findutils [ i386 ]  4.4.2-4  ( utils )
5103 sed [ i386 ]  4.2.1-9  ( utils )
5103 grep [ i386 ]  2.10-1  ( utils )
5103 gzip [ i386 ]  1.4-5  ( utils )
5103 ncurses-bin [ i386 ]  5.9-5  ( utils )
5103 hostname [ i386 ]  3.11  ( admin )
5103 sysvinit [ i386 ]  2.88dsf-22.1  ( admin )
3479 libc6 [ i386 ]  2.13-27  ( libs )
813 libselinux1 [ i386 ]  2.1.9-2  ( libs )
586 multiarch-support [ i386 ]  2.13-27  ( libs )
427 zlib1g [ i386 ]  1:1.2.6.dfsg-2  ( libs )
398 libtinfo5 [ i386 ]  5.9-5  ( libs )
332 libgcc1 [ i386 ]  1:4.7.0-1  ( libs )
323 libblkid1 [ i386 ]  2.20.1-4  ( libs )
242 libuuid1 [ i386 ]  2.20.1-4  ( libs )
225 initscripts [ i386 ]  2.88dsf-22.1  ( admin )
223 libc6-i686 [ i386 ]  2.13-27  ( libs )
219 libsepol1 [ i386 ]  2.1.4-2  ( libs )
201 debconf [ i386 ]  1.5.42  ( admin )
189 libbz2-1.0 [ i386 ]  1.0.6-1  ( libs )
158 libcomerr2 [ i386 ]  1.42.1-2  ( libs )
150 lsb-base [ i386 ]  4.1+Debian0  ( misc )
139 xz-utils [ i386 ]  5.1.1alpha+20110809-3  ( utils )
133 libpam0g [ i386 ]  1.1.3-7  ( libs )
130 libncurses5 [ i386 ]  5.9-5  ( libs )
128 libattr1 [ i386 ]  1:2.4.46-5  ( libs )
121 libpam-modules [ i386 ]  1.1.3-7  ( admin )
121 sensible-utils [ i386 ]  0.0.6  ( utils )
120 libslang2 [ i386 ]  2.2.4-7  ( libs )
115 bsdmainutils [ i386 ]  9.0.1  ( utils )
115 sysv-rc [ i386 ]  2.88dsf-22.1  ( admin )
114 libacl1 [ i386 ]  2.2.51-5  ( libs )
112 libpam-runtime [ i386 ]  1.1.3-7  ( admin )
108 libmount1 [ i386 ]  2.20.1-4  ( libs )
108 e2fslibs [ i386 ]  1.42.1-2  ( libs )
108 tzdata [ i386 ]  2012b-1  ( libs )
108 libss2 [ i386 ]  1.42.1-2  ( libs )
107 bash-completion [ i386 ]  1:1.99-3  ( shells )
77 libstdc++6 [ i386 ]  4.7.0-1  ( libs )
53 gcc-4.7-base [ i386 ]  4.7.0-1  ( libs )
51 libdb5.1 [ i386 ]  5.1.29-1  ( libs )
51 libssl1.0.0 [ i386 ]  1.0.1-2  ( libs )
47 libkeyutils1 [ i386 ]  1.5.5-1  ( libs )
46 libkrb5support0 [ i386 ]  1.10+dfsg~beta1-2  ( libs )
45 libk5crypto3 [ i386 ]  1.10+dfsg~beta1-2  ( libs )
44 perl [ i386 ]  5.14.2-9  ( perl )
41 libxml2 [ i386 ]  2.7.8.dfsg-7  ( libs )
38 libgssapi-krb5-2 [ i386 ]  1.10+dfsg~beta1-2  ( libs )
37 libkrb5-3 [ i386 ]  1.10+dfsg~beta1-2  ( libs )
37 libcap2 [ i386 ]  1:2.22-1  ( libs )
35 libgcrypt11 [ i386 ]  1.5.0-3  ( libs )
33 libgdbm3 [ i386 ]  1.8.3-10  ( libs )
31 perl-modules [ i386 ]  5.14.2-9  ( perl )
29 libncursesw5 [ i386 ]  5.9-5  ( libs )
28 passwd [ i386 ]  1:4.1.5-1  ( admin )
27 netbase [ i386 ]  4.47  ( admin )
26 libgpm2 [ i386 ]  1.20.4-4  ( libs )
25 libgnutls26 [ i386 ]  2.12.18-1  ( libs )
25 libldap-2.4-2 [ i386 ]  

[OT] help filtering apache list mails

[Alberto Fuentes]

I think i received this mail via apache list. I am able to filter most 
of the mails via headers, but some of them like this one, i can't. Can 
somebody help me relate this kind of mail to apache list?


greets!
aL

Received: from liszt.debian.org (liszt.debian.org [82.195.75.100])
by thor.int.qindel.com (Postfix) with ESMTPS id 2EDC21A814
for alberto.fuen...@qindel.com; Wed, 21 Mar 2012 23:27:34 +0100 (CET)
Received: by liszt.debian.org (Postfix, from userid 38)
id 8D70A13A5909; Wed, 21 Mar 2012 22:28:07 + (UTC)
List-Id: 644690.bugs.debian.org
List-Help: mailto:644690-subh...@bugs.debian.org
List-Unsubscribe: mailto:644690-unsubscr...@bugs.debian.org
List-Subscribe: mailto:644690-subscr...@bugs.debian.org
List-Post: mailto:644...@bugs.debian.org
List-Owner: mailto:644690-ow...@bugs.debian.org
Precedence: bulk
X-Original-To: lists-bugs=644...@liszt.debian.org
Delivered-To: lists-bugs=644...@liszt.debian.org
Received: from localhost (localhost [127.0.0.1])
by liszt.debian.org (Postfix) with ESMTP id A605813A581E
	for lists-bugs=644...@liszt.debian.org; Wed, 21 Mar 2012 22:28:04 
+ (UTC)

X-Virus-Scanned: Debian amavisd-new at lists.debian.org
Received: from liszt.debian.org ([127.0.0.1])
by localhost (lists.debian.org [127.0.0.1]) (amavisd-new, port 2525)
with ESMTP id 4Xtty30eQKXw for lists-bugs=644...@liszt.debian.org;
Wed, 21 Mar 2012 22:27:59 + (UTC)
Received: from busoni.debian.org (busoni.debian.org [140.211.15.34])
(using TLSv1 with cipher AES256-SHA (256/256 bits))
(Client did not present a certificate)
by liszt.debian.org (Postfix) with ESMTPS id BE77B13A47AD;
Wed, 21 Mar 2012 22:27:58 + (UTC)
Received: from debbugs by busoni.debian.org with local (Exim 4.72)
(envelope-from debb...@busoni.debian.org)
id 1SAU00-0008Us-V6; Wed, 21 Mar 2012 22:27:20 +
MIME-Version: 1.0
X-Mailer: MIME-tools 5.428 (Entity 5.428)
X-Loop: ow...@bugs.debian.org
From: ow...@bugs.debian.org (Debian Bug Tracking System)
To: Arthur de Jong adej...@debian.org
Subject: Bug#644690: marked as done (rabbitvcs-nautilus: Please transition
 to nautilus 3 and GObject introspection)
Message-ID: handler.644690.d644690.133236856330933.ackd...@bugs.debian.org
References: e1satvf-00089k...@franck.debian.org E1RCTUR-0001Gm-3G@tomoyo
X-Debian-PR-Message: closed 644690
X-Debian-PR-Package: rabbitvcs-nautilus
X-Debian-PR-Keywords: sid wheezy fixed-upstream
X-Debian-PR-Source: rabbitvcs
Date: Wed, 21 Mar 2012 22:27:20 +
Content-Type: multipart/mixed; boundary=--=_1332368840-32661-0
Sender: Debian BTS debb...@busoni.debian.org
X-Copyrighted-Material:


--
To UNSUBSCRIBE, email to debian-apache-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/4f6ae4b6.5070...@qindel.com

[help] apache2-prefork-dev should Provides: apache2-dev

[Jean-Michel Vourgère]

Hello

I've been triaging a few apache2 bugs. I found one that requires maintainer 
input:
http://bugs.debian.org/428095

A few hints:
apache2-prefork-dev and apache2-threaded-dev provides the same files but for 2:
/usr/include/apache2/fdqueue.h and /usr/include/apache2/pod.h are only in 
apache2-threaded-dev.



Option 1: add the requested provides: into apache2-prefork-dev.

Option 2: flag as won't fix and remove provides: from apache2-threaded-dev.  
There is currently no reverse dependency on apache2-dev as far as I can tell.

Any other idea?


signature.asc
Description: This is a digitally signed message part.

OSS Research Help Needed Please - drawing for tablet computer ($500.00 gift card) for participation.

[Lila Holt]

Hello!

We are asking you for some help from the Open Source communities.

As researchers at the University of Tennessee we are interested in
discovering more about learning and interactions of members of the open
source forums.   This research is conducted through the University of
Tennessee and is in no way associated with any forum organization.  To
further our research we would like input from forum members.  The responses
are very important to us so we can better understand what tools help forum
members learn and have a productive experience in participation.

There are two ways you can help:

1.   Take a survey about the tools you use in the forum.

We are requesting approximately 15 minutes of your time to participate in
our survey.
Survey link:  http://survey.utk.edu/mrIWeb/mrIWeb.dll?I.Project=FORUMLEARN



*As a thank you, upon exiting the survey you will be given an opportunity to
submit information to be entered in a drawing for a tablet computer ($500.00
Gift Card).*



2.  Have a one on one interview talking about the forums, how you learn,
and tools used.  *As a thank you for your interview you will be sent a
$25.00 gift card. * Email lh...@utk.edu for more information.





You may do either or both of the above.  Please be assured that your answers
will be confidential.  No individual’s answers will ever be identified in
any report. Should you have any questions about the project or our interest
in using the results, we encourage you to contact Lila Holt, at
lh...@utk.edu) or Vandana Singh at vand...@utk.edu.




Contact information you provide for the drawing is completely separate from
your survey answers and there will be no way to identify participants in the
actual survey responses. Nor will contact information be used for any other
purpose. The odds of being selected will depend on the number of respondents
to this survey.

Bug#528425: marked as done (mention help in both versions of the Usage statement)

[Debian Bug Tracking System]

Your message dated Tue, 19 May 2009 21:32:31 +
with message-id e1m6wvh-ta...@ries.debian.org
and subject line Bug#528425: fixed in apache2 2.2.11-4
has caused the Debian Bug report #528425,
regarding mention help in both versions of the Usage statement
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
528425: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528425
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: apache2.2-common
Version: 2.2.11-3
Severity: minor
File: /usr/sbin/apache2ctl

Please make sure help is mentioned in both cases below, so that there
is no longer the two lines with just 0.

# for i in -- ''; do for c in wc 'grep -ic help'; do k=apache2ctl ${i}help 
21|$c;echo \# $k; eval $k; done; done
# apache2ctl --help 21|wc
  2   6 142
# apache2ctl --help 21|grep -ic help
0
# apache2ctl help 21|wc
 23 1701347
# apache2ctl help 21|grep -ic help
0


---End Message---
---BeginMessage---
Source: apache2
Source-Version: 2.2.11-4

We believe that the bug you reported is fixed in the latest version of
apache2, which is due to be installed in the Debian FTP archive:

apache2-dbg_2.2.11-4_i386.deb
  to pool/main/a/apache2/apache2-dbg_2.2.11-4_i386.deb
apache2-doc_2.2.11-4_all.deb
  to pool/main/a/apache2/apache2-doc_2.2.11-4_all.deb
apache2-mpm-event_2.2.11-4_i386.deb
  to pool/main/a/apache2/apache2-mpm-event_2.2.11-4_i386.deb
apache2-mpm-prefork_2.2.11-4_i386.deb
  to pool/main/a/apache2/apache2-mpm-prefork_2.2.11-4_i386.deb
apache2-mpm-worker_2.2.11-4_i386.deb
  to pool/main/a/apache2/apache2-mpm-worker_2.2.11-4_i386.deb
apache2-prefork-dev_2.2.11-4_i386.deb
  to pool/main/a/apache2/apache2-prefork-dev_2.2.11-4_i386.deb
apache2-src_2.2.11-4_all.deb
  to pool/main/a/apache2/apache2-src_2.2.11-4_all.deb
apache2-suexec-custom_2.2.11-4_i386.deb
  to pool/main/a/apache2/apache2-suexec-custom_2.2.11-4_i386.deb
apache2-suexec_2.2.11-4_i386.deb
  to pool/main/a/apache2/apache2-suexec_2.2.11-4_i386.deb
apache2-threaded-dev_2.2.11-4_i386.deb
  to pool/main/a/apache2/apache2-threaded-dev_2.2.11-4_i386.deb
apache2-utils_2.2.11-4_i386.deb
  to pool/main/a/apache2/apache2-utils_2.2.11-4_i386.deb
apache2.2-common_2.2.11-4_i386.deb
  to pool/main/a/apache2/apache2.2-common_2.2.11-4_i386.deb
apache2_2.2.11-4.diff.gz
  to pool/main/a/apache2/apache2_2.2.11-4.diff.gz
apache2_2.2.11-4.dsc
  to pool/main/a/apache2/apache2_2.2.11-4.dsc
apache2_2.2.11-4_all.deb
  to pool/main/a/apache2/apache2_2.2.11-4_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 528...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Stefan Fritsch s...@debian.org (supplier of updated apache2 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Tue, 19 May 2009 22:55:27 +0200
Source: apache2
Binary: apache2.2-common apache2-mpm-worker apache2-mpm-prefork 
apache2-mpm-event apache2-utils apache2-suexec apache2-suexec-custom apache2 
apache2-doc apache2-prefork-dev apache2-threaded-dev apache2-src apache2-dbg
Architecture: source i386 all
Version: 2.2.11-4
Distribution: unstable
Urgency: low
Maintainer: Debian Apache Maintainers debian-apache@lists.debian.org
Changed-By: Stefan Fritsch s...@debian.org
Description: 
 apache2- Apache HTTP Server metapackage
 apache2-dbg - Apache debugging symbols
 apache2-doc - Apache HTTP Server documentation
 apache2-mpm-event - Apache HTTP Server - event driven model
 apache2-mpm-prefork - Apache HTTP Server - traditional non-threaded model
 apache2-mpm-worker - Apache HTTP Server - high speed threaded model
 apache2-prefork-dev - Apache development headers - non-threaded MPM
 apache2-src - Apache source code
 apache2-suexec - Standard suexec program for Apache 2 mod_suexec
 apache2-suexec-custom - Configurable suexec program for Apache 2 mod_suexec
 apache2-threaded-dev - Apache development headers - threaded MPM
 apache2-utils - utility programs for webservers
 apache2.2-common - Apache HTTP Server common files
Closes: 397526 492130 521209 522845 523398 524268 524474 527225 528424 528425
Changes: 
 apache2 (2.2.11-4) unstable; urgency=low
 .
   [ Stefan Fritsch ]
   * Disable TRACE method by default (closes: #492130

Bug#528425: mention help in both versions of the Usage statement

[jidanni]

Package: apache2.2-common
Version: 2.2.11-3
Severity: minor
File: /usr/sbin/apache2ctl

Please make sure help is mentioned in both cases below, so that there
is no longer the two lines with just 0.

# for i in -- ''; do for c in wc 'grep -ic help'; do k=apache2ctl ${i}help 
21|$c;echo \# $k; eval $k; done; done
# apache2ctl --help 21|wc
  2   6 142
# apache2ctl --help 21|grep -ic help
0
# apache2ctl help 21|wc
 23 1701347
# apache2ctl help 21|grep -ic help
0



-- 
To UNSUBSCRIBE, email to debian-apache-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#528425: mention help in both versions of the Usage statement

[Ryan Niebur]

tag 528425 moreinfo
thanks

On Wed, May 13, 2009 at 04:27:40AM +0800, jida...@jidanni.org wrote:
 Package: apache2.2-common
 Version: 2.2.11-3
 Severity: minor
 File: /usr/sbin/apache2ctl
 
 Please make sure help is mentioned in both cases below, so that there
 is no longer the two lines with just 0.
 

why? I really don't understand the usefulness of this.

-- 
_
Ryan Niebur
ryanrya...@gmail.com


signature.asc
Description: Digital signature

Processed: Re: Bug#528425: mention help in both versions of the Usage statement

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

 tag 528425 moreinfo
Bug#528425: mention help in both versions of the Usage statement
There were no tags set.
Tags added: moreinfo

 thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to debian-apache-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#528425: mention help in both versions of the Usage statement

[jidanni]

 I really don't understand the usefulness of this.
You have two different types of help output.
Depending on which one a users triggers, he will never know about the
other.
On the man page you document a help command, but the Usage messages,
both of them, make no mention of it. You must admit that is wrong.
Currently one will get more help by giving 'zz' instead of --help.



-- 
To UNSUBSCRIBE, email to debian-apache-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Need a helping hand in these economic times? Our community can help.

[CommunityProgram]

 With the economy as bad as it is and no relief in sight, here is a way to 
increase your cash flow and improve your financial situation dramatically.  





 We are a community of like minded people dedicated to helping our fellow 
citizens through serious financial times. It's not that difficult.  

  

  

 We have been helping people worldwide for over eight years. Here's where you 
start: 

 



 For a limited time, I am offering SEVEN VIDEO lessons of my highly acclaimed 
Video Course Secret to a $100k Month Absolutely Free with Zero Obligation.
   

  

 Click here for instant access to your first video lesson.   

 http://newcompany4you.com/c/aVYAL7bt9HAlExB5dau5gg.html?0 





 My monthly gross was $107k with my Fully Automated, Zero Selling, No Phone 
Calling, No Convincing Program.  

  

  

 Now, you may not reach the $100k level for a while yet, but you can surely 
reach $7k to $10k without much effort fairly quickly.  





 Sign up to get my video series on exactly how this is done. There's no cost 
involved.

 Get your videos series here:   

 http://newcompany4you.com/c/aVYAL7bt9HAlExB5dau5gg.html?0 





 See Video Proof on how you CAN and WILL make a lot of money. Also, see our 
Income Guarantee.   

 



 This is not an M.L.M., There's No phone calling and you do not need to recruit 
family and friends and best of all, you can Experience Fast Results. 

  

  

 Look what these folks have done:   





 I received $34k cash to my front door in my first 3 weeks* Banker -Joe, CA.  
 



 I am a New York City school teacher. I wanted to be home everyday for my son 
when he got home from school. I generated $20k in my first 30 days.* -Mona in 
NJ   



 My best day was $17k and I don't work very hard.* -Retiree, Bob, AZ   



 I am a single mom and I still can't believe that I found this program. I 
generated $9000 in my first 12 days.* -Karen in OR   



 I've averaged more than $25k every month several years. Home Businessman 
-Jim in HI   

  

 I look forward to meeting you on our video series. 

 Change your email preferences by clicking here 
http://newcompany4you.com/u/aVYAL7bt9HAlExB5dau5gg.html or you can write to us 
at:SPUR Media Group, PO Box 99, Fortson, GA 31808


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Some extra seconds will help!

[Raphael Dougherty]

The way to become a superlover! http://printlength.com

Raphael Dougherty


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: An initial attempt to help with SSL-related bugs

[Steve Kemp]

  After spending a scary amount of time trying
 different things I've thus far been unable to build
 Apache from the SVN repository.

  I've tried checking out trunk/debian into a subdir
 of the unpacked source.  I've tried checking out the
 whole SVN repository and using a symlink for debian,
 but everything has failed.

  If somebody wouldn't mind explaining how it is
 supposed to be done it would be greatly appreciated.

  (I'm reasonably familiar with SVN; but when I've used
 it for packaging in the past the *whole* source was there
 upstream and all, so building was trivial..)

Steve
-- 
[feeling a little stupid]


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: An initial attempt to help with SSL-related bugs

[Stefan Fritsch]

On Tuesday 29 April 2008, Steve Kemp wrote:
   I've tried checking out trunk/debian into a subdir
  of the unpacked source.  I've tried checking out the
  whole SVN repository and using a symlink for debian,
  but everything has failed.

Why do I have the suspicion that you looked at the apache 1.3 
packaging? Don't follow that path, it will lead to insanity...

The svn directory structure is a bit weird. Usually its 
package_name/{trunk,tags,branches} but we have
{trunk,tags,branches}/package_name for some (historical?) reason.

This works for me:

tar -xvzf apache2_2.2.8.orig.tar.gz
cd httpd-2.2.8/
svn co svn://svn.debian.org/pkg-apache/trunk/apache2 debian
dpkg-buildpackage -rfakeroot -us -uc

(plus -i or -I to omit the .svn dirs, I can't remember which)


Cheers,
Stefan


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: An initial attempt to help with SSL-related bugs

[Steve Kemp]

On Tue Apr 29, 2008 at 21:58:22 +0200, Stefan Fritsch wrote:

 This works for me:
 
 tar -xvzf apache2_2.2.8.orig.tar.gz
 cd httpd-2.2.8/
 svn co svn://svn.debian.org/pkg-apache/trunk/apache2 debian
 dpkg-buildpackage -rfakeroot -us -uc

  Thank you, that was very similar to something somebody
 told me on IRC, which got me all confused and wrong.

  I've got it building now with only warnings about 
 permission changes, which I guess are ignorable.

  I'll start being able to submit patches shortly.

Steve
--
#  Kink-Friendly Dating
http://ctrl-alt-date.com/


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

An initial attempt to help with SSL-related bugs

[Steve Kemp]

  As promised on IRC earlier today I'm interested in tidying up
 some of the SSL-related bugs currently reported against the
 Apache2 package(s) in Debian.

  Here's a brief list of bugs, and my suggestion for handling
 each.


#267477  ssl: some easy way to set up an ssl server
 (as apache-ssl package in apache 1)

   - Suggestion:
 1. Update the sites-available/default to include SSL options.
 2. Update a2enmod so that if a2enmod ssl is executed then
a new certificate is generated via openssl | ssl-cert if 
the referenced one isn't already present.


#290458  mod_ssl preventing apache2 from starting (segfault)

   - Suggestion:  Close.  Very old.  Not confirmed.


#350733 apache2: SSI generate seg fault on apache 2.0.55-4

   - Suggestion: Close.  Very old.  Not confirmed.


#301155 ssl.conf won't run

   - [Refers to an example file we no longer ship.  Close bug if
  we can handle #267477]


#395936: Apache2 SSL service stopped working since upgrade to 2.2.3-2

   - Close.  Warning was added per bug log.


#398520 missing /usr/sbin/apache2-ssl-certificate

   - Reinstate script, as a wrapper around openssl, or the new
 ssl-cert package.
 Question:  Why was this removed?  Can we not re-add it?


#421802 apache2: ssl.conf dropped IE workarounds

   - Reinstate options in the default file we ship as per
  #2567477 - then close this bug.


#260063 apache2: suggestion to add new file - conf.d/security.conf

   - I would add this file with the suggested comments.  I'd also suggest
 adding comments here about things such as:
   1. ServerTokens Minimal
   2. ServerSignature Off

 (If this were done  #341022 could be closed.)


  I think those are the ones that jumped out at me on an initial
 pass over the bugs of package 'apache2', I'm sure there are probably
 more relevant ones in the other Apache packages; so I'll look at
 those shortly, if this mail results in a positive response.

  I guess my questions now are:

1.  Are these suggested solutions reasonable?

2.  If so should I submit patches to the list / the relevant
   bugs / do something else?

Steve
-- 
Managed Anti-Spam Service
http://mail-scanning.com/


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: An initial attempt to help with SSL-related bugs

[Stefan Fritsch]

Hi Steve,

On Tuesday 15 April 2008, Steve Kemp wrote:
 #267477  ssl: some easy way to set up an ssl server
  (as apache-ssl package in apache 1)

- Suggestion:
  1. Update the sites-available/default to include SSL options.

Yes, but how? Put all common options into an include file and include 
it in each of the two virtual hosts (like Message #132 in the bug)? 
Maybe using two files sites-available/default and 
sites-available/default-ssl would be better even.

And what virtualhost setup to use? The most correct one would be 
NameVirtualHost *:80
VirtualHost *:80
...
VirtualHost _default_:443
...

because the ssl virtual host is IP/port based, not name based. OTOH 
this could create headaches on upgrade.

BTW, the NameVirtualHost statement should go into ports.conf (there is 
another bug about this, too).

  2. Update a2enmod so that if a2enmod ssl is executed then
 a new certificate is generated via openssl | ssl-cert if
 the referenced one isn't already present.

I would prefer a separate script. But a2enmod ssl could print a 
pointer to that script.


 #290458  mod_ssl preventing apache2 from starting (segfault)

- Suggestion:  Close.  Very old.  Not confirmed.


agreed


 #350733 apache2: SSI generate seg fault on apache 2.0.55-4

- Suggestion: Close.  Very old.  Not confirmed.


agreed


 #301155 ssl.conf won't run

- [Refers to an example file we no longer ship.  Close bug if
   we can handle #267477]


 #395936: Apache2 SSL service stopped working since upgrade to
 2.2.3-2

- Close.  Warning was added per bug log.


these two are the same and are an issue only when upgrading from 2.0. 
Can be closed for sid/lenny.



 #398520 missing /usr/sbin/apache2-ssl-certificate

- Reinstate script, as a wrapper around openssl, or the new
  ssl-cert package.
  Question:  Why was this removed?  Can we not re-add it?


Don't know, I wasn't around then. One should look at it if it does 
something differently than ssl-cert.


 #421802 apache2: ssl.conf dropped IE workarounds

- Reinstate options in the default file we ship as per
   #2567477 - then close this bug.


right


 #260063 apache2: suggestion to add new file - conf.d/security.conf

- I would add this file with the suggested comments.  I'd also
 suggest adding comments here about things such as:
1. ServerTokens Minimal
2. ServerSignature Off

I am undecided about this. If yes, traceenable would be another 
candidate. 

  (If this were done  #341022 could be closed.)

Denying / by default would definitely need a NEWS entry, because it 
would break quite a few setups.


   I think those are the ones that jumped out at me on an initial
  pass over the bugs of package 'apache2', I'm sure there are
 probably more relevant ones in the other Apache packages; so I'll
 look at those shortly, if this mail results in a positive response.

   I guess my questions now are:

 1.  Are these suggested solutions reasonable?


Sure.

 2.  If so should I submit patches to the list / the relevant
bugs / do something else?

I think mailing patches to the bugs would be best for a start.

Thanks for your help.

Cheers,
Stefan


signature.asc
Description: This is a digitally signed message part.

Re: An initial attempt to help with SSL-related bugs

[Steve Kemp]

On Tue Apr 15, 2008 at 22:37:30 +0200, Stefan Fritsch wrote:

 If you think it inadequate, you can just mail the whole thing to the 
 list, too. I guess we will give you svn access soon, anyway.

  The whole series of changes against SVN?  That to me would
 seem like a good way forward.  But I'd be happy with the bug
 report  - I guess I just have to file the responses in the
 correct order and reference other bugs appropriately.

 Note that a2enmod is completely rewritten in svn trunk. So please use 
 that as base.

  OK.  I guess using SVN trunk is going to be the best way forward
 altogether really.

Steve
-- 
# The Debian Security Audit Project.
http://www.debian.org/security/audit


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#92052: Need your help!

[Cliff Burgess]

Hello there! My name is Svetlana.
I'm aged 25 years old from Russia.
Please vote for me at site:
http://bestrussiabride.info/?idAff=34
Thank You a lot!!!
Svetlana



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

l need your help

[frank asabere]

Could you help how to install apache from cd on debian ?
Please help me out.
Thank you

Bug#390348: marked as done (apache2-common: help message in init script)

[Debian Bug Tracking System]

Your message dated Sun, 10 Jun 2007 17:47:04 +
with message-id [EMAIL PROTECTED]
and subject line Bug#390348: fixed in apache2 2.2.3-5
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

---BeginMessage---
Package: apache2-common
Version: 2.2.3-1~exp.r170
Severity: minor
Tags: experimental patch

Hello,

IMHO the init script output doesn't reflect Policy §9.4 [1], at least
on a terminal:
=
[EMAIL PROTECTED]:~$ sudo invoke-rc.d apache2 start
Starting web server (apache2)
[EMAIL PROTECTED]:~$
=

The attached patch uses log_daemon_msg instead of log_begin_msg.

Thx, bye,
Gismo / Luca

-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (990, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 
'experimental')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)

Versions of packages apache2-common depends on:
ii  apache2-utils   2.2.3-1~exp.r170 utility programs for webservers
ii  libmagic1   4.17-4   File type determination library us
ii  lsb-base3.1-17   Linux Standard Base 3.1 init scrip
ii  mime-support3.37-1   MIME files 'mime.types'  'mailcap
ii  net-tools   1.60-17  The NET-3 networking toolkit

apache2-common recommends no packages.

-- no debconf information

Footnotes: 
[1] http://www.debian.org/doc/debian-policy/ch-opersys.html#s9.4



apache2_log-daemon-msg_gismo-20060930.patch.gz
Description: use log_daemon_msg in the init script


pgpwKs7qQvIbf.pgp
Description: PGP signature
---End Message---
---BeginMessage---
Source: apache2
Source-Version: 2.2.3-5

We believe that the bug you reported is fixed in the latest version of
apache2, which is due to be installed in the Debian FTP archive:

apache2-doc_2.2.3-5_all.deb
  to pool/main/a/apache2/apache2-doc_2.2.3-5_all.deb
apache2-mpm-event_2.2.3-5_i386.deb
  to pool/main/a/apache2/apache2-mpm-event_2.2.3-5_i386.deb
apache2-mpm-perchild_2.2.3-5_all.deb
  to pool/main/a/apache2/apache2-mpm-perchild_2.2.3-5_all.deb
apache2-mpm-prefork_2.2.3-5_i386.deb
  to pool/main/a/apache2/apache2-mpm-prefork_2.2.3-5_i386.deb
apache2-mpm-worker_2.2.3-5_i386.deb
  to pool/main/a/apache2/apache2-mpm-worker_2.2.3-5_i386.deb
apache2-prefork-dev_2.2.3-5_i386.deb
  to pool/main/a/apache2/apache2-prefork-dev_2.2.3-5_i386.deb
apache2-src_2.2.3-5_all.deb
  to pool/main/a/apache2/apache2-src_2.2.3-5_all.deb
apache2-threaded-dev_2.2.3-5_i386.deb
  to pool/main/a/apache2/apache2-threaded-dev_2.2.3-5_i386.deb
apache2-utils_2.2.3-5_i386.deb
  to pool/main/a/apache2/apache2-utils_2.2.3-5_i386.deb
apache2.2-common_2.2.3-5_i386.deb
  to pool/main/a/apache2/apache2.2-common_2.2.3-5_i386.deb
apache2_2.2.3-5.diff.gz
  to pool/main/a/apache2/apache2_2.2.3-5.diff.gz
apache2_2.2.3-5.dsc
  to pool/main/a/apache2/apache2_2.2.3-5.dsc
apache2_2.2.3-5_all.deb
  to pool/main/a/apache2/apache2_2.2.3-5_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Stefan Fritsch [EMAIL PROTECTED] (supplier of updated apache2 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.7
Date: Sun, 10 Jun 2007 18:54:29 +0200
Source: apache2
Binary: apache2-utils apache2-prefork-dev apache2 apache2-mpm-prefork 
apache2-doc apache2-mpm-event apache2.2-common apache2-mpm-worker apache2-src 
apache2-threaded-dev apache2-mpm-perchild
Architecture: source all i386
Version: 2.2.3-5
Distribution: unstable
Urgency: low
Maintainer: Debian Apache Maintainers debian-apache@lists.debian.org
Changed-By: Stefan Fritsch [EMAIL PROTECTED]
Description: 
 apache2- Next generation, scalable, extendable web server
 apache2-doc - documentation for apache2
 apache2-mpm-event - Event driven model for Apache HTTPD
 apache2-mpm-perchild - Transitional package - please remove
 apache2-mpm-prefork - Traditional model for Apache HTTPD
 apache2-mpm-worker - High speed threaded model for Apache HTTPD
 apache2-prefork-dev - development headers for apache2
 apache2-src - Apache source code
 

Bug#390348: apache2-common: help message in init script

[Luca Capello]

tags 390348 - experimental
found 390348 2.2.3-3
thanks

Hello!

On Sat, 30 Sep 2006 18:41:06 +0200, Luca Capello wrote:
 Version: 2.2.3-1~exp.r170
 Severity: minor
 Tags: experimental patch
[...]
 IMHO the init script output doesn't reflect Policy §9.4 [1], at
 least on a terminal:

This bug is still present and now apache2.2-common is in unstable,
thus I'm updating the bug report.

Thx, bye,
Gismo / Luca


pgp1zDZweNC2I.pgp
Description: PGP signature

Bug#395853: Help, I purged a package and now my configuration is gone.

[Adam Conrad]

Peter Samuelson wrote:
 
 It seems reasonable to purge apache2-common _after_ apache 2.2 is
 installed.  That will work.  But you apparently purged it _before_
 upgrading to apache 2.2.  That is not reasonable, and will not work.

Unfortunately, apt-get --purge dist-upgrade will do just this, and
this is muscle memory for a lot of us (me included).  I'm not positive
what, if anything, we can do about this, but this is not going to be an
isolated bug report, it's likely to be very common.

... Adam


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#390348: apache2-common: help message in init script

[Luca Capello]

Package: apache2-common
Version: 2.2.3-1~exp.r170
Severity: minor
Tags: experimental patch

Hello,

IMHO the init script output doesn't reflect Policy §9.4 [1], at least
on a terminal:
=
[EMAIL PROTECTED]:~$ sudo invoke-rc.d apache2 start
Starting web server (apache2)
[EMAIL PROTECTED]:~$
=

The attached patch uses log_daemon_msg instead of log_begin_msg.

Thx, bye,
Gismo / Luca

-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (990, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 
'experimental')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)

Versions of packages apache2-common depends on:
ii  apache2-utils   2.2.3-1~exp.r170 utility programs for webservers
ii  libmagic1   4.17-4   File type determination library us
ii  lsb-base3.1-17   Linux Standard Base 3.1 init scrip
ii  mime-support3.37-1   MIME files 'mime.types'  'mailcap
ii  net-tools   1.60-17  The NET-3 networking toolkit

apache2-common recommends no packages.

-- no debconf information

Footnotes: 
[1] http://www.debian.org/doc/debian-policy/ch-opersys.html#s9.4



apache2_log-daemon-msg_gismo-20060930.patch.gz
Description: use log_daemon_msg in the init script


pgpbkoKuljuUX.pgp
Description: PGP signature

Bug#358543: postinstall of apache and apache-ssl 1.3.34-3 also fail - db_* workaround may help

[Michael Pitra]

The same bug is in versions 1.3.34-3 of apache and apache-ssl.

The workaround (quoting the db_set lines) worked for apache-ssl, but the 
postinstall script of apache needed another quoting of other db_* lines.


For me, an strace -f of the dpkg -i command revealed the error (when 
looking for the exit error code).




--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Help

[GLGift.com]

I am getting the error below and I am not sure how to proceed. Can you please offer some assistance?

(Reading database ... 158346 files and directories currently installed.)
Removing libapache-mod-auth-kerb ...
Error: 510mod_dynvhost.info does not have a valid LoadModule entry.
The above errors might cause apache to not work properly or start
Please refer to the documentation on how to fix it or report it to
Debian Apache Mailing List debian-apache@lists.debian.org if in doubt
on how to proceed
dpkg: error processing libapache-mod-auth-kerb (--purge):
subprocess pre-removal script returned error exit status 20
Error: 510mod_dynvhost.info does not have a valid LoadModule entry.
The above errors might cause apache to not work properly or start
Please refer to the documentation on how to fix it or report it to
Debian Apache Mailing List debian-apache@lists.debian.org if in doubt
on how to proceed
dpkg: error while cleaning up:
subprocess post-installation script returned error exit status 20

Failed to apply all changes! Scroll in the terminal buffer to see what went wrong.

Re: help

[Fabio Massimo Di Nitto]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Priya Ranjan wrote:
| Hi I am not a member of this list but I need some help. I was trying to
| install libapache-mod-perl and uninstall also but it was giving me grief
| as shown below.
| Any solutions?
| thanks,
| -priya
|
|
| (Reading database ... 97252 files and directories currently installed.)
| Removing libapache-mod-perl ...
| Error: libphp4.so does not have a corresponding .info file.
| The above errors might cause apache to not work properly or start
| Please refer to the documentation on how to fix it or report it to
| Debian Apache Mailing List debian-apache@lists.debian.org if in doubt
| on how to proceed
For some reasons your php4 installation is broken or not complete.
This causes an error in the sanity checks we perform in order to handle
the apache configuration properly.
Fabio
- --
user fajita: step one
fajita Whatever the problem, step one is always to look in the error log.
user fajita: step two
fajita When in danger or in doubt, step two is to scream and shout.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFBa3sihCzbekR3nhgRAoG/AJkBoXJ8R1spimvZqSwRq0b68KEP/gCggx66
kHl8VtwVmdqe+3NS6K9WHXo=
=jtzq
-END PGP SIGNATURE-

help

[Priya Ranjan]

Hi I am not a member of this list but I need some help. I was trying to 
install libapache-mod-perl and uninstall also but it was giving me grief 
as shown below.
Any solutions?
thanks,
-priya

(Reading database ... 97252 files and directories currently installed.)
Removing libapache-mod-perl ...
Error: libphp4.so does not have a corresponding .info file.
The above errors might cause apache to not work properly or start
Please refer to the documentation on how to fix it or report it to
Debian Apache Mailing List debian-apache@lists.debian.org if in doubt
on how to proceed
dpkg: error processing libapache-mod-perl (--purge):
subprocess pre-removal script returned error exit status 20
Error: libphp4.so does not have a corresponding .info file.
The above errors might cause apache to not work properly or start
Please refer to the documentation on how to fix it or report it to
Debian Apache Mailing List debian-apache@lists.debian.org if in doubt
on how to proceed
dpkg: error while cleaning up:
subprocess post-installation script returned error exit status 20
Errors were encountered while processing:
libapache-mod-perl
E: Sub-process /usr/bin/dpkg returned an error code (1)
Ack!  Something bad happened while installing packages.  Trying to recover:
Press return to continue.

Re: Need some help to package apache-lingerd

[Alexis Sukrieh]

I've worked a lot on apache-lingerd the past two days ;
here is the result of my work :

get this tarball :
http://www.sukria.net/tarballs/apache-1.3.31-with-lingerd.tar.gz

and run a dpkg-buildpackage inside ...

Everything should compile nicely.

You'll have every apache-* package (-ssl, --perl, ...) and a new one :
apache-lingerd.

Despite of the fact that each package compiles nicely, it remains a
problem with the lingerd one :

- no httpd.conf is installed (I cannot find how the Apache Team handle
that file, it seems to be a nice trick to do with 
apache-lingerd.httpd.conf but I don't see exactly what).

- there may be some problems with postinst and preinst scripts too...

If someone, who knows how the Debian Apache Team works, can take an eye on my 
tarball, I would be gracefull.

Thanks.

PS : note that lingerd and apache-lingerd binaries are working very nice
on my box, the last issue is to fix all the debian (pre|post)stuff and
make sure evry conffile is installed correctly.

-- 
* Alexis Sukrieh ([EMAIL PROTECTED]) disait :
Alexis Sukrieh [EMAIL PROTECTED]
 * Another Linux Debian Geek Enthusiast
 * http://www.sukria.net
   

Need some help to package apache-lingerd

[Alexis Sukrieh]

Hello there.

I'm pretty interested in trying to package apache-lingerd, which has
been requested for more than 500 days now :
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=187460 

Could someone point me to some piece of docs on how the Debian Apache
Maintainers team bild their package ?

The fact is that lignerd needs the following steps to be packaged :

First step : building lingerd :

- tuning of config.h file
- user creation : 'lingerd'
- directory creation for hosting pidfile and unix domain socket
  (/var/run/lingerd).
- compilation of lingerd binary and installation of it.

Second step : patching Apache.

- add some files to the apache src source tree 
- patch some apache native files
- compile apache

Third step :

- update the init.d startup script for apache : lingerd must be launched
  before apache to work properly.

I'm sure that the team has a lot of guidelines to build such a package
but I cannont find any docs about this.

Help will be welcome :)


-- 
Alexis Sukrieh [EMAIL PROTECTED]
 * Another Linux Debian Geek Enthusiast
 * http://www.sukria.net
   

Re: Need some help to package apache-lingerd

[Fabio Massimo Di Nitto]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Alexis Sukrieh wrote:
| Hello there.
|
| I'm pretty interested in trying to package apache-lingerd, which has
| been requested for more than 500 days now :
| http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=187460
|
| Could someone point me to some piece of docs on how the Debian Apache
| Maintainers team bild their package ?
eheh the truth is that our documentation is our debian/rules file.
|
| The fact is that lignerd needs the following steps to be packaged :
|
| First step : building lingerd :
|
| - tuning of config.h file
| - user creation : 'lingerd'
| - directory creation for hosting pidfile and unix domain socket
|   (/var/run/lingerd).
| - compilation of lingerd binary and installation of it.
This can be done easily afaict.
|
| Second step : patching Apache.
|
| - add some files to the apache src source tree
| - patch some apache native files
| - compile apache
Amen.. this is a pain. I really suggest you to look at how we build
apache. Take as example the fact that from the same source we create
binaries for apache, apache-perl and apache-ssl, but if you really
really need to create a patched apache i sugget to prepare everything
carefully and coordinate with us. It is easier to build a new apache
flavour from the same sources than having to upload a new one.
The security team would have serious problems to handle (again) more
than one apache source.
|
| Third step :
|
| - update the init.d startup script for apache : lingerd must be launched
|   before apache to work properly.
if you start from the apache package check debian/pkgtemplates and the
script that creates the final scripts.
|
| I'm sure that the team has a lot of guidelines to build such a package
| but I cannont find any docs about this.
as above.. read the source luke ;)
|
| Help will be welcome :)
|
|
Fabio
- --
user fajita: step one
fajita Whatever the problem, step one is always to look in the error log.
user fajita: step two
fajita When in danger or in doubt, step two is to scream and shout.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFBYYiRhCzbekR3nhgRAn9kAKCV8jPp0iU20wmuEvipphiOQeZIjQCdGDOT
qJXBQPpDRJnmyzN8+9REP/A=
=ktLr
-END PGP SIGNATURE-

Re: Need some help to package apache-lingerd

[Alexis Sukrieh]

* Fabio Massimo Di Nitto ([EMAIL PROTECTED]) disait :
 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA1
 
 Alexis Sukrieh wrote:
 | Hello there.
 |
 | I'm pretty interested in trying to package apache-lingerd, which has
 | been requested for more than 500 days now :
 | http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=187460
 |
 | Could someone point me to some piece of docs on how the Debian Apache
 | Maintainers team bild their package ?
 
 eheh the truth is that our documentation is our debian/rules file.

lol :)
Ok. So I'll enable my debian-patched brain to extract doc from the
debian/ stuff ;)

 | The fact is that lignerd needs the following steps to be packaged :
 |
 | First step : building lingerd :
 |
 | - tuning of config.h file
 | - user creation : 'lingerd'
 | - directory creation for hosting pidfile and unix domain socket
 |   (/var/run/lingerd).
 | - compilation of lingerd binary and installation of it.
 
 This can be done easily afaict.

Yep, that is definitely not the most difficult part, I agree.

 | Second step : patching Apache.
 |
 | - add some files to the apache src source tree
 | - patch some apache native files
 | - compile apache
 
 Amen.. this is a pain. I really suggest you to look at how we build
 apache. Take as example the fact that from the same source we create
 binaries for apache, apache-perl and apache-ssl, 

Yes, I think so, the best way is to start from the main debian-apache source.
I will first look deeply inside in order to see what to do for a
'apche-lingerd'.

 |
 | Third step :
 |
 | - update the init.d startup script for apache : lingerd must be launched
 |   before apache to work properly.
 
 if you start from the apache package check debian/pkgtemplates and the
 script that creates the final scripts.

Ok, I'll take a look at that script.

 | I'm sure that the team has a lot of guidelines to build such a package
 | but I cannont find any docs about this.
 
 as above.. read the source luke ;)

Hehe, I'll do it, and maybe the force bla bla ... :)

-- 
Alexis Sukrieh [EMAIL PROTECTED]
 * Another Linux Debian Geek Enthusiast
 * http://www.sukria.net
   

Re: pls help

[Thom May]

* Christian Eichert ([EMAIL PROTECTED]) wrote :
 I updated mailman 2.1.4-5 from the apt
 I updated apache2 2.0.50-5
 
 Everything looks OK except for one thing:  when a URL like,
 
 http://myhost/mailman/listinfo
 
 is requested, 'Apache2' locates the file (return code = 200) but wants
 to *download* the 'listinfo' file instead of executing it!  My hunch
 is that it is a CGI-BIN issue.
 
 Here's what I've added to the standard 'Apache2' config:
 
   ScriptAlias/mailman/  /var/lib/mailman/cgi-bin/
   Alias  /pipermail//var/lib/mailman/archives/public/
 
   Directory /var/lib/mailman/archives/public/
   Options FollowSymLinks
   /Directory
 
 I've also changed /etc/mailman/mm_cfg.py as suggested in the
 README.Debian file.
 
 pls help
 
 
 
have you enabled the cgi or cgid (for prefork or worker, respectively) module 
for apache2?
-Thom

Let us help you 23387

[Your Only Online Store]

Email loading...

Image not loading? View  message 
here.Discon Y1dyU.DXM.c.dt.px/w20AW1wmbOh0R7nAF/gmkm.03TIKB0
ooaoat sfxdv, qefcx, cgpqb . slniw ykp mire, pikbyp, coj . vauyz
jow cxstke, bjtsrd, ruetj . agqw rlpfj jgpdqv, ugzoz, mqzr . kgmsw
wnv uflel, jexpa, rqd . dwxui cwc gbocpl, arwc, abrcf . tjgyh
upqwl zrxov, beqsb, udw . gbwbme tkvkct ztpwjk, krde, yyvul . xhem
fhycs wpcp, aatnk, tqc . oznb mlha pizr, cntge, hevwq . pili
kxanm vmmk, lda, tuuxw . etcwcr ncdxzd nqgacs, qvx, otcor . umkqo
xbfb hgj, zrudl, thszxn . ngm swag xjfy, mhtggk, jwyffs . efk
lwb sdns, wzbf, iytq . yajw oonu yoiw, npv, jyy . aevkc
bnp ynkoex, zvzkst, jrcu . aere ejrfyi xwu, arwb, wlhr . sipoar
rwvxh cfx, eti, vao . pmk ezs ogmfa, dvd, jis . wydfq
hfxyr yvis, yyy, aglvkx . urrsq zgt nsg, dgel, olyps . vdvhd
buvwm vvkeie, pht, urk . szaq doeg idpep, zkr, vvqmfl . zct
wuhp mdyt, iwmm, snyl . vjlhow nal xff, zsrzn, hlcvy . iyidt
obfk ulet, lyw, qnl . duof pbcnlf cukj, fer, xbuxzh . outrr
yizck nqxqm, zsof, xepuc . dqdzlx vvbwx lndi, rsgk, myg . nau
fmiey xvcy, ald, plug . csmq sjg diz, sfs, cnaahc . mtb
njfre iwlr, hwn, qfmif . yfrfj scgsrr ivtque, ymil, ytihy . ffqm
vgsba uatstm, zvknd, ketsl . tsyl qgnij vepowk, kmawz, wjjpeu . zoi
vytk fzd, ruhd, tpwpp . mandg mgy ttt, fbtfh, ybp . xirw
iyo lrrvd, waur, ixwe . fkc adeku kca, nnsel, fhvzaq . xpnbwa
dcjjmd zilx, apbnng, khxdq . uey