Bug#391280: marked as done (apache2-mpm-prefork: doesn't bind to IPv4 socket when IPv6 enabled)
Your message dated Mon, 07 Jul 2008 20:47:06 + with message-id <[EMAIL PROTECTED]> and subject line Bug#391280: fixed in apache2 2.2.9-5 has caused the Debian Bug report #391280, regarding apache2-mpm-prefork: doesn't bind to IPv4 socket when IPv6 enabled to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 391280: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=391280 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems --- Begin Message --- Package: apache2-mpm-prefork Version: 2.2.3-1 Severity: important I have following lines in /etc/apache2/ports.conf: #v+ #Listen 80 Listen [::]:80 Listen 0.0.0.0:80 # # Listen [::]:443 # Listen 0.0.0.0:443 # #v- This configuration worked fine with Apache 2.0, but not now. Actually Apache binds only to [::]:80 and doesn't accept connections on IPv4 socket (sysctl net.ipv6.bindv6only returns 1) making web server absolutely unusable (I haven't set severity to grave because AFAIR net.ipv6.bindv6only is disabled on Debian by default). Netstat output: #v+ [EMAIL PROTECTED] ~]% sudo netstat -ntlp|grep :80 tcp0 0 192.168.0.1:80800.0.0.0:* LISTEN 29161/(squid) tcp0 0 127.0.0.1:8080 0.0.0.0:* LISTEN 29161/(squid) tcp6 0 0 :::80 :::*LISTEN 2439/apache2 #v- and with [::]:80 commented: #v+ [EMAIL PROTECTED] ~]% sudo netstat -ntlp|grep :80 tcp0 0 0.0.0.0:80 0.0.0.0:* LISTEN 2656/apache2 tcp0 0 192.168.0.1:80800.0.0.0:* LISTEN 29161/(squid) tcp0 0 127.0.0.1:8080 0.0.0.0:* LISTEN 29161/(squid) #v- As a workaround I've commented 0.0.0.0 and listed all IPv4 addresses explicitly. -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.16-ck11 Locale: LANG=pl_PL, LC_CTYPE=pl_PL (charmap=ISO-8859-2) Versions of packages apache2-mpm-prefork depends on: ii apache2. 2.2.3-1 Next generation, scalable, extenda ii libapr1 1.2.7-6 The Apache Portable Runtime Librar ii libaprut 1.2.7+dfsg-2The Apache Portable Runtime Utilit ii libc62.3.6.ds1-5 GNU C Library: Shared libraries ii libdb4.3 4.3.29-6Berkeley v4.3 Database Libraries [ ii libdb4.4 4.4.20-7Berkeley v4.4 Database Libraries [ ii libexpat 1.95.8-3.3 XML parsing C library - runtime li ii libldap2 2.1.30-13+b1OpenLDAP libraries ii libpcre3 6.7-1 Perl 5 Compatible Regular Expressi ii libpq4 8.1.4-7 PostgreSQL C client library ii libsqlit 3.3.7-1 SQLite 3 shared library ii libuuid1 1.39+1.40-WIP-2006.10.02+dfsg-1 universally unique id library apache2-mpm-prefork recommends no packages. -- no debconf information -- Linux jest darmowy, jeśli twój czas nie przedstawia żadnej wartości. Jeśli jest coś warty(czas), Linux jest po prostu tańszy od innych. Jarek Kamiński gg# 453620 pgpatOCuDgAbV.pgp Description: PGP signature --- End Message --- --- Begin Message --- Source: apache2 Source-Version: 2.2.9-5 We believe that the bug you reported is fixed in the latest version of apache2, which is due to be installed in the Debian FTP archive: apache2-dbg_2.2.9-5_i386.deb to pool/main/a/apache2/apache2-dbg_2.2.9-5_i386.deb apache2-doc_2.2.9-5_all.deb to pool/main/a/apache2/apache2-doc_2.2.9-5_all.deb apache2-mpm-event_2.2.9-5_i386.deb to pool/main/a/apache2/apache2-mpm-event_2.2.9-5_i386.deb apache2-mpm-prefork_2.2.9-5_i386.deb to pool/main/a/apache2/apache2-mpm-prefork_2.2.9-5_i386.deb apache2-mpm-worker_2.2.9-5_i386.deb to pool/main/a/apache2/apache2-mpm-worker_2.2.9-5_i386.deb apache2-prefork-dev_2.2.9-5_i386.deb to pool/main/a/apache2/apache2-prefork-dev_2.2.9-5_i386.deb apache2-src_2.2.9-5_all.deb to pool/main/a/apache2/apache2-src_2.2.9-5_all.deb apache2-suexec-custom_2.2.9-5_i386.deb to pool/main/a/apache2/apache2-suexec-custom_2.2.9-5_i386.deb apache2-suexec_2.2.9-5_i386.deb to pool/main/a/apache2/apache2-suexec_2.2.9-5_i386.deb apache2-threaded-dev_2.2.9-5_i386.deb to pool/main/a/apache2/apache2-threaded-dev_2.2.9-5_i386.deb apache2-utils_2.2.9-5_i386.deb to pool/main/a/apache2/apache2-utils_2.2.9-5_i386.deb apache2
apache2 override disparity
There are disparities between your recently accepted upload and the override file for the following file(s): apache2-mpm-event_2.2.9-5_i386.deb: package says section is web, override says net. apache2-mpm-prefork_2.2.9-5_i386.deb: package says section is web, override says net. apache2-mpm-worker_2.2.9-5_i386.deb: package says section is web, override says net. apache2-prefork-dev_2.2.9-5_i386.deb: package says priority is extra, override says optional. apache2-threaded-dev_2.2.9-5_i386.deb: package says priority is extra, override says optional. apache2-utils_2.2.9-5_i386.deb: package says section is web, override says net. apache2.2-common_2.2.9-5_i386.deb: package says section is web, override says net. apache2_2.2.9-5_all.deb: package says section is web, override says net. Either the package or the override file is incorrect. If you think the override is correct and the package wrong please fix the package so that this disparity is fixed in the next upload. If you feel the override is incorrect then please reply to this mail and explain why. Please INCLUDE the list of packages as seen above, or we won't be able to deal with your mail due to missing information. [NB: this is an automatically generated mail; if you replied to one like it before and have not received a response yet, please ignore this mail. Your reply needs to be processed by a human and will be in due course, but until then the installer will send these automated mails; sorry.] -- Debian distribution maintenance software (This message was generated automatically; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
apache2_2.2.9-5_i386.changes ACCEPTED
Accepted: apache2-dbg_2.2.9-5_i386.deb to pool/main/a/apache2/apache2-dbg_2.2.9-5_i386.deb apache2-doc_2.2.9-5_all.deb to pool/main/a/apache2/apache2-doc_2.2.9-5_all.deb apache2-mpm-event_2.2.9-5_i386.deb to pool/main/a/apache2/apache2-mpm-event_2.2.9-5_i386.deb apache2-mpm-prefork_2.2.9-5_i386.deb to pool/main/a/apache2/apache2-mpm-prefork_2.2.9-5_i386.deb apache2-mpm-worker_2.2.9-5_i386.deb to pool/main/a/apache2/apache2-mpm-worker_2.2.9-5_i386.deb apache2-prefork-dev_2.2.9-5_i386.deb to pool/main/a/apache2/apache2-prefork-dev_2.2.9-5_i386.deb apache2-src_2.2.9-5_all.deb to pool/main/a/apache2/apache2-src_2.2.9-5_all.deb apache2-suexec-custom_2.2.9-5_i386.deb to pool/main/a/apache2/apache2-suexec-custom_2.2.9-5_i386.deb apache2-suexec_2.2.9-5_i386.deb to pool/main/a/apache2/apache2-suexec_2.2.9-5_i386.deb apache2-threaded-dev_2.2.9-5_i386.deb to pool/main/a/apache2/apache2-threaded-dev_2.2.9-5_i386.deb apache2-utils_2.2.9-5_i386.deb to pool/main/a/apache2/apache2-utils_2.2.9-5_i386.deb apache2.2-common_2.2.9-5_i386.deb to pool/main/a/apache2/apache2.2-common_2.2.9-5_i386.deb apache2_2.2.9-5.diff.gz to pool/main/a/apache2/apache2_2.2.9-5.diff.gz apache2_2.2.9-5.dsc to pool/main/a/apache2/apache2_2.2.9-5.dsc apache2_2.2.9-5_all.deb to pool/main/a/apache2/apache2_2.2.9-5_all.deb Override entries for your package: apache2-dbg_2.2.9-5_i386.deb - extra libdevel apache2-doc_2.2.9-5_all.deb - optional doc apache2-mpm-event_2.2.9-5_i386.deb - optional net apache2-mpm-prefork_2.2.9-5_i386.deb - optional net apache2-mpm-worker_2.2.9-5_i386.deb - optional net apache2-prefork-dev_2.2.9-5_i386.deb - optional devel apache2-src_2.2.9-5_all.deb - extra devel apache2-suexec-custom_2.2.9-5_i386.deb - extra web apache2-suexec_2.2.9-5_i386.deb - optional web apache2-threaded-dev_2.2.9-5_i386.deb - optional devel apache2-utils_2.2.9-5_i386.deb - optional net apache2.2-common_2.2.9-5_i386.deb - optional net apache2_2.2.9-5.dsc - source net apache2_2.2.9-5_all.deb - optional net Announcing to [EMAIL PROTECTED] Closing bugs: 391280 Thank you for your contribution to Debian. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Processing of apache2_2.2.9-5_i386.changes
apache2_2.2.9-5_i386.changes uploaded successfully to localhost along with the files: apache2_2.2.9-5.dsc apache2_2.2.9-5.diff.gz apache2.2-common_2.2.9-5_i386.deb apache2-mpm-worker_2.2.9-5_i386.deb apache2-mpm-prefork_2.2.9-5_i386.deb apache2-mpm-event_2.2.9-5_i386.deb apache2-utils_2.2.9-5_i386.deb apache2-suexec_2.2.9-5_i386.deb apache2-suexec-custom_2.2.9-5_i386.deb apache2-prefork-dev_2.2.9-5_i386.deb apache2-threaded-dev_2.2.9-5_i386.deb apache2-dbg_2.2.9-5_i386.deb apache2_2.2.9-5_all.deb apache2-doc_2.2.9-5_all.deb apache2-src_2.2.9-5_all.deb Greetings, Your Debian queue daemon -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Factorised code for adding a file in /etc/apache2/conf.d/ and restarting apache ?
On Sunday 06 July 2008, Russ Allbery wrote: > Stefan Fritsch <[EMAIL PROTECTED]> writes: > > On Saturday 05 July 2008, Charles Plessy wrote: > >> - if yes add a link to a configuration file in > >> /etc/apache2/conf.d > > > > You can add that file or the link unconditionally. > > That would really upset me if I were a systems administrator. Most > of my Apache configurations have multiple virtual hosts, and having > some package randomly add itself to the namespace of every virtual > host I run, possibly taking over pages that were currently serving > some other purpose, would be extremely annoying. I don't think it is ideal, but it seems to be quite common. At least 17 packages do it this way. Therefore an administrator cannot assume that packages won't add apache config files anyway. More experienced administrators will have no problems changing the include directive to something like "include /etc/apache2/conf.d-enabled" and create symlinks to the files in conf.d that they want enabled globally. And people with many virtual hosts are more likely to be experienced administrators than those with only one. Of course it would be a good idea to discuss this and create a standard policy, but this will not happen for lenny, obviously. Cheers, Stefan -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Factorised code for adding a file in /etc/apache2/conf.d/ and restarting apache ?
Le Mon, Jul 07, 2008 at 04:05:54PM +0200, Mike Hommey a écrit : > > Why not have your package create its own apache instance, with its own > config and its own port ? Probably because I have no clue on how doing this cleanly ;) But why not? An in that case, why not something lighter than Apache… Have a nice day, -- Charles Plessy Debian-Med packaging team, Tsurumi, Kanagawa, Japan -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Factorised code for adding a file in /etc/apache2/conf.d/ and restarting apache ?
On Mon, Jul 07, 2008 at 10:51:47PM +0900, Charles Plessy <[EMAIL PROTECTED]> wrote: > Le Sun, Jul 06, 2008 at 11:05:27AM -0700, Russ Allbery a écrit : > > Stefan Fritsch <[EMAIL PROTECTED]> writes: > > > On Saturday 05 July 2008, Charles Plessy wrote: > > > > >> - if yes add a link to a configuration file in /etc/apache2/conf.d > > > > > You can add that file or the link unconditionally. > > > > That would really upset me if I were a systems administrator. Most of my > > Apache configurations have multiple virtual hosts, and having some package > > randomly add itself to the namespace of every virtual host I run, possibly > > taking over pages that were currently serving some other purpose, would be > > extremely annoying. > > > > I'd want at least a debconf prompt before something added itself to the > > global Apache configuration. > > Well, it definitely makes sense, but it makes me wonder if my goal is > achievable. The frontend I package is as useful on purely local systems > (a laptop for instance) as on servers (indeed if you search for `emboss > explorer' you will find sites running it). So if the package does things > automatically, it can annoy system administrators who run it on a > dedicated web server. But if the package pulls apache2 and installs its > configuration automatically, end users will benefit of it as just > another graphical interface, with the only peculiarity that it needs a > browser to be used. > > How can this conflict of interest be solved? EMBOSS explorer is a nice > interface, and I really would like to provide to end users with no > command-line interactions with the system. How about making it available > only for localhost by default? Why not have your package create its own apache instance, with its own config and its own port ? [ Unfortunately, apache will also be running by itself, because we still lack something to handle that. Same applies with gnome-user-share ] Mike -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Factorised code for adding a file in /etc/apache2/conf.d/ and restarting apache ?
On Mon, 2008-07-07 at 22:51 +0900, Charles Plessy wrote: > How can this conflict of interest be solved? I would start with the assumption that people installing your package actually want it. Then I'd look at the most common use case in such a scenario and make that the default answer in debconf. Richard signature.asc Description: This is a digitally signed message part
Bug#391280: apache2-mpm-prefork: doesn't bind to IPv4 socket when IPv6 enabled
On Sat, Jun 07, 2008 at 03:46:23PM +0200, Stefan Fritsch wrote: >> Yup, that's my case. >> #v+ >> [EMAIL PROTECTED] ~]% /sbin/sysctl net.ipv6.bindv6only >> net.ipv6.bindv6only = 1 >> #v- >> >>> Maybe we should put a hint in README.Debian that our apache supports >>> only net.ipv6.bindv6only = 0 at the moment. >> >> Please don't require reconfiguring whole system. If it's only >> configuration supported by apache, maybe it should setsockopt >> (IPV6_V6ONLY) its sockets? This way it could revert to >> net.ipv6.bindv6only=0 only on its sockets, without touching rest of >> system. > > if you have the time, you could try recompiling apache2 with the line > "017_fix_ipv6" removed from the file debian/patches/00list and check if that > fixes the problem. Yes, with the patch removed everything works fine. I have tested two configurations, one with #v+ Listen [::]:80 Listen 0.0.0.0:80 #v- and one with Listen [::]:80 only (both with net.ipv6.bindv6only = 1). Apache behaves identically in both cases and listens only on [::]:80, but accepts also IPv4 connections (so it sets IPV6_V6ONLY). Thanks for identifying cause of problem and sorry for late reply, Jarek. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Factorised code for adding a file in /etc/apache2/conf.d/ and restarting apache ?
Le Sun, Jul 06, 2008 at 11:05:27AM -0700, Russ Allbery a écrit : > Stefan Fritsch <[EMAIL PROTECTED]> writes: > > On Saturday 05 July 2008, Charles Plessy wrote: > > >> - if yes add a link to a configuration file in /etc/apache2/conf.d > > > You can add that file or the link unconditionally. > > That would really upset me if I were a systems administrator. Most of my > Apache configurations have multiple virtual hosts, and having some package > randomly add itself to the namespace of every virtual host I run, possibly > taking over pages that were currently serving some other purpose, would be > extremely annoying. > > I'd want at least a debconf prompt before something added itself to the > global Apache configuration. Well, it definitely makes sense, but it makes me wonder if my goal is achievable. The frontend I package is as useful on purely local systems (a laptop for instance) as on servers (indeed if you search for `emboss explorer' you will find sites running it). So if the package does things automatically, it can annoy system administrators who run it on a dedicated web server. But if the package pulls apache2 and installs its configuration automatically, end users will benefit of it as just another graphical interface, with the only peculiarity that it needs a browser to be used. How can this conflict of interest be solved? EMBOSS explorer is a nice interface, and I really would like to provide to end users with no command-line interactions with the system. How about making it available only for localhost by default? Have a nice day, -- Charles -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]