Bug#492130: apache2.2-common: HTTP Trace enabled in default configuration
no, since that would imply having mod_rewrite enabled out of the box. http://www.apacheweek.com/issues/03-01-24#news -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: The status of libapache2-mod-perl2
* Adam Conrad ([EMAIL PROTECTED]) wrote : On Wed, Aug 15, 2007 at 09:32:30PM -0500, Gunnar Wolf wrote: - Should we hijack/adopt the package, or will its current maintainers stand up and get it back to life? - Is there somebody who wants to lead this? - Pkg-perl and/or Apache groups: Do you agree? :) - In any other case: Other takers? The debian-apache group has both the necssary perl, apache, and C skills required to maintain this, what we're lacking at times (hey, check the apache changelogs for my name recently... *sigh*) is the time. I'd be happy to see it in the debian-apache SVN repo, though, with a blanket policy for open non-NMU uploads from the Perl folk as well, just to spread the blame as thinly as possibly. Sounds emminently sane to me - I have no real interest in mod_perl, but will be happy to contribute apache knowledge as required. -Thom -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#422686: apache-dev: please bump build-deps to libdb4.5
Apache 1.3 is being removed for lenny. So just drop the Apache1.3 packages - we don't intend to do another apache upload. -T -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#389607: Please upgrade and confirm
Please can you upgrade to the latest versions of both mod_perl and apache2 and confirm this is still occurring? Thanks, -Thom -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#392557: Can't reproduce
I can't reproduce this: : (unstable) 19:13 ~ % dpkg -L apache2.2-common G ldap /etc/apache2/mods-available/ldap.load /etc/apache2/mods-available/authnz_ldap.load /etc/apache2/mods-available/auth_ldap.load /usr/lib/apache2/modules/mod_authnz_ldap.so /usr/lib/apache2/modules/mod_ldap.so (G is an alias for grep) If you can do the same that would help trying to figure out what's going on. Thanks, -Thom -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#389053: apache2-common: API module structure `perl_module' in file /usr/lib/apache2/modules/mod_perl.so is garbled
reassign 389053 libapache2-mod-perl2 retitle 389053 Please upload mod_perl2 to experimental built against apache 2.2 severity 389053 wishlist thanks Mod Perl2 needs to be rebuilt in experimental to work with the new apache2. -T -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#383267: subprocess post-installation script returned error exit status 10
severity 383267 important merge 383267 358543 thanks Already known about - it's a change in behaviour in debconf, we're working on a fix. -Thom -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
apache2.2 uploaded to experimental
Hi all, As of today, Apache 2.2 is available from experimental (packagename: apache2-mpm-{worker,prefork} etc). New features include LFS support, and improved caching. For more info, see: http://httpd.apache.org/docs/2.2/new_features_2_2.html and http://httpd.apache.org/docs/2.2/upgrading.html . Note especially the changes in authentication. This version is not yet ready for unstable, and hence also not for etch, because it requires more testing. All maintainers of apache modules are encouraged to test their modules against apache2.2 from experimental, and upload tested modules to experimental. Please note that it is not possible to build a module for both apache 2.0 and apache2.2 from the same source package. Authentication modules especially probably require changes. Success/failure stories from Apache module maintainers are welcome on the debian-apache mailinglist. Thanks to Canonical for sponsoring the sprint that got us 99% of the way done, and (almost) everyone else for being patient over the long wait. Thanks, The Debian Apache team (Adam, Fabio, Thom, Tollef) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#344072: :(
Please stop abusing the BTS with irrelevancies. -Thom -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#368225: please don't!
I don't see there's any benefit in doing this _at all_, to be honest. It'll just turn into a whine fest when people don't get exactly what they want installed, and it then just becomes an unmaintainable mess. -Thom -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#373290: closed by Thom May [EMAIL PROTECTED] (Re: Bug#373290: libapr0-dev: Outdated header files?)
* Friedrich Dominicus ([EMAIL PROTECTED]) wrote : Well this is difficult to understand the debian package system description says: unstable (net): the Apache Portable Runtime 2.0.55-4: alpha amd64 arm hppa i386 ia64 kfreebsd-i386 m68k mips mipsel powerpc s390 sparc and well that seems to go with the apache2 I'm using so I was thinking this is the most actual library. No, apache2.0 uses the APR 0.9 branch for API/ABI compatability reasons. Apache 2.2 when it hits experimental will use the APR/APU 1.2 packages. Cheers, -Thom
Bug#340538: followup on this bug?
* Joey Hess ([EMAIL PROTECTED]) wrote : This RC bug has been open since November with no maintainer followup that I can see. Is anything being done to remove the problimatic files and/or get them properly licensed upstream? This is in progress with upstream; we've worked with them to remove zb.c from the upstream repository and are working to find a reasonable solution to the RSA licensed files. Cheers, -Thom
Bug#344072: apache2: Apache 2.2 has been released
* Olaf van der Spek ([EMAIL PROTECTED]) wrote : Hi Adam, We're well aware of this, and are actually planning to have a small gathering in the new year to polish up the apr1.0/apache2.2 packaging and get it into the archive. What's the status of 2.2? APR/APU 1.2 are in unstable. 2.2 is awaiting some final polish and will then be uploaded to experimental some time in the next couple of weeks. -Thom -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Please Add mpm-itk (patch inclued)
* Corentin CHARY ([EMAIL PROTECTED]) wrote : Please add this mpm, it's realy usefull =). No. As and when it's proposed and accepted upstream it will be added to the apache2 package. Until that time, we're not going to carry major modifications to upstream. Cheers, -Thom -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#323773: apache 1.3.33-7 segfaults when php4_module 4.4.0-1 enabled
reassign 323773 libapache-mod-php4 kthxbye Please be more careful in your selection of packages to file bugs against in future. -Thom -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#311776: apache-ssl: Basic Authentication does not work
Severity 311776 normal kthxbye Hi, it's likely that you have an erroneous config, rather than this being a bug in apache. If basic auth was broken, I assure you that we'd have noticed by now. The problem you're reporting is often a symptom of having multiple auth providers loaded; have a look at /etc/apache-ssl/modules.conf or attach it here and check you don't have mod_auth_sys or mod_auth_system installed. Cheers, -Thom -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Apache2 first process does not drop root
* Alan Ridgeway ([EMAIL PROTECTED]) wrote : Hi Debian I am using Sarge with Apache2 on x86 platform. When Apache starts, five processes for Apache start. The first does not drop root. The rest do drop root. It does not matter which MPM is applied. yes. -Thom (how else could you create child processes that bind to a privileged port?) the root process is minimal and extremely thoroughly checked. signature.asc Description: Digital signature
Bug#304786: Include /etc/apache2/conf.d/*.conf causes other packages to break
reassign 304786 phpmyadmin severity 304786 critical close 304786 merge 307275 304786 thanks This is a problem with phpmyadmin, which the maintainer claims to have now fixed so it's policy compliant again. -Thom signature.asc Description: Digital signature
Re: Packaging of APR 1.1.1
* Andreas Fester ([EMAIL PROTECTED]) wrote : Hi, are there any plans to package the (now separated) Apache Portable Runtime 1.1.1? Hi, I already have packages done. They're waiting on one addition (symbol versioning) before they're safe to upload to unstable. Cheers, -Thom -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#268252: Patch to integrate Metux MPM into the Debian unstable Apache2 tree
* Nick Maynard ([EMAIL PROTECTED]) wrote : On Fri, Feb 25, 2005 at 04:56:43PM +, Thom May wrote: I'm strongly opposed to doing this. I see no sign that the metux authors have any desire to integrate metux with upstream, and I absolutely think that the apache2 package should not contain any major components that aren't included in the upstream tarball. (That way we're not exposed to the nightmare of multiple updates that the 1.3 package can be) Hello Thom, Having read your mail, I agree with your opinion that the Debian apache2 package should remain largely untainted. There have been a few abortive attempts by the Metux MPM community to increase awareness of the Metux MPM, but admittedly these have generally stopped short of doing any extra work in order to justify inclusion into the Apache 2 tree. Do you have any suggestions as to how Metux MPM could increase the chances of inclusion into mainstream Apache 2? They should send useful patches to the dev list (both apr and httpd), make their build system and everything that they do absolutely compatible with the upstream way of doing it (last I looked, metux required automake to build, which is 100% guaranteed not to be accepted upstream) etc Cheers, -Thom -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Patch to integrate Metux MPM into the Debian unstable Apache2 tree
* Nick Maynard ([EMAIL PROTECTED]) wrote : What are your thoughts on integrating this functionality into the main unstable/experimental tree? Thank you, I'm strongly opposed to doing this. I see no sign that the metux authors have any desire to integrate metux with upstream, and I absolutely think that the apache2 package should not contain any major components that aren't included in the upstream tarball. (That way we're not exposed to the nightmare of multiple updates that the 1.3 package can be) Cheers, -Thom -- That sounds like a lot of work... Can we out source? The Revolution will not be outsourced! (Slick/Monique - Sinfest) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#291944: Not apache's bug
reassign 291944 php4 thanks Segfaults caused by php modules aren't an apache bug. -- That sounds like a lot of work... Can we out source? The Revolution will not be outsourced! (Slick/Monique - Sinfest) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [Apache] Vhost with mod_rewrite
* Gob42 ([EMAIL PROTECTED]) wrote : Hi, I want to set up virtual host with sub-domain using mod_rewrite. My actual configuration is like this one but for all my domains. Any reason you can't or don't want to use mod_vhost_alias? This is designed to do exactly the thing you want: http://httpd.apache.org/docs-2.0/mod/mod_vhost_alias.html Cheers, -Thom -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: wwwconfig starter guide for the distracted lazy?
* Martin Langhoff ([EMAIL PROTECTED]) wrote : I intend to update the TWIG package to use wwwconfig, but I am at a loss as to where to start reading about best practices wrt wwwconfig. In my experience and opinion: wwwconfig is not the correct approach to use to update apache or apache2 configuration. To add configuration, simply drop a symlink into /etc/apache{,2}/conf.d and restart the server. There is no reason for the potentially dangerous configuration munging that wwwconfig does. Cheers, -Thom
Bug#267477: Apache 2 TLS by default
* Olaf van der Spek ([EMAIL PROTECTED]) wrote : Generating an ssl cert during install, and setting up apache to use it. See the many archived bugs from the time. If we can sensibly use debconf to ask the questions, then i may reinstate something like this post sarge. I'll try. But would it be possible (pre Sarge) to provide a /etc/apache2/sites-available/ssl so that apache2-ssl-certificate a2enmod ssl a2ensite ssl invoke-rc.d apache reload activates SSL? NO. We have to be interactive to use apache2-ssl-certificate, and that BREAKS the buildds. -T
Bug#267477: Apache 2 TLS by default
* Olaf van der Spek ([EMAIL PROTECTED]) wrote : Thom May wrote: * Olaf van der Spek ([EMAIL PROTECTED]) wrote : Hi, Instead of just an easy way to enable SSL/TLS, I'd like to see it enabled by default. :) Anyway: Step 3 and 4 can be replaced by running /usr/sbin/apache2-ssl-certificate In step 5 you can use SSLCertificateFile /etc/apache2/ssl/apache.pem and SSLCertificateKeyFile isn't needed. Tried that, far more pain than we need. What exactly was tried and what pain was caused? Generating an ssl cert during install, and setting up apache to use it. See the many archived bugs from the time. If we can sensibly use debconf to ask the questions, then i may reinstate something like this post sarge. -Thom
Bug#267477: Apache 2 TLS by default
* Olaf van der Spek ([EMAIL PROTECTED]) wrote : Hi, Instead of just an easy way to enable SSL/TLS, I'd like to see it enabled by default. :) Anyway: Step 3 and 4 can be replaced by running /usr/sbin/apache2-ssl-certificate In step 5 you can use SSLCertificateFile /etc/apache2/ssl/apache.pem and SSLCertificateKeyFile isn't needed. Tried that, far more pain than we need. -Thom
Re: Informations for packaging apache(2) third party modules
* Emmanuel Lacour ([EMAIL PROTECTED]) wrote : On Wed, Sep 15, 2004 at 02:52:28AM +0100, Thom May wrote: libapache2-mod-macro is pretty much the simplest possible case for an apache2 module. get the source for that, and run with it. I'm not looking for the easiest package example, I already looked at many, but I wan't to find the best way for postinst/prerm scripts. I think it's a good idea to provide a choice for the user to enable/disable the module via debconf at install time and via dpkg-reconfigure. If there isn't a standard way like with apache1.x, I will do my debconf template myself (enable/disable modue? yes/no, then use a2enmod or a2dismod). There is also a script called update-apache2-modules. Should I use this one instead of a2*mod. Is there a standard way for looking if a module is enabled (other than -e /etc/apache2/mods-enabled/load). u-a-m is a work in process, which will be the standard way of handling modules. It's pretty close, but not there yet. I'm hoping to have some time the next couple of days to work on it and test it etc. I'd really ask you *not* to go off developing your own solution to the problem though. Cheers, -Thom -- That sounds like a lot of work... Can we out source? The Revolution will not be outsourced! (Slick/Monique - Sinfest)
Re: Informations for packaging apache(2) third party modules
* Emmanuel Lacour ([EMAIL PROTECTED]) wrote : Hi everybody, I'm working on packaging a new apache module for apache/apache2 (www.suphp.org), and I try to find the best way for my postinsts/prerms scripts. I found the README.modules in apache-dev, but nothing for apache2-dev. So I looked at some other packages and saw that often they simply a2enmod without asking the user... AW, is there a place where I can find informations on packaging tools with dependendies on apache like apache modules. If there isn't such a place I would suggest to set up a simple page or wiki (I can do this) and add a link to Packaging section on Developers' Corner at www.debian.org. libapache2-mod-macro is pretty much the simplest possible case for an apache2 module. get the source for that, and run with it. -Thom -- That sounds like a lot of work... Can we out source? The Revolution will not be outsourced! (Slick/Monique - Sinfest)
Bug#263038: apache2-mpm-prefork: cgi-bin doesn't seem to work
I imagine it was related to cgi changing to being built-in and then back again. just a2enmoding the cgi module should fix your problems. -Thom * Diwaker Gupta ([EMAIL PROTECTED]) wrote : Turns out it wasn't a bug with apache2 after all (maintainer you can as well go ahead and close this bug). Unfortunately, I'm not sure how I fixed the problem, but you might want to try these steps: o use a2dismod to disable the cgi module, and a2end to re-enable it o restart apache o flush your browser cache completely and try again Lemme know if you get it working. If not, I'll try to dig in deeper into what I did. HTH Diwaker Nathan Kroll wrote: I'm having the same problem on our webservers. Any insight or workarounds to fix this temporarily? Thanks. -- Diwaker Gupta Graduate Student, Computer Sc. and Engg. University of California, San Diego http://resolute.ucsd.edu/diwaker
Bug#264106: conf.d and sites-enabled cannot be checked into svn
Yeah, this has been fixed ages ago and is now blocked on gcc3.4 to get into sarge. Cheers, -Thom
Bug#264718: wishlist, and not really a bug
severity 264718 wishlist thanks userdir is forcibly enabled since it changed from being built in to being a module. Not enabling it would have broken many more configs than not, so this is a safe default. I'll be implementing debconf questions to handle this more gracefully. -Thom
Re: pls help
* Christian Eichert ([EMAIL PROTECTED]) wrote : I updated mailman 2.1.4-5 from the apt I updated apache2 2.0.50-5 Everything looks OK except for one thing: when a URL like, http://myhost/mailman/listinfo is requested, 'Apache2' locates the file (return code = 200) but wants to *download* the 'listinfo' file instead of executing it! My hunch is that it is a CGI-BIN issue. Here's what I've added to the standard 'Apache2' config: ScriptAlias/mailman/ /var/lib/mailman/cgi-bin/ Alias /pipermail//var/lib/mailman/archives/public/ Directory /var/lib/mailman/archives/public/ Options FollowSymLinks /Directory I've also changed /etc/mailman/mm_cfg.py as suggested in the README.Debian file. pls help have you enabled the cgi or cgid (for prefork or worker, respectively) module for apache2? -Thom
Bug#259235: FTBS: apache2 and mod_ssl
* Wiesiek ([EMAIL PROTECTED]) wrote : Package: apache2 Version: 2.0.50-5 Severity: important Hi... apache2 fails to build on ARM arch. checking whether to enable mod_ssl... checking dependencies checking for SSL/TLS toolkit base... configure: error: requires OpenSSL 0.9.6e or higher Well, there's the problem. I'll need to get the config.log for this build - it seems that either the version installed of libssl-dev is bogus, or there's a test going wrong. Either way, it doesn't happen on any other architecture. Cheers, -Thom
Bug#258217: unreproducible
tags 258217 unreproducible thanks using a freshly downloaded 2.0.50-1 from the archive: 11:32 ~% ldd /usr/sbin/apache2 libz.so.1 = /usr/lib/libz.so.1 (0xb7fcc000) libssl.so.0.9.7 = /usr/lib/i686/cmov/libssl.so.0.9.7 (0xb7f9a000) libcrypto.so.0.9.7 = /usr/lib/i686/cmov/libcrypto.so.0.9.7 (0xb7e9d000) 11:30 ~% HEAD localhost 200 OK Connection: close Date: Thu, 08 Jul 2004 10:34:49 GMT Server: Apache/2.0.50 (Debian GNU/Linux) mod_perl/1.99_14 Perl/v5.8.4 mod_python/3.1.3 Python/2.3.5a0 mod_ssl/2.0.50 OpenSSL/0.9.7d Cheers, -Thom
Bug#258202: Unreproducible
tags 258202 unreproducible thanks I can't reproduce this at all, using the 2.0.50-1 packages from the archives: 11:28 ~% GET http://localhost/ foo.nodeflate 11:28 ~% GET -H 'Accept-Encoding: gzip, deflate' http://localhost/|gunzip foo.deflate 11:28 ~% diff foo.nodeflate foo.deflate 11:28 ~% 11:29 ~% HEAD -H 'Accept-Encoding: gzip, deflate' http://localhost/ 200 OK Connection: close Date: Thu, 08 Jul 2004 10:30:05 GMT Server: Apache/2.0.50 (Debian GNU/Linux) mod_perl/1.99_14 Perl/v5.8.4 mod_python/3.1.3 Python/2.3.5a0 mod_ssl/2.0.50 OpenSSL/0.9.7d Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 20 Content-Type: text/html Client-Date: Thu, 08 Jul 2004 10:30:05 GMT Client-Peer: 127.0.0.1:80 Client-Response-Num: 1 cheers, -Thom
Bug#257945: (no subject)
package apache2-common severity 257945 wishlist reassign 257945 libapache2-mod-php4 thanks Ok. so, you're reporting a bug that basically says when i request a PHP page, it gets processed by PHP. It seems that the real bug you're reporting is, 'php should deactivate itself during dav requests', which is why I'm dropping this to wishlist and reassigning to PHP, which is where it belongs. I strongly recommend that you go and re-read the description of severity levels at bugs.debian.org; and also that you think about setting up a different virtual host for uploads and turning off php for that. Cheers, -Thom signature.asc Description: Digital signature
Bug#258217: *sigh*
reassign 258217 apache2-common tags 258217 unreproducible merge 258217 258252 thanks Ok, please provide the output of 'ldd /usr/sbin/apache2'. Also, ensure that you've stopped apache2 entirely before starting it, rather than trying to restart. Cheers, -Thom
Bug#255443: Give me an icon, I'll include it
severity 255443 wishlist thanks Give me a nice icon for ogg, and I'll happily include it. -Thom
Bug#258202: hmm.
Please send the output of ldd /usr/sbin/apache2
Bug#258217: *sigh*
The fix is already being uploaded. -Thom * Daniel Kobras ([EMAIL PROTECTED]) wrote : tag 258217 - unreproducible thanks On Thu, Jul 08, 2004 at 03:52:11PM +0100, Thom May wrote: Ok, please provide the output of 'ldd /usr/sbin/apache2'. Also, ensure that you've stopped apache2 entirely before starting it, rather than trying to restart. Another data point. Between 2.0.49 and 2.0.50, you've split the build sequence of mpm-worker and the other mpms in debian/rules. Unlike -worker, the rest now is built without AP2_CONFARGS. No idea whether this change was intentional, but in any case it breaks significant functionality. So this bug affects prefork, perchild, and threadpool (and I don't quite see why you reassigned it to -common). Daniel.
Bug#247458: [htpasswd] Creates corrupt htpasswd files
Package: apache-utils Version: 1.3.29.0.2-6 Severity: grave Tags: sid When htpasswd creates a new htpasswd file, it encounters what appears to be a memory corruption bug. This does not occur when updating an old file, and indeed using htpasswd again on the same file and username fixes the problem. -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: powerpc (ppc) Kernel: Linux 2.6.6-rc1-mm1 Locale: LANG=C, LC_CTYPE=C Versions of packages apache-utils depends on: ii libc6 2.3.2.ds1-12 GNU C Library: Shared libraries an ii libdb4.24.2.52-16Berkeley v4.2 Database Libraries [ ii libexpat1 1.95.6-8 XML parsing C library - runtime li ii libkeynote0 2.3-10 Decentralized Trust-Management sys ii libssl0.9.7 0.9.7d-1 SSL shared libraries ii perl5.8.4-1 Larry Wall's Practical Extraction -- no debconf information
Bug#247229: apache2-common: -S option segfaults when NameVirtualHost specifies port
* Adam Hupp ([EMAIL PROTECTED]) wrote : Package: apache2-common Version: 2.0.49-1 Severity: normal I had a NameVirtualHost *:80 directive in my apache2.conf. I tried running 'apache2 -S' to debug my vhosts and got a segfault. Changing it to NameVirtualHost * fixed the segfault. I can provide a core file if needed. Just a backtrace with gdb would be a good start. -Thom
Bug#237782: Ok...
* Stefan Andersson ([EMAIL PROTECTED]) wrote : Ok. Now I've fixed it. I've made a dir where i've put separate files for the separate vhosts .. And the NameVirtualHost define file that i've made. began with an - And the new version of Apache apparently couldn't handle that. Thanks for the help! Ah, yeah. We've tightened up what gets included for safety's sake, so you can't have file that don't start with an alphanumeric character anymore. -Thom
Bug#237782: Ok...
* Matthew Wilcox ([EMAIL PROTECTED]) wrote : On Sat, Mar 13, 2004 at 09:27:27PM +, Thom May wrote: And the NameVirtualHost define file that i've made. began with an - And the new version of Apache apparently couldn't handle that. Thanks for the help! Ah, yeah. We've tightened up what gets included for safety's sake, so you can't have file that don't start with an alphanumeric character anymore. Maybe we should check for that at install time and pop up a debconf note? That way lies madness, I think. -T
Re: Debian/Vhosts.pm
* Andrius Kazimieras Kasparavi?ius ([EMAIL PROTECTED]) wrote : hi, why I can't find even on googe that module? we deleted any trace of it, lo, even from our minds and souls, about two years ago since it was unmaintainable and horrifying. I need to get round to killing all the /etc/vhost stuff at some point soon. -Thom
patch to implement run-part-ish behaviour
Hi, as noted on irc, we should exclude .dpkg-* files, and also dot-files etc. This is a patch to do this; please can you review,test and confirm it seems valid? (I don't have a way to commit on debian-apache, so please apply if it looks good.) -Thom Index: src/main/http_config.c === RCS file: /home/cvs/apache-1.3/src/main/http_config.c,v retrieving revision 1.168 diff -u -u -r1.168 http_config.c --- src/main/http_config.c 16 Feb 2004 22:29:33 - 1.168 +++ src/main/http_config.c 8 Mar 2004 16:19:15 - @@ -1164,6 +1164,31 @@ return strcmp(f1-fname,f2-fname); } +static int fname_valid(const char *fname) { +const char *c = fname; +char bad_dpkg[] = *.dpkg*; + +if (!isalnum(*c)) { +return 0; +} +++c; + + +while (*c) { +if (!isalnum(*c) *c!='_' *c!='-' *c!='.') { +return 0; +} +++c; +} + +if (!ap_fnmatch(bad_dpkg, fname, 0)) { +return 0; +} + +return 1; +} + + CORE_EXPORT(void) ap_process_resource_config(server_rec *s, char *fname, pool *p, pool *ptemp) { const char *errmsg; @@ -1245,7 +1270,8 @@ if (strcmp(dir_entry-d_name, .) strcmp(dir_entry-d_name, ..) (!ispatt || - !ap_fnmatch(pattern,dir_entry-d_name, FNM_PERIOD)) ) { + !ap_fnmatch(pattern,dir_entry-d_name, FNM_PERIOD)) + fname_valid(dir_entry-d_name)) { fnew = (fnames *) ap_push_array(candidates); fnew-fname = ap_make_full_path(p, path, dir_entry-d_name); }
Bug#154447: Is this problem still reproducible?
Are you still able to reproduce this problem with current kernels and apache? We are currently triaging bugs to prepare for a release of Debian, and would like to prune our bugs list of old bugs that can no longer be reproduced. Cheers -Thom
Bug#230999: This is not an RC bug
severity 230999 important tags 230999 -patch thanks This is not a release critical bug. It does have security implications but it is not a major security flaw nor is it a widely used or exploitable one. -Thom
Bug#234955: Apache2-common depencies inadequate
* [EMAIL PROTECTED] ([EMAIL PROTECTED]) wrote : * Julian Mehnle ([EMAIL PROTECTED]) wrote : Joerg Dorchain wrote: apache2-common depends on ssl-cert. This is bad, as in the install dialogs it is not clear from context that the user is asked questions for his https config. Besides it is superfluous, as the created apache.pem file is not referenced in the supplied config files. In my case it is even annoying, as I already have my own working certificate, and the apache.pem file is placed in the middle of my certificate directories. I therefore recommend removing the dependency on ssl-cert. As a suggested package it is IMHO better referenced. Oh, yeah. what a fantastic argument. I don't want it, and it's slightly broken, so let's rip it out totally rather than fix it. Well, that's actually _not_ the OP's argument. Dependencies, in my very humble understanding, express that certain parts of the system need other parts to operate. I really don't see why apache2-common needs ssl-cert to operate (esp. considering that, according to your own comments it doesn't even depend on any worker module -- hey, we won't be able to run apache2, but we'll do it encrypted :-) Why not make it a 'suggests'? Well, when I get round to fixing the config file to use the generated cert, and ssl-cert to not suck, I'd prefer for encryption to work out of the box. I might ask if the installee wants to create an ssl cert tho. -T
Bug#231134: Wish: Dummy LoadModule directive in apache2.conf to ease module installations through apxs (e.g. PHP5)
* Carl Johnstone ([EMAIL PROTECTED]) wrote : Similar to my apache 1.3 bug - wouldn't it be better to fix apxs to generate the .load file needed to make it work the new Debian way? Yep. That's exactly the route I've been planning to take for sometime, I just need to find the time ;-) -Thom
Bug#227997: mod_usertrack causes segfault
Um, this sounds like http://nagoya.apache.org/bugzilla/show_bug.cgi?id=24483 -T
Bug#225809: apache2: can -dev packages depend on libdb-dev instead of libdb4.1-dev?
* Daniel Stone ([EMAIL PROTECTED]) wrote : On Fri, Jan 02, 2004 at 02:12:39PM +, Colin Watson wrote: On Thu, Jan 01, 2004 at 07:57:35PM +0100, GCS wrote: Package: apache2 Severity: wishlist I do not know if it's by any means possible, but as both libdb4.1-dev and libdb4.2-dev provides libdb-dev, would it be possible to depend -dev packages on that? That sounds dangerous; as I understand it, it's necessary for everything that depends on libapr0 to use the same version of Berkeley DB. It's a really bad idea, yes. On a similar note, though, db4.2 is now in unstable, so will the next version of apache2 use it? Uploads of new upstream versions of subversion are waiting for this to happen. (I scanned the debian-apache archives but couldn't find any mention of this.) Thom committed a change to libdb4.2-dev to apache2 HEAD[1] yesterday, IIRC. Correct. I need to write some debconf notification since the upgrade is manual and potentially destructive. Blah. -Thom
Bug#208569: Processed: this is an update-rc.d bug, really
* Miquel van Smoorenburg ([EMAIL PROTECTED]) wrote : It's not a bug, it's a feature. It works exactly as documented. If your package installed the links with the wrong sequence number, it's the responsibility of the package to detect and fix this in the postinst of the new version. This is admittedly not trivial. But it's how it works. Um, eww. Oh well. It'd be nice if in the future you could tell update-rc.d to do it for you - something like: update-rc.d -u name new-seq old-seq and only have update-rc.d do it if the old number matched? Cheers, -Thom
Bug#223417: Repro recipe
20:01 joshk well, this is how it all went for me: 20:01 joshk install worker, (watch it not work with php4) 20:02 joshk install prefork which conflicts: worker and gets it apt-get removed 20:02 joshk then try to purge worker
Bug#223300: Is this really a bug report?
tags 223300 moreinfo thanks Hi. so, you don't give details of what changes you made to your config, whether you had anything in syslog, which mpm you're using, nor did you attach your config. Am I supposed to grow psychic powers and mystically divine your problem? Unless you give me drastically more info, this bug report is closing in 12 hours. -Thom