Re: [EMAIL PROTECTED] Apache stops/freezes before Digest: done
On Tue, Nov 22, 2005 at 05:49:31PM +0100, Joel CARNAT wrote: ... [warn] NameVirtualHost *:80 has no VirtualHosts [notice] Digest: generating secret for digest authentication ... Pass --with-devrandom=/dev/urandom to configure when you build the server (or when you build APR, if you do that separately). joe - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Re: [EMAIL PROTECTED] Apache stops/freezes before Digest: done
On Tue, Nov 22 2005 - 14:31, Joshua Slive wrote:
On 11/22/05, Joel CARNAT [EMAIL PROTECTED] wrote:
Hi,
I had an Apache 2.0.54 running on gentoo/i386.
I did an minor update (-r9 to -r31 which I suspect to be gentoo
internals).
Since then, Apache won't start anymore...
I tried updating a few things (like mod_php, ...), cleanly remove
packages and remaning directories and reinstalling the package but
Apache still don't start (anymore).
The error_log says (using -X -e debug) :
[notice] Digest: generating secret for digest authentication ...
here I should get Digest: done but I never.
anyone thinks of somewhere I must look...
I already did a lot of checkings but I must be forgetting something =)
mod_auth_digest is asking your system for some random bytes to use for
digest auth. Your system is not providing them.
If you don't need digest auth, the simple solution is to simply remove
mod_auth_digest. Otherwise, you'll need to figure out what source of
well... accoring to strace, it stops when trying to read from
/dev/random.
open(/usr/lib/apache2/logs/access_log, O_WRONLY|O_APPEND|O_CREAT|O_LARGEFILE,
0666) = 8
open(/var/log/http.fifo, O_WRONLY|O_APPEND|O_CREAT|O_LARGEFILE, 0666) = 9
gettimeofday({1132737091, 140646}, NULL) = 0
write(7, [Wed Nov 23 10:11:31 2005] [noti..., 92) = 92
open(/dev/random, O_RDONLY) = 10
read(10,
looks like my /dev/random don't give me anything, as dd if=/dev/random
of=random.txt count=5 freezes too.
gotta sort this out.
thanks.
random numbers apr is using, and why it is failing. This should be
automatic in the compile, so it is likely that gentoo messed something
up. But I'm not an expert in this stuff.
Joshua.
--
,- This mail runs --.
`- NetBSD/smtp -'
pgpqMKHh2r5mH.pgp
Description: PGP signature
Re: [EMAIL PROTECTED] Apache stops/freezes before Digest: done
On 11/22/05, Joshua Slive [EMAIL PROTECTED] wrote: mod_auth_digest is asking your system for some random bytes to use for digest auth. Your system is not providing them. Why is server startup blocked by that? Can't server startup continue and all auth requests fail until there are random bytes?
Re: [EMAIL PROTECTED] Apache stops/freezes before Digest: done
On 11/23/05, Olaf van der Spek [EMAIL PROTECTED] wrote: On 11/22/05, Joshua Slive [EMAIL PROTECTED] wrote: mod_auth_digest is asking your system for some random bytes to use for digest auth. Your system is not providing them. Why is server startup blocked by that? Can't server startup continue and all auth requests fail until there are random bytes? I'd guess it would be much harder to impliment (would require dispatching a thread/process to wait on the random number generator) and wouldn't be what all admins would want anyway. Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Apache stops/freezes before Digest: done
On 11/23/05, Joshua Slive [EMAIL PROTECTED] wrote: Why is server startup blocked by that? Can't server startup continue and all auth requests fail until there are random bytes? I'd guess it would be much harder to impliment (would require dispatching a thread/process to wait on the random number generator) and wouldn't be what all admins would want anyway. Why would an admin prefer the entire server to block?
Re: [EMAIL PROTECTED] Apache stops/freezes before Digest: done
On 11/23/05, Olaf van der Spek [EMAIL PROTECTED] wrote: On 11/23/05, Joshua Slive [EMAIL PROTECTED] wrote: Why is server startup blocked by that? Can't server startup continue and all auth requests fail until there are random bytes? I'd guess it would be much harder to impliment (would require dispatching a thread/process to wait on the random number generator) and wouldn't be what all admins would want anyway. Why would an admin prefer the entire server to block? If your site depends on digest auth, then you want to be confident that if apache says it started successfully, your site is going to work. Otherwise, you'd have to do detailed testing every time you restarted your server. Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Apache stops/freezes before Digest: done
On 11/23/05, Joshua Slive [EMAIL PROTECTED] wrote: On 11/23/05, Olaf van der Spek [EMAIL PROTECTED] wrote: On 11/23/05, Joshua Slive [EMAIL PROTECTED] wrote: Why is server startup blocked by that? Can't server startup continue and all auth requests fail until there are random bytes? I'd guess it would be much harder to impliment (would require dispatching a thread/process to wait on the random number generator) and wouldn't be what all admins would want anyway. Why would an admin prefer the entire server to block? If your site depends on digest auth, then you want to be confident that if apache says it started successfully, your site is going to work. Otherwise, you'd have to do detailed testing every time you restarted your server. I don't think Apache saying ok guarantees your site is going to work. Doesn't digest also require random bytes after startup to periodically regenerate secrets?
Re: [EMAIL PROTECTED] Apache stops/freezes before Digest: done
On 11/23/05, Olaf van der Spek [EMAIL PROTECTED] wrote: On 11/23/05, Joshua Slive [EMAIL PROTECTED] wrote: On 11/23/05, Olaf van der Spek [EMAIL PROTECTED] wrote: On 11/23/05, Joshua Slive [EMAIL PROTECTED] wrote: Why is server startup blocked by that? Can't server startup continue and all auth requests fail until there are random bytes? I'd guess it would be much harder to impliment (would require dispatching a thread/process to wait on the random number generator) and wouldn't be what all admins would want anyway. Why would an admin prefer the entire server to block? If your site depends on digest auth, then you want to be confident that if apache says it started successfully, your site is going to work. Otherwise, you'd have to do detailed testing every time you restarted your server. I don't think Apache saying ok guarantees your site is going to work. Doesn't digest also require random bytes after startup to periodically regenerate secrets? There are no guarantees in life. There is no perfect solution to the question of which errors should inhibit startup and which shouldn't. I'm just saying that it is not something that would be universally welcomed. And no, I don't believe mod_auth_digest requires random bytes after startup. It just needs them to seed the random number generator. But as I said, I'm not an expert in this. Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] Apache stops/freezes before Digest: done
Hi, I had an Apache 2.0.54 running on gentoo/i386. I did an minor update (-r9 to -r31 which I suspect to be gentoo internals). Since then, Apache won't start anymore... I tried updating a few things (like mod_php, ...), cleanly remove packages and remaning directories and reinstalling the package but Apache still don't start (anymore). The error_log says (using -X -e debug) : [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec2) [warn] RSA server certificate CommonName (CN) `vc-sup.altran.net' does NOT match server name!? [debug] mod_so.c(248): loaded module access_module [debug] mod_so.c(248): loaded module auth_module [debug] mod_so.c(248): loaded module auth_anon_module [debug] mod_so.c(248): loaded module auth_dbm_module [debug] mod_so.c(248): loaded module auth_digest_module [debug] mod_so.c(248): loaded module charset_lite_module [debug] mod_so.c(248): loaded module env_module [debug] mod_so.c(248): loaded module expires_module [debug] mod_so.c(248): loaded module headers_module [debug] mod_so.c(248): loaded module mime_module [debug] mod_so.c(248): loaded module negotiation_module [debug] mod_so.c(248): loaded module setenvif_module [debug] mod_so.c(248): loaded module log_config_module [debug] mod_so.c(248): loaded module logio_module [debug] mod_so.c(248): loaded module cgi_module [debug] mod_so.c(248): loaded module cgid_module [debug] mod_so.c(248): loaded module suexec_module [debug] mod_so.c(248): loaded module alias_module [debug] mod_so.c(248): loaded module rewrite_module [debug] mod_so.c(248): loaded module actions_module [debug] mod_so.c(248): loaded module autoindex_module [debug] mod_so.c(248): loaded module dir_module [debug] mod_so.c(248): loaded module ext_filter_module [debug] mod_so.c(248): loaded module deflate_module [debug] mod_so.c(248): loaded module include_module [debug] mod_so.c(248): loaded module ssl_module [debug] mod_so.c(248): loaded module ldap_module [debug] mod_so.c(248): loaded module auth_ldap_module [debug] mod_so.c(248): loaded module php4_module [warn] NameVirtualHost *:80 has no VirtualHosts [notice] Digest: generating secret for digest authentication ... here I should get Digest: done but I never. anyone thinks of somewhere I must look... I already did a lot of checkings but I must be forgetting something =) TIA, Jo -- ,- This mail runs --. `- NetBSD/smtp -' pgp4V8fCOrkJh.pgp Description: PGP signature
Re: [EMAIL PROTECTED] Apache stops/freezes before Digest: done
On 11/22/05, Joel CARNAT [EMAIL PROTECTED] wrote: Hi, I had an Apache 2.0.54 running on gentoo/i386. I did an minor update (-r9 to -r31 which I suspect to be gentoo internals). Since then, Apache won't start anymore... I tried updating a few things (like mod_php, ...), cleanly remove packages and remaning directories and reinstalling the package but Apache still don't start (anymore). The error_log says (using -X -e debug) : [notice] Digest: generating secret for digest authentication ... here I should get Digest: done but I never. anyone thinks of somewhere I must look... I already did a lot of checkings but I must be forgetting something =) mod_auth_digest is asking your system for some random bytes to use for digest auth. Your system is not providing them. If you don't need digest auth, the simple solution is to simply remove mod_auth_digest. Otherwise, you'll need to figure out what source of random numbers apr is using, and why it is failing. This should be automatic in the compile, so it is likely that gentoo messed something up. But I'm not an expert in this stuff. Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
