Re: protocol/2107: Additional arguments for fixing PR#1464 (Range: 0- bug)
At 03:28 PM 5/6/98 -0700, Brian Behlendorf wrote: First I wanted to say, you're right, a request with a Range: bytes=0- in the header will not have a Accept-Range: bytes in the response, in the current CVS code. That can easily be changed - I currently think the way to change it is just to always send Accept-Range: bytes when an ETag and Last-Modified header are sent. Thoughts? Oh yeah, let me know if www.apache.org behaves how you'd like it to behave :) Brian --=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-- pure chewing satisfaction [EMAIL PROTECTED] [EMAIL PROTECTED]
Re: mod_auth-any/2198: Need a way to do radius based authentication
[In order for any reply to be added to the PR database, ] [you need to include [EMAIL PROTECTED] in the Cc line ] [and leave the subject line UNCHANGED. This is not done] [automatically because of the potential for mail loops. ] Synopsis: Need a way to do radius based authentication State-Changed-From-To: open-closed State-Changed-By: brian State-Changed-When: Wed May 6 18:02:47 PDT 1998 State-Changed-Why: Interesting module, I know people have been asking for it. But rather than report this in the bug database, it'd be better to list it in the module registry. Actually, it looks like there's another radius module there, I suppose having two can't hurt. :) Thanks.
Re: mod_proxy/1472: extra headers on POST method CGI returns
[In order for any reply to be added to the PR database, ] [you need to include [EMAIL PROTECTED] in the Cc line ] [and leave the subject line UNCHANGED. This is not done] [automatically because of the potential for mail loops. ] Synopsis: extra headers on POST method CGI returns State-Changed-From-To: feedback-closed State-Changed-By: brian State-Changed-When: Wed May 6 18:04:22 PDT 1998 State-Changed-Why: User reports the problem no longer exists.
Re: os-solaris/2185: 'apachectl restart' or 'apachectl graceful' causes httpd to die.
Further investigation revealed that it belongs to 'rotatelogs', which I use for all my logging. Rotatelogs does not install a signal handler for SIGTERM--is this the problem? Sounds like an obvious question, but if you don't use rotatelogs, does your system still hang/die? Brian --=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-- pure chewing satisfaction [EMAIL PROTECTED] [EMAIL PROTECTED]
Re: mod_proxy/1472: extra headers on POST method CGI returns
The following reply was made to PR mod_proxy/1472; it has been noted by GNATS. From: Dan Stephans II [EMAIL PROTECTED](by way of Brian Behlendorf [EMAIL PROTECTED]) To: [EMAIL PROTECTED] Cc: Subject: Re: mod_proxy/1472: extra headers on POST method CGI returns Date: Wed, 06 May 1998 18:12:46 -0700 Sorry, I should have closed this out. Strangely, it could have been partly apache's fault (although I could find no indication in the source) but it was an interaction with TIS Gauntlet 4.0's http proxy. Cheers, Dan On 6 May 1998 [EMAIL PROTECTED] wrote: [In order for any reply to be added to the PR database, ] [you need to include [EMAIL PROTECTED] in the Cc line ] [and leave the subject line UNCHANGED. This is not done] [automatically because of the potential for mail loops. ] Synopsis: extra headers on POST method CGI returns State-Changed-From-To: open-feedback State-Changed-By: brian State-Changed-When: Tue May 5 19:56:01 PDT 1998 State-Changed-Why: it's been a couple months now... did you determine what was causing this? are you sure it's a flaw in Apache? we haven't seen any other reports of this.
Re: os-solaris/2185: 'apachectl restart' or 'apachectl graceful' causes httpd to die.
The following reply was made to PR os-solaris/2185; it has been noted by GNATS. From: Brian Behlendorf [EMAIL PROTECTED] To: C. R. Oldham [EMAIL PROTECTED] Cc: [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: os-solaris/2185: 'apachectl restart' or 'apachectl graceful' causes httpd to die. Date: Wed, 06 May 1998 18:16:50 -0700 Further investigation revealed that it belongs to 'rotatelogs', which I use for all my logging. Rotatelogs does not install a signal handler for SIGTERM--is this the problem? Sounds like an obvious question, but if you don't use rotatelogs, does your system still hang/die? Brian --=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-- pure chewing satisfaction [EMAIL PROTECTED] [EMAIL PROTECTED]
Re: mod_log-any/2190: Incomplete reansfer log (fwd)
The following reply was made to PR mod_log-any/2190; it has been noted by GNATS. From: Marc Slemko [EMAIL PROTECTED] To: Apache bugs database [EMAIL PROTECTED] Cc: Subject: Re: mod_log-any/2190: Incomplete reansfer log (fwd) Date: Wed, 6 May 1998 23:40:04 -0600 (MDT) -- Forwarded message -- Date: Wed, 06 May 1998 23:13:11 +0200 From: Len Padilla [EMAIL PROTECTED] To: Marc Slemko [EMAIL PROTECTED] Subject: Re: mod_log-any/2190: Incomplete reansfer log Marc Slemko wrote: On 6 May 1998, Len Padilla wrote: Number: 2190 Category: mod_log-any Synopsis: Incomplete reansfer log Confidential: no Severity: non-critical Priority: medium Responsible:apache State: open Class: sw-bug Submitter-Id: apache Arrival-Date: Wed May 6 00:40:02 PDT 1998 Last-Modified: Originator: [EMAIL PROTECTED] Organization: apache Release:1.3b6 Environment: Linux pc2 2.0.33 #12 Mon May 4 12:37:06 CEST 1998 i586 unknown gcc 2.7.2, Apache 1.3b6 (w/PHP-RC4) Description: Some transfer log entries contain only the first byte (3 digits) of the client ip address. 194 - - [06/May/1998:09:28:31 +0200] GET /index.html HTTP/1.0 200 1215 How often does this happen? Do you have HostnameLookups enabled? If so, are you sure this isn't just that the reverse DNS for the address in question is bogusly configured to return a hostname of 194? Are they always the same address or do they differ? Marc, I have HostnameLookups off. This behavior appears with accesses from many hosts. From the same browsing session, some are complete (e.g. 194.123.123.123) and some are truncted (e.g. 194). Today, 3800 out of 25000 were truncated. I'm running apache 1.3b6 with PHP3RC4, mod_auth_mysql, mod_log_mysql and other standard modules. Thanks for Apache, Len -- Len Padilla [EMAIL PROTECTED] WWW.Padilla.Net
Re: os-bsdi/2196: do not #include signal.h
The following reply was made to PR os-bsdi/2196; it has been noted by GNATS. From: Marc Slemko [EMAIL PROTECTED] To: Jon Drukman [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: os-bsdi/2196: do not #include signal.h Date: Wed, 6 May 1998 23:51:29 -0600 (MDT) On 6 May 1998, Jon Drukman wrote: BSDI BSD/OS 2.1 gcc version 2.7.2 Description: in include/conf.h and modules/standard/mod_rewrite.h you are including signal.h. this causes a declaration conflict for sys_siglist, which is also provided in unistd.h. How-To-Repeat: Fix: i commented out #include signal.h in include/conf.h and modules/standard/mod_rewrite.h but i bet you guys can figure out how to make it not get in those files in the first place. :) Erm... is that the gcc that came with your system or did you install it yourself? Does compiling the following program: #include signal.h #include unistd.h int main () { } give the same error? If so, that isn't anything wrong with Apache but something broken with your header files. I really don't think that BSD/OS is broken like that and Apache has been including both for a long time.
general/2199: couldn't start apache webserver using apachectl
Number: 2199 Category: general Synopsis: couldn't start apache webserver using apachectl Confidential: no Severity: non-critical Priority: medium Responsible:apache State: open Class: doc-bug Submitter-Id: apache Arrival-Date: Wed May 6 23:10:01 PDT 1998 Last-Modified: Originator: [EMAIL PROTECTED] Organization: apache Release:1.3b6 Environment: SUn O.S. 5.6(Ultra II), gcc 2.8.0 Description: Based on INSTALL instruction, I do not have to fix the permission or whatever before trying PREFIX/sbin/apachectl start to test the new webserver. But I got two obstacles... One: They ask me to manually set the ServerName on my httpd.conf... Two: fopen Permission denied error... couldnot open error_logs /usr/local/apache.. I have installed the webserver as root user BTW. How-To-Repeat: Fix: Audit-Trail: Unformatted: [In order for any reply to be added to the PR database, ] [you need to include [EMAIL PROTECTED] in the Cc line ] [and leave the subject line UNCHANGED. This is not done] [automatically because of the potential for mail loops. ]
Re: general/2187: web server running 1 hour ahead of the server itself
The following reply was made to PR general/2187; it has been noted by GNATS. From: Marc Slemko [EMAIL PROTECTED] To: Jonathan Roy [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: general/2187: web server running 1 hour ahead of the server itself Date: Wed, 6 May 1998 23:54:02 -0600 (MDT) On 6 May 1998, Jonathan Roy wrote: [EMAIL PROTECTED] (25) % uname -a SunOS sinistar 5.5 Generic_103093-06 sun4m sparc SUNW,SPARCstation-20 Description: DATE_LOCAL in an ssi echo command was printing May 6 when it was still May 5. Couldn't figure out what was wrong or how to change the effective time zone of the server, so we just restarted it. error_log has: [Wed May 6 00:21:15 1998] [notice] httpd: caught SIGTERM, shutting down [Tue May 5 23:21:31 1998] [notice] Apache/1.3b5 configured -- resuming normal operations When did this start happening? Was it when Apache was started or while it was running? Are you sure no one with their on TZ environment variable set started Apache at any time? I am really doubtful that Apache is doing anything wrong because it just uses the OS's supplied routines...
general/2200: source html code is shown but not the page
Number: 2200 Category: general Synopsis: source html code is shown but not the page Confidential: no Severity: non-critical Priority: medium Responsible:apache State: open Class: sw-bug Submitter-Id: apache Arrival-Date: Thu May 7 00:10:00 PDT 1998 Last-Modified: Originator: [EMAIL PROTECTED] Organization: apache Release:1.2 Environment: NT Description: Our apache server is running ok Our NT environment is running ok Browser used: MSIE 3.01 is working ok but when upgrading to MSIE 4.0 and when you surf to our page you get a blank screen but if you press view-source you do get the HTML code. The same problem gives netscape communicator How-To-Repeat: - Fix: no Audit-Trail: Unformatted: [In order for any reply to be added to the PR database, ] [you need to include [EMAIL PROTECTED] in the Cc line ] [and leave the subject line UNCHANGED. This is not done] [automatically because of the potential for mail loops. ]
Re: protocol/2107: Additional arguments for fixing PR#1464 (Range: 0- bug)
On Wed, May 06, 1998 at 04:23:50PM -0700, Brian Behlendorf wrote: At 03:28 PM 5/6/98 -0700, Brian Behlendorf wrote: First I wanted to say, you're right, a request with a Range: bytes=0- in the header will not have a Accept-Range: bytes in the response, in the current CVS code. That can easily be changed - I currently think the way to change it is just to always send Accept-Range: bytes when an ETag and Last-Modified header are sent. Thoughts? I agree with this variant. It seems the same thing should be fixed for v1.2.6 too, but I not check yet. Oh yeah, let me know if www.apache.org behaves how you'd like it to behave :) Yes, thanx. -- Andrey A. Chernov http://www.nagual.pp.ru/~ache/ MTH/SH/HE S-- W-- N+ PEC+ D A a++ C G+ QH+(++) 666+++ Y
general/2202: .cgi programs in user directories run without suexec
Number: 2202 Category: general Synopsis: .cgi programs in user directories run without suexec Confidential: no Severity: non-critical Priority: medium Responsible:apache State: open Class: sw-bug Submitter-Id: apache Arrival-Date: Thu May 7 02:20:01 PDT 1998 Last-Modified: Originator: [EMAIL PROTECTED] Organization: apache Release:1.2.6 Environment: Linux 2.0.30 gcc 2.7.2.3 Description: No answer required The presence or absence of suexec had no effect on whether user .cgi programs would run, nor did the specified owner in suexec.h make any difference. I'll figure it out myself, but just thought the report might interest you. Maybe I missed something about what suexec is supposed to do. How-To-Repeat: Run Apache with cgi enabled by the various items in the .conf files, but without suexec being present. Fix: ?? I don't know, maybe Apache is supposed to work this way! Audit-Trail: Unformatted: [In order for any reply to be added to the PR database, ] [you need to include [EMAIL PROTECTED] in the Cc line ] [and leave the subject line UNCHANGED. This is not done] [automatically because of the potential for mail loops. ]
Re: general/2201: N/a
The following reply was made to PR general/2201; it has been noted by GNATS. From: Dean Gaudet [EMAIL PROTECTED] To: John Summerfield [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: general/2201: N/a Date: Thu, 7 May 1998 02:18:37 -0700 (PDT) Unfortunately, the release is a freeform text field, and searching for bugs in 1.2.5 (for example) wouldn't show you everything in 1.2.5. The system just isn't sophisticated enough to track when particular bugs are fixed in a manner that would make this sort of query useful. Dean
general/2203: logresolve doesn't find all domains
Number: 2203 Category: general Synopsis: logresolve doesn't find all domains Confidential: no Severity: critical Priority: medium Responsible:apache State: open Class: support Submitter-Id: apache Arrival-Date: Thu May 7 04:10:00 PDT 1998 Last-Modified: Originator: [EMAIL PROTECTED] Organization: apache Release:1.2.5 Environment: Solaris 2.5.1 Description: I have a problem with logresolve. When I look at the statistics I got 53 not resolved names. logresolve Statistics: Entries: 5544 With name : 1 Resolves: 5543 - Not found : 53 Cache hits : 5489 Cache size : 54 Cache buckets : IP number * hostname 3195.207.1.112 : Host not found 8195.207.1.117 : Host not found 10195.207.1.119 : Host not found 13193.74.240.18 : Host not found 18195.207.1.127 : Host not found 21195.207.1.130 : Host not found 23193.190.148.4 : Host not found 31195.207.1.140 : Host not found 31 137.113.192.101 : Host not found 33 12.65.160.52 : Host not found 35 194.7.15.75 : Host not found 41195.238.9.111 : Host not found 44 195.95.4.6 : Host not found 47 209.1.32.61 : Host not found .. But when I do a nslookup from that same machine to e.g. 209.1.32.61 Server: nsip1.coi.be Address: 192.168.77.11 Name:ptest1.inktomi.com Address: 209.1.32.61 I got a name. Any idea what the problem is? How-To-Repeat: Fix: Audit-Trail: Unformatted: [In order for any reply to be added to the PR database, ] [you need to include [EMAIL PROTECTED] in the Cc line ] [and leave the subject line UNCHANGED. This is not done] [automatically because of the potential for mail loops. ]
Re: protocol/2056: No OS name in SERVER_VERSION - 1.3 must have, because now Apache is multi-platform
[In order for any reply to be added to the PR database, ] [you need to include [EMAIL PROTECTED] in the Cc line ] [and leave the subject line UNCHANGED. This is not done] [automatically because of the potential for mail loops. ] Synopsis: No OS name in SERVER_VERSION - 1.3 must have, because now Apache is multi-platform State-Changed-From-To: analyzed-closed State-Changed-By: coar State-Changed-When: Thu May 7 04:26:08 PDT 1998 State-Changed-Why: This will be possible with the AddVersionPlatform directive, which should be available in the next release after 1.3b6. Thanks for reporting this, and for using Apache!
Re: general/2187: web server running 1 hour ahead of the server itself
The following reply was made to PR general/2187; it has been noted by GNATS. From: Jonathan Roy [EMAIL PROTECTED] To: Marc Slemko [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: general/2187: web server running 1 hour ahead of the server itself Date: Thu, 07 May 1998 10:05:36 -0400 I believe the time was wrong during the whole web server execution. TZ is set to US/Central which is the right time zone. This problem may very well never happen again, but I figured I'd report it in case someone else ever experiances it as well, as an additional data point. -Jonathan At 11:54 PM 5/6/98 -0600, Marc Slemko wrote: On 6 May 1998, Jonathan Roy wrote: [EMAIL PROTECTED] (25) % uname -a SunOS sinistar 5.5 Generic_103093-06 sun4m sparc SUNW,SPARCstation-20 Description: DATE_LOCAL in an ssi echo command was printing May 6 when it was still May 5. Couldn't figure out what was wrong or how to change the effective time zone of the server, so we just restarted it. error_log has: [Wed May 6 00:21:15 1998] [notice] httpd: caught SIGTERM, shutting down [Tue May 5 23:21:31 1998] [notice] Apache/1.3b5 configured -- resuming normal operations When did this start happening? Was it when Apache was started or while it was running? Are you sure no one with their on TZ environment variable set started Apache at any time? I am really doubtful that Apache is doing anything wrong because it just uses the OS's supplied routines... -- Jonathan Roy - [EMAIL PROTECTED] - Idle Communications, Inc.
Re: general/2200: source html code is shown but not the page
Synopsis: source html code is shown but not the page State-Changed-From-To: open-analyzed State-Changed-By: marc State-Changed-When: Thu May 7 09:46:17 PDT 1998 State-Changed-Why: I'm sorry, I don't understand what you are trying to say. You say you are running Apache 1.2 on NT, but 1.2 doesn't runn on NT. What verison of Apache are you running? What platform are you running on? Can you give an example URL? Why do you think anything is wrong with Apache? Isn't it more likely your HTML is just messed up?
Re: general/2201: N/a
Synopsis: N/a State-Changed-From-To: open-closed State-Changed-By: marc State-Changed-When: Thu May 7 09:49:02 PDT 1998 State-Changed-Why: As Dean said, this really isn't practical with the whole structure of the current database. Even if it was, we really don't have the manpower to indicate in the PR what versions are impacted. Normally the reporter has no idea, and they can be in various versions and fixed at various times before or after they are reported. The CHANGES file of the most recent release is probably the best place to find things that were changed between releases, but it doesn't include everything. Not all bugs that are fixed are in the bug database either. Synopsis-Changed-From: N/a Synopsis-Changed-To: searching bugdb by platform Synopsis-Changed-By: marc Synopsis-Changed-When: Thu May 7 09:49:02 PDT 1998
Re: general/2201: searching bugdb by platform
Synopsis: searching bugdb by platform Synopsis-Changed-From: searching bugdb by platform Synopsis-Changed-To: searching bugdb by version Synopsis-Changed-By: marc Synopsis-Changed-When: Thu May 7 09:49:52 PDT 1998
Re: general/2202: .cgi programs in user directories run without suexec
Synopsis: .cgi programs in user directories run without suexec State-Changed-From-To: open-closed State-Changed-By: marc State-Changed-When: Thu May 7 09:52:34 PDT 1998 State-Changed-Why: If suexec isn't enabled, then of course CGIs in user directories don't run as the user. If it is enabled, they do. If you think you have it enabled and they aren't, then you probably haven't configured it correctly. Review the docs.
Re: os-bsdi/2196: do not #include signal.h (fwd)
The following reply was made to PR os-bsdi/2196; it has been noted by GNATS. From: Marc Slemko [EMAIL PROTECTED] To: Apache bugs database [EMAIL PROTECTED] Cc: Subject: Re: os-bsdi/2196: do not #include signal.h (fwd) Date: Thu, 7 May 1998 11:14:33 -0600 (MDT) -- Forwarded message -- Date: Thu, 07 May 1998 09:19:54 -0700 From: Jon Drukman [EMAIL PROTECTED] To: Marc Slemko [EMAIL PROTECTED] Subject: Re: os-bsdi/2196: do not #include signal.h Marc Slemko wrote: On 6 May 1998, Jon Drukman wrote: BSDI BSD/OS 2.1 gcc version 2.7.2 Description: in include/conf.h and modules/standard/mod_rewrite.h you are including signal.h. this causes a declaration conflict for sys_siglist, which is also provided in unistd.h. Fix: i commented out #include signal.h in include/conf.h and modules/standard/mod_rewrite.h but i bet you guys can figure out how to make it not get in those files in the first place. :) Erm... is that the gcc that came with your system or did you install it yourself? afaik it's the one that came with the system. Does compiling the following program: #include signal.h #include unistd.h int main () { } give the same error? yes. erehwon [2] gcc test.c In file included from test.c:2: /usr/local/lib/gcc-lib/i386-unknown-bsdi2.0.1/2.7.2/include/unistd.h:143: conflicting types for `sys_siglist' /usr/include/signal.h:50: previous declaration of `sys_siglist' If so, that isn't anything wrong with Apache but something broken with your header files. I really don't think that BSD/OS is broken like that and Apache has been including both for a long time. hrm. wacky. we've been using this gcc with apache since 1.0... well i'll see about upgrading gcc. thanks -- Jon Drukman[EMAIL PROTECTED] --- Plan: Eat right, exercise regularly, die anyway.
Re: general/2193: Images being served in an inconsistant manor (fwd)
The following reply was made to PR general/2193; it has been noted by GNATS. From: Marc Slemko [EMAIL PROTECTED] To: Apache bugs database [EMAIL PROTECTED] Cc: Subject: Re: general/2193: Images being served in an inconsistant manor (fwd) Date: Thu, 7 May 1998 11:42:47 -0600 (MDT) -- Forwarded message -- Date: Thu, 07 May 1998 10:26:45 -0500 From: Mark Recio [EMAIL PROTECTED] To: Marc Slemko [EMAIL PROTECTED] Subject: Re: general/2193: Images being served in an inconsistant manor I had writen you yesterday and said I thought all patches were installed. I checked with sunsite, and found that a cluster was released on May 2. I installed the patches, rebooted, and still the problem exists. Also in that time, I have further split the httpd that was serving 56 sites to 7 httpds with 8 sites each. That gives us a total of 11 different httpds running on the machine, 7 with 8, and 4 with 1. Do I need to recompile apache with the patches installed? Thanks, Mark Marc Slemko wrote: On 6 May 1998, Mark Recio wrote: Number: 2193 Category: general Synopsis: Images being served in an inconsistant manor Confidential: no Severity: serious Priority: medium Responsible:apache State: open Class: sw-bug Submitter-Id: apache Arrival-Date: Wed May 6 09:10:01 PDT 1998 Last-Modified: Originator: [EMAIL PROTECTED] Organization: apache Release:1.2.6 Environment: SunOS cas 5.5.1 Generic_103640-04 sun4m sparc SUNW,SPARCstation-5 Do you have the latest patch cluster from Sun applied? -- Mark I. Recio [EMAIL PROTECTED] C.I.O. - Web-Pros Inc. http://www.web-pros.com 800/266.0101 FAX 317/780.6554
Re: mod_proxy/2186: Garbage Colection Faults
The following reply was made to PR mod_proxy/2186; it has been noted by GNATS. From: Albaney Baylao [EMAIL PROTECTED] To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: mod_proxy/2186: Garbage Colection Faults Date: Thu, 07 May 1998 16:10:27 EST No, the problem continues. I changed the type of the variable, but the cache still grows forever. Thanks. __ Get Your Private, Free Email at http://www.hotmail.com
Re: mod_proxy/2186: Garbage Colection Faults
The following reply was made to PR mod_proxy/2186; it has been noted by GNATS. From: Marc Slemko [EMAIL PROTECTED] To: Albaney Baylao [EMAIL PROTECTED] Cc: Apache bugs database [EMAIL PROTECTED] Subject: Re: mod_proxy/2186: Garbage Colection Faults Date: Thu, 7 May 1998 13:44:49 -0600 (MDT) On 7 May 1998, Albaney Baylao wrote: The following reply was made to PR mod_proxy/2186; it has been noted by GNATS. From: Albaney Baylao [EMAIL PROTECTED] To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: mod_proxy/2186: Garbage Colection Faults Date: Thu, 07 May 1998 16:10:27 EST No, the problem continues. I changed the type of the variable, but the cache still grows forever. Show me the directives in your config file relating to the proxy. How big do you think the cache should grow to? How big is it growing? How are you determining the size?
Re: general/2193: Images being served in an inconsistant manor (fwd)
The following reply was made to PR general/2193; it has been noted by GNATS. From: Marc Slemko [EMAIL PROTECTED] To: Apache bugs database [EMAIL PROTECTED] Cc: Subject: Re: general/2193: Images being served in an inconsistant manor (fwd) Date: Thu, 7 May 1998 13:43:26 -0600 (MDT) -- Forwarded message -- Date: Thu, 07 May 1998 14:27:38 -0500 From: Mark Recio [EMAIL PROTECTED] To: Marc Slemko [EMAIL PROTECTED] Subject: Re: general/2193: Images being served in an inconsistant manor Here is update #2. I have installed compiled gcc 2.8.1 and recompiled apache 1.2.6 (it's smaller then with the previous rev of gcc) The problem still exists. Thanks, Mark Marc Slemko wrote: On 6 May 1998, Mark Recio wrote: Number: 2193 Category: general Synopsis: Images being served in an inconsistant manor Confidential: no Severity: serious Priority: medium Responsible:apache State: open Class: sw-bug Submitter-Id: apache Arrival-Date: Wed May 6 09:10:01 PDT 1998 Last-Modified: Originator: [EMAIL PROTECTED] Organization: apache Release:1.2.6 Environment: SunOS cas 5.5.1 Generic_103640-04 sun4m sparc SUNW,SPARCstation-5 Do you have the latest patch cluster from Sun applied? -- Mark I. Recio [EMAIL PROTECTED] C.I.O. - Web-Pros Inc. http://www.web-pros.com 800/266.0101 FAX 317/780.6554
Re: general/2202: .cgi programs in user directories run without suexec
The following reply was made to PR general/2202; it has been noted by GNATS. From: Marc Slemko [EMAIL PROTECTED] To: J. M. Hinkle [EMAIL PROTECTED] Cc: Apache bugs database [EMAIL PROTECTED] Subject: Re: general/2202: .cgi programs in user directories run without suexec Date: Thu, 7 May 1998 14:23:41 -0600 (MDT) suexec sets things up so that CGIs run as a different user than what the web server runs as. This is done through either virtualhosts with user and group directives or through ~userdir requests. Without suexec, the normal way to do things is that all CGIs are executed by the user the web server runs as. This is perfectly acceptable in many environments and is not necessarily a security risk. If people want ~userdir CGIs to run as the user instead, they have to use suexec. If they don't, they don't run suexec and CGIs run as they always have on nearly every Unix web server in the history of the web. On Thu, 7 May 1998, J. M. Hinkle wrote: At 04:52 PM 5/7/98 -, you wrote: Synopsis: .cgi programs in user directories run without suexec If it is enabled, they do. If you think you have it enabled and they aren't, then you probably haven't configured it correctly. Review the docs. I realize you don't want to rehash stuff to a user, but are we miscommunicating here? The point I was trying to make is that this Apache will run user level .cgi programs whether or not suexec is even present, much less configured correctly. Isn't the point of suexec to protect the system by conditionally running .cgi programs? The upshot is that suexec does nothing, it is not needed to run user level .cgi programs. The inference I get from the docs is that is not the way Apache is supposed to work. Now I'm really confused about why so much is made of suexec in the docs and is provided. .cgi programs in a user directory work without suexec being even available to run. How can suexec be enabled without even existing? If you mean ExecCGI enabled, that is not present anywhere in these .conf files, yet .cgi programs in a user directory run anyway. I just thought this might be a serious security issue, but somehow I have to refigure what is meant by that regarding .cgi programs in user directories. After using Apache for a year or so, and going over and over the docs, what I read and what I see just don't match up. Sorry to bother you. jmh
Re: mod_proxy/2186: Garbage Colection Faults
The following reply was made to PR mod_proxy/2186; it has been noted by GNATS. From: Albaney Baylao [EMAIL PROTECTED] To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: mod_proxy/2186: Garbage Colection Faults Date: Thu, 07 May 1998 18:09:05 EST Show me the directives in your config file relating to the proxy. The directives follows: ProxyRequests on ProxyRemote ftp://* http://proxy.rio.com.br:3128 ProxyRemote http://* http://proxy.rio.com.br:3128 CacheRoot /var/lib/httpd/cache CacheSize 102400 CacheGcInterval 2 CacheMaxExpire 24 How big do you think the cache should grow to? 100 Mb plus any files created in the last 2 hours. My network isn´t hard-used. The size shouldn´t above 200 Mb. How big is it growing? Still growing forever. I Discovered this when the hard-disk was full. (1 Gb) How are you determining the size? Using the command du -s /var/lib/httpd/cache __ Get Your Private, Free Email at http://www.hotmail.com
Re: general/2202: .cgi programs in user directories run without suexec (fwd)
The following reply was made to PR general/2202; it has been noted by GNATS. From: Marc Slemko [EMAIL PROTECTED] To: Apache bugs database [EMAIL PROTECTED] Cc: Subject: Re: general/2202: .cgi programs in user directories run without suexec (fwd) Date: Thu, 7 May 1998 16:14:48 -0600 (MDT) -- Forwarded message -- Date: Thu, 07 May 1998 15:07:44 -0700 From: J. M. Hinkle [EMAIL PROTECTED] To: Marc Slemko [EMAIL PROTECTED] Subject: Re: general/2202: .cgi programs in user directories run without suexec Thank you very much for your reply! At 02:23 PM 5/7/98 -0600, you wrote: CGIs run as they always have [ in userdirs ] on nearly every Unix web server in the history of the web. Something new every day. I always thought that cgi was permissible only from ServerRoot until suexec came along. I always used suexec here, so never noticed, especially since the only ISP I ever used announced once that cgi was available in userdirs as if it were a new thing. That's what led me to installing Apache on local machines in the first place (I had no servers before that). NOW it's all clear. Sigh. Again, sorry to trouble you. jmh