Maybe check out how https://software.opensuse.org/package/haveged is configured if installed on your system
Also http://www.onkarjoshi.com/blog/191/device-dev-random-vs-urandom/ From: Nick Williams [mailto:nicho...@nicholaswilliams.net] Sent: Saturday, July 30, 2016 6:05 AM To: users@httpd.apache.org Subject: Re: [users@httpd] HTTPD asking for password after power failure It took me a while to get back to this (it’s not a mission-critical server, but I have hit a point where I really do need to get it working again). `apachectl restart` hung for many, many minutes without any input, and I eventually quit it. I ran it again with `strace -Ff apachectl restart`. Towards the end it had read all of the vhost config files and opened up the request and error logs configured in them, and it read the media types config file: [pid 22537] read(35, "# This file maps Internet media "..., 4096) = 4096 But after that is where things got weird: [pid 22537] mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f73aff27000 [pid 22537] open("/dev/random", O_RDONLY|O_CLOEXEC) = 35 [pid 22537] read(35, " p$\242\33\241", 1024) = 6 [pid 22537] read(35, "\205\31\345\274A\336", 1018) = 6 [pid 22537] read(35, "\335\16\7\370\343\311", 1012) = 6 [pid 22537] read(35, "\265\362\20}F\234", 1006) = 6 [pid 22537] read(35, "\223}\\\0+\242", 1000) = 6 [pid 22537] read(35, Each `read` line there took about a full minute. It’s spending FOREVER reading from /dev/random. That led me to try to read from /dev/random, and it is only generating a byte every few seconds. I don’t know why, but /dev/random appears to be borked on this machine. I changed ssl-global.conf to use /dev/urandom instead of /dev/random, and it started right up in a matter of seconds. I know this is now off-topic, but does anyone know why /dev/random would suddenly be gathering almost no entropy? I have never had this problem on this system before. Thanks, Nick On Jul 16, 2016, at 9:56 PM, Frank Gingras <thu...@apache.org <mailto:thu...@apache.org> > wrote: Try to use apachectl restart instead to bypass your init scripts. The latter are likely to hide actual errors that would appear on STDERR. If apachectl restart still gives you that error, perhaps your distro mangled it as well. Then, I would use strace with httpd -X to get the complete picture. On Sat, Jul 16, 2016 at 6:47 AM, Nicholas Williams <nicho...@nicholaswilliams.net <mailto:nicho...@nicholaswilliams.net> > wrote: I have a server running OpenSUSE 42.1 with stock Apache HTTPD 2 installed from the package manager. It has been running without issue for well over a year. We've restarted the service and the server since then without issue. The service always starts on its own when the server boots. Last night we had a power failure. The sever came up fine. All services, including MySQL, started fine. No obvious issues appear anywhere. But HTTPD didn't start automatically. So I logged in to the server to investigate and try to start it. `service apache2 status` said FAILED with no details. `/var/log/apache2/error_log` showed nothing since the day before the power failure. `service apache2 start` hung for about 2 minutes, and then said FAILED with no details. `/var/log/apache2/error_log` still showed nothing since the day before the power failure. There was nothing in the system log since my log-in to the server. So I tried `strace -Ff service apache2 start`. The only thing I see suspicious is it calls open on `/run/systemd/ask-password-block`. It appears it times out after never receiving a password. But I have no idea why it would do that. None of my SSL certificates have passphrases, and I've always been able to start HTTPD without a password. I'm at a loss here. Any suggestions? Thanks, Nick --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org <mailto:users-unsubscr...@httpd.apache.org> For additional commands, e-mail: users-h...@httpd.apache.org <mailto:users-h...@httpd.apache.org>
