RE: [EMAIL PROTECTED] Using env vars to compliment logging

[Boyle Owen]

> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of 
> Joshua Slive
> Sent: Wednesday, August 02, 2006 1:31 AM
> To: users@httpd.apache.org
> Subject: Re: [EMAIL PROTECTED] Using env vars to compliment logging
> 
> On 8/1/06, Dan Trainor <[EMAIL PROTECTED]> wrote:
> > Hello, all -
> >
> > For sake of trying to sound clever, I'll just flat-out say what I'm
> > looking for, instead of using a real example.
> >
> > We use a wildcard approach in a VirtualHost container to accept
> > requests, and it works quite well.  However, I am having 
> trouble making
> > logs for each actual server name which I'm serving.
> >
> > Ideally I'd like something such as:
> >
> > Customlog /path/to/logs/$HTTP_HOST-access.log combined
> >
> > to create /path/to/logs/domain.tld-access.log.
> >
> > Do I have this flexibility, or would I have to consider 
> alternate routes?
> 
> No, you can't use env variables in CustomLog definitions.  
> The docs are here:
> http://httpd.apache.org/docs/2.2/logs.html#accesslog
> 
> You have two choices:
> 
> 1. Put everything into one logfile and split it later using something
> like the split-logfile program included with apache.
> 
> 2. Put a separate CustomLog directive in each  section.

If I understood the OP correctly, he wants ever more fine-grained
control than that - he wants separate logs for different ServerAliases
*within* a VH... ("wildcard approach in a VirtualHost container").

That can't be done and you'd have to define a separate VH for each alias
(ie, expand the aliases into full VHs). As described in (1) above, the
better approach is to parse a global logfile later - you can put the
hostname into the LogFoprmat with %{Host}i.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 


> 
> Joshua.
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>"   from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. No confidentiality or privilege 
is waived or lost by any mistransmission. If you receive this message in error, 
please notify the sender urgently and then immediately delete the message and 
any copies of it from your system. Please also immediately destroy any 
hardcopies of the message. You must not, directly or indirectly, use, disclose, 
distribute, print, or copy any part of this message if you are not the intended 
recipient. The sender's company reserves the right to monitor all e-mail 
communications through their networks. Any views expressed in this message are 
those of the individual sender, except where the message states otherwise and 
the sender is authorised to state them to be the views of the sender's company.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] Confused with VirtualHosts & Global ServerName/DocumentRoot

[Brandon Fosdick]

Boyle Owen wrote:
> Then the only "global" directives (ie, outside VHs) should be those that
> are truly global and meant to apply to all VHs.

I tend to follow the same policy, however I've noticed that when I don't set a 
global ServerName I get startup errors like "httpd: Could not reliably 
determine the server's fully qualified domain name, using example.com for 
ServerName". Although it never says "example.com", it shows whatever hostname 
returns. The error doesn't appear to cause any problems, it's just mildly 
annoying.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] Confused with VirtualHosts & Global ServerName/DocumentRoot

[Boyle Owen]

> -Original Message-
> From: Ro BGCT [mailto:[EMAIL PROTECTED] 
> Sent: Wednesday, August 02, 2006 8:04 AM
> To: users@httpd.apache.org
> Subject: [EMAIL PROTECTED] Confused with VirtualHosts & Global 
> ServerName/DocumentRoot
> 
> Hello,
> 
> I'm confused on how to setup named-based virtual hosts correctly.  I
> know that the first  directive will be the default one,
> but what am I supposed to do with the global ServerName, DocumentRoot,
> etc.  Wouldn't it be redundant to have them listed again in the first
> ?

As soon as you start using virtual hosts, it is better to forget all
about "global" ServerName, DocumentRoot, etc. - ie, put everything in a
well-defined VH. Then you have only one "default" which you rightly have
deduced is the first one.

Then the only "global" directives (ie, outside VHs) should be those that
are truly global and meant to apply to all VHs.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

> 
> If it is supposed to be in both the global ServerName/DocumentRoot and
> , which section should I use for adding things such as
>  and  to that one website?  If I put it in the
> global config, then it would apply to any virtual host that doesn't
> have them defined in their .  So should I then have only
> ServerName, DocumentRoot, and things like denying .htaccess viewing in
> the global config, and then move the  and related
> directives for the main site into its first ?
> 
> Thanks for any help.  Sorry if this is confusing.  I'm not sure if I
> explained myself right.
> 
> Ro
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>"   from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. No confidentiality or privilege 
is waived or lost by any mistransmission. If you receive this message in error, 
please notify the sender urgently and then immediately delete the message and 
any copies of it from your system. Please also immediately destroy any 
hardcopies of the message. You must not, directly or indirectly, use, disclose, 
distribute, print, or copy any part of this message if you are not the intended 
recipient. The sender's company reserves the right to monitor all e-mail 
communications through their networks. Any views expressed in this message are 
those of the individual sender, except where the message states otherwise and 
the sender is authorised to state them to be the views of the sender's company.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] message /var/logs/messages

[Boyle Owen]

> -Original Message-
> From: Mididoc Productions [mailto:[EMAIL PROTECTED] 
> Sent: Tuesday, August 01, 2006 6:02 PM
> To: users@httpd.apache.org
> Subject: [EMAIL PROTECTED] message /var/logs/messages
> 
> hello,
> 
> my name is mike roland and i have a question as i'm a new learner:
> 
> we have a vps server and find a message in /var/logs/messages
> which we don't understand:
> 
> Aug  1 00:05:52 mail vsapd[27368]: untie attempted while 1 
> inner references
> still exist at
> /usr/local/lib/perl5/vendor_perl/5.8.4/VSAP/Server/Modules/vsa
> p/sys/logs.pm

Is a "vps server" something to do with apache? Anyway, this is just some
buggy code in the perl module... BTW, First step in learning more about
obscure error messages is to cut'n'paste them into Google...

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 


> line 256,  line 3.
> Aug  1 00:06:36 mail vsapd[27369]: untie attempted while 1 
> inner references
> still exist at
> /usr/local/lib/perl5/vendor_perl/5.8.4/VSAP/Server/Modules/vsa
> p/sys/logs.pm
> line 256,  line 3.
> Aug  1 00:07:35 mail vsapd[27369]: untie attempted while 1 
> inner references
> still exist at
> /usr/local/lib/perl5/vendor_perl/5.8.4/VSAP/Server/Modules/vsa
> p/sys/logs.pm
> line 256,  line 3.
> 
> Aug  1 00:12:23 mail vsapd[28063]: untie attempted while 1 
> inner references
> still exist at
> /usr/local/lib/perl5/vendor_perl/5.8.4/VSAP/Server/Modules/vsa
> p/sys/logs.pm
> line 256,  line 3.
> 
> 
> could anybody perhaps tell us, what is the reason,and what we 
> have to do?
> 
> thank you very much
> 
> mike
> 
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>"   from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. No confidentiality or privilege 
is waived or lost by any mistransmission. If you receive this message in error, 
please notify the sender urgently and then immediately delete the message and 
any copies of it from your system. Please also immediately destroy any 
hardcopies of the message. You must not, directly or indirectly, use, disclose, 
distribute, print, or copy any part of this message if you are not the intended 
recipient. The sender's company reserves the right to monitor all e-mail 
communications through their networks. Any views expressed in this message are 
those of the individual sender, except where the message states otherwise and 
the sender is authorised to state them to be the views of the sender's company.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] sh permission denied

[Boyle Owen]

> -Original Message-
> From: Mark McDowall [mailto:[EMAIL PROTECTED] 
> Sent: Tuesday, August 01, 2006 2:36 PM
> To: users@httpd.apache.org
> Subject: [EMAIL PROTECTED] sh permission denied
> 
> I am new to apache and am having problems.
> 
> The problem that I am having is that when I run a cgi script 
> (Python), it is able to return the information from the MySQL 
> database, but when it is asked to run an external program 
> (clustalw), it is unable to find the command.
> 
> When I run the scripts through command line I am able to run 
> the program and the 'clustalw' command works.   I have even 
> altered the command line to specify the exact path and I get 
> the following error message.
> 
> The error that is recorded within the error_log file is:
> [error] [client 127.0.0.1] sh: 
> /usr/*/clustalw1.83/clustalw: Permission denied 
> 
> I use Apache 2.0.52 running CentOS4 (Fedora Core 4).
> 
> I have tried searching the forums, but to no avail.   I have 
> tried creating a new  section that has the path 
> of the program, this did not work, I have changed the user 
> name and group to my own, which does have the correct 
> permission, but I get the same result.

Do you mean that you set the apache "User" and "Group" directives to be
the same as your account?

Do you obtain any additional privileges as a result of login scripts,
etc? If so, these are not executed when apache forks a process to run an
external program.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored.  

> 
> Hope to hear from someone soon,
> 
> Mark
> 
> -- 
> Mark McDowall
> E-mail: [EMAIL PROTECTED] 
> WWW: http://www-users.york.ac.uk/~mm526 
>  
> WWW: http://bionet.0catch.com 
>
 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. No confidentiality or privilege 
is waived or lost by any mistransmission. If you receive this message in error, 
please notify the sender urgently and then immediately delete the message and 
any copies of it from your system. Please also immediately destroy any 
hardcopies of the message. You must not, directly or indirectly, use, disclose, 
distribute, print, or copy any part of this message if you are not the intended 
recipient. The sender's company reserves the right to monitor all e-mail 
communications through their networks. Any views expressed in this message are 
those of the individual sender, except where the message states otherwise and 
the sender is authorised to state them to be the views of the sender's company.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED] flock and accept http filter

[Chris]

Hi I am running the following configuration

freebsd 6.1
accept http and accept data filters in kernel
apache 2.2.3
php 5.1.4
eaccelerator 1.5b2
prefork mpm
keepalive off
mysql 4.1

the server runs apache normally for a random amount of time usually
short 5-30mins and then suddenly all the process go idle using 0% cpu,
I notice its using the same as maclients is set to which is 150 but
they just sitting dorment, ram isnt maxed no swap been used.  They are
all also in the flock status.  Restarting apache gets it going again
until it repeats.  On restart failure to load httpready shows in logs.
I tried removing accept http from the kernel and loading as module
but same problem, and the module refuses to unload after as well like
its in a hung state, so now I am running with just accept data.

Is flock better state then sbwait?
Is there a known bug with apache 2.2.x with the accept http filters on freebsd?
is there easy way to confirm the filters are working?

thanks

Chris

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED] Confused with VirtualHosts & Global ServerName/DocumentRoot

[Ro BGCT]

Hello,

I'm confused on how to setup named-based virtual hosts correctly.  I
know that the first  directive will be the default one,
but what am I supposed to do with the global ServerName, DocumentRoot,
etc.  Wouldn't it be redundant to have them listed again in the first
?

If it is supposed to be in both the global ServerName/DocumentRoot and
, which section should I use for adding things such as
 and  to that one website?  If I put it in the
global config, then it would apply to any virtual host that doesn't
have them defined in their .  So should I then have only
ServerName, DocumentRoot, and things like denying .htaccess viewing in
the global config, and then move the  and related
directives for the main site into its first ?

Thanks for any help.  Sorry if this is confusing.  I'm not sure if I
explained myself right.

Ro

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED] Vitualhosts ssl and apache2

[David Pratt]

Hi I have a couple of questions. I am trying to set up my ssl on zope3 
with apache2. I have zope (twisted) running on port 8080 and a secure 
server running on port 8443.  My sites are folders in the zope root. The 
virtual host setup is below. The virtual hosts work fine on port 80 
using www.mydomain.com and www.mydomain1.com


The virtual hosts fail on https://www.mydomain.com and 
https://www.mydomain1.com


In my error log I have the errors:
proxy: error reading status line from remote server 127.0.0.1
proxy: Error reading from remote server returned by /

Can someone provide advice on properly configuring the secure virtual 
hosts. Many thanks.





  ServerName www.mydomain.com
  ServerAlias am11727372.mydomain.com mydomain.com
  RewriteEngine On
  RewriteRule ^/(.*) 
http://127.0.0.1:8080/am11727372/++vh++http:%{SERVER_NAME}:80/++/$1 [L,P]




  ServerName www.mydomain1.com
  ServerAlias am12704055.mydomain1.com mydomain1.com
  RewriteEngine On
  RewriteRule ^/(.*) 
http://127.0.0.1:8080/am12704055/++vh++http:%{SERVER_NAME}:80/++/$1 [L,P]




  ServerName www.mydomain.com
  ServerAlias am11727372.mydomain.com mydomain.com
  RewriteEngine On
  RewriteRule ^/(.*) 
http://127.0.0.1:8443/am11727372/++vh++http:%{SERVER_NAME}:443/++/$1 [L,P]




  ServerName www.mydomain1.com
  ServerAlias am12704055.mydomain1.com mydomain1.com
  RewriteEngine On
  RewriteRule ^/(.*) 
http://127.0.0.1:8443/am12704055/++vh++http:%{SERVER_NAME}:443/++/$1 [L,P]



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] Child pid

[Joshua Slive]

On 8/1/06, Mididoc Productions <[EMAIL PROTECTED]> wrote:

hello, all,

could anybody tell me please what this message in apache error_log means:

[Tue Aug  1 22:33:20 2006] [notice] child pid 78700 exit signal Segmentation
fault (11)

thanks for a tip


Something bad happened.  In specific, there is an error in the code
someplace.  To debug, see:
http://httpd.apache.org/dev/debugging.html#crashes

Joshua.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] Using env vars to compliment logging

[Joshua Slive]

On 8/1/06, Dan Trainor <[EMAIL PROTECTED]> wrote:

Hello, all -

For sake of trying to sound clever, I'll just flat-out say what I'm
looking for, instead of using a real example.

We use a wildcard approach in a VirtualHost container to accept
requests, and it works quite well.  However, I am having trouble making
logs for each actual server name which I'm serving.

Ideally I'd like something such as:

Customlog /path/to/logs/$HTTP_HOST-access.log combined

to create /path/to/logs/domain.tld-access.log.

Do I have this flexibility, or would I have to consider alternate routes?


No, you can't use env variables in CustomLog definitions.  The docs are here:
http://httpd.apache.org/docs/2.2/logs.html#accesslog

You have two choices:

1. Put everything into one logfile and split it later using something
like the split-logfile program included with apache.

2. Put a separate CustomLog directive in each  section.

Joshua.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

AW: [EMAIL PROTECTED] Child pid

[Mididoc Productions]

hello, all,

could anybody tell me please what this message in apache error_log means:

[Tue Aug  1 22:33:20 2006] [notice] child pid 78700 exit signal Segmentation
fault (11)

thanks for a tip

mike


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED] Using env vars to compliment logging

[Dan Trainor]

Hello, all -

For sake of trying to sound clever, I'll just flat-out say what I'm 
looking for, instead of using a real example.


We use a wildcard approach in a VirtualHost container to accept 
requests, and it works quite well.  However, I am having trouble making 
logs for each actual server name which I'm serving.


Ideally I'd like something such as:

Customlog /path/to/logs/$HTTP_HOST-access.log combined

to create /path/to/logs/domain.tld-access.log.

Do I have this flexibility, or would I have to consider alternate routes?

Thanks!
-dant

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED] Can't get mod_rewrite to do anything

[Ken Schutte]

Hi,

I'm using apache2 on Debian, and have the following in
/etc/apache2/apache2.conf,

LoadModule rewrite_module /usr/lib/apache2/modules/mod_rewrite.so
RewriteLog /var/log/apache2/rewrite_log
RewriteEngine On
RewriteRule ^/index.html /index.php

I don't get any errors on apache2 start, but the rule doesn't work.
I've tried a bunch of other rules too, and I can't get any simple 
RewriteRules to do anything.  It created the rewrite_log log file, but 
it is empty, so I do not even know where to look to track down the problem.


Any suggestions?

Thanks,
Ken



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] URL Rewriting with proxy-html

[Nick Kew]

On Tuesday 01 August 2006 17:24, Errol Neal wrote:
>
> ProxyHTMLURLMap / /usaf/
> ProxyHTMLExtended on

That combination is bad news, for the reasons you've seen.

You can stop it applying that rule to your scripts using the
flags to ProxyHTMLURLMap.  If you need to rewrite URLs within
your scripts, you'll need a more specific search pattern in there.

Do you really need every proxy-html option turned on?

-- 
Nick Kew

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] mod_rewrite issue

[Joshua Slive]

On 8/1/06, SOPRO <[EMAIL PROTECTED]> wrote:

Hi friends!

I have an aplication hosted on a JBOSS server that must receive an id
as argument.
This id will make the application load the correct template for the typed URL.

Eg.: For URL 'client1.app.mydomain.com', the application will load the
template for 'client1'.

I trying to do something like this:


ServerName www.app.mydomain.com
ServerAlias *.app.mydomain.com

RewriteCond %{http_host} ^(.*).app.mydomain.com
RewriteRule ^(.*) http://localhost:8080/app?id=%1 [P,L]


The problem is that I get a redirect to
'http://localhost:5050/app?id=client1' and I want to keep the original
URL (client1.app.mydomain.com).


What does the RewriteLog say when you configure it?  Do you have
mod_proxy and mod_proxy_http included in the server?  Are you sure it
is not the app server sending the redirect?  (Have you done a packet
trace?)

Joshua.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED] mod_rewrite issue

[SOPRO]

Hi friends!

I have an aplication hosted on a JBOSS server that must receive an id
as argument.
This id will make the application load the correct template for the typed URL.

Eg.: For URL 'client1.app.mydomain.com', the application will load the
template for 'client1'.

I trying to do something like this:


   ServerName www.app.mydomain.com
   ServerAlias *.app.mydomain.com

   RewriteCond %{http_host} ^(.*).app.mydomain.com
   RewriteRule ^(.*) http://localhost:8080/app?id=%1 [P,L]


The problem is that I get a redirect to
'http://localhost:5050/app?id=client1' and I want to keep the original
URL (client1.app.mydomain.com).

Do you have another idea in how to do this functional ?

Thanks!

Fabricio.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] apache 2.2 and mod_auth_pam

[Nick Kew]

On Tuesday 01 August 2006 20:07, Jason Keltz wrote:
> I am trying to upgrade from running mod_auth_pam on the Apache 1.3.X
> series to mod_auth_pam on the Apache 2.2.X series.  I see that the
> authentication and authorization has changed in Apache from the 2.1
> series.  I was able to successfully compile the mod_auth_pam module for
> Apache 2.0.X, but I can't use it because I get errors in the log files:
>
> Tue Aug 01 11:54:52 2006] [error] [client X] (9)Bad file descriptor:
> Could not open password file: (null)
> [Tue Aug 01 11:54:58 2006] [error] Internal error: pcfg_openfile()
> called with NULL filename
>
> ... which, as I understand it is because I haven't specified an
> AuthBasicProvider since the module doesn't define one.

Yes.

You should be able to use it with 2.2, possibly only by disabling
the normal 2.2 mod_auth_basic (or digest, as appropriate) altogether.
Try ensuring it runs before normal 2.2 authentication.  You can
probably do that simply by using AP_HOOK_FIRST in its auth hook
(but that's just guessing - I haven't looked, let alone tried).

> Has anyone made available a mod_authnz_pam module?  (or mod_authn_pam
> and mod_authz_pam)?

Do google or modules.apache.org have anything to say?

> I wonder why the "pam" module hasn't made it into the default Apache
> installation yet? I imagine it's used in quite a few installations..

It would make sense from a functional point of view.  But it's a third-party
module.  AFAIK they've neither offered it for inclusion, nor been asked by
any of the core developers.  It would require that some core devs are
willing and able to maintain it.

-- 
Nick Kew

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] Detailed steps to build a module for Windows

[Steffen]

Building for the first time Apache and mods can give hassles.
So, I build it for you against Apache 2.2.x

Download at
http://www.apachelounge.com/download/mods/mod_xsendfile-0.8-w32.zip

When you need it for the old 2.0.x contact me OL.


Steffen

- Original Message - 
From: "Jose Adriano Baltieri" <[EMAIL PROTECTED]>

To: 
Sent: Tuesday, August 01, 2006 19:29
Subject: [EMAIL PROTECTED] Detailed steps to build a module for Windows



I have seen a module called mod_xsendfile
(http://celebnamer.celebworld.ws/stuff/mod_xsendfile/) and I need to put it
to run along with Apache under Windows.

Since that module is not distributed ready for that, I wonder if someone
else can help me to get there.

Unfortunatelly, I need detailed steps. Yes, I have MSVC but I'm not a C
expert (nor a DLL one).

So, I need something like :

1) Go to File , create a new workspace
2) Now add a project to this workspace by clicking on ... Set the project
properties by 
3) Now add your C sourcefile to this project by clicking on ...
4) Now Build you project
5) Copy the generated DLL (or SO) file onto this folder...

Thanks in advance for your help !

--
Obrigado,
--
   Jose Adriano Baltieri - Analista de Sistemas
   DTI - CENTRO - UNIMEP - Universidade Metodista de
Piracicaba
   PIRACICABA - SP - Brasil - Fone : (19) 3124-1858
--


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




- Original Message - 
From: "Jose Adriano Baltieri" <[EMAIL PROTECTED]>

To: 
Sent: Tuesday, August 01, 2006 19:29
Subject: [EMAIL PROTECTED] Detailed steps to build a module for Windows



I have seen a module called mod_xsendfile
(http://celebnamer.celebworld.ws/stuff/mod_xsendfile/) and I need to put it
to run along with Apache under Windows.

Since that module is not distributed ready for that, I wonder if someone
else can help me to get there.

Unfortunatelly, I need detailed steps. Yes, I have MSVC but I'm not a C
expert (nor a DLL one).

So, I need something like :

1) Go to File , create a new workspace
2) Now add a project to this workspace by clicking on ... Set the project
properties by 
3) Now add your C sourcefile to this project by clicking on ...
4) Now Build you project
5) Copy the generated DLL (or SO) file onto this folder...

Thanks in advance for your help !

--
Obrigado,
--
   Jose Adriano Baltieri - Analista de Sistemas
   DTI - CENTRO - UNIMEP - Universidade Metodista de
Piracicaba
   PIRACICABA - SP - Brasil - Fone : (19) 3124-1858
--


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]





-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED] configuring a balancer in httpd.conf

[DM]

Hi,

I'm trying to get Apache to forward all it's requests to either one of two 
Tomcat processes.
I can get Apache to forward the requests to a single Tomcat using the following 
settings in httpd.conf:

###
ProxyRequests Off


Order deny,allow
Allow from all


ProxyPass / http://erie:8080/
ProxyPassReverse / http://erie:8080/
###


I attempted to get the load-balancing working by replacing the above with the 
following:

###
ProxyRequests Off

ProxyPass / balancer://mycluster stickysession=jsessionid nofailover=On
ProxyPassReverse / balancer://mycluster


BalancerMember http://erie:8080
BalancerMember http://titan192:8080

Order deny,allow
Allow from all

###

But I get a "403 Forbidden" error indicating that I don't have permission to 
access the resource on the server.

Many thanks in advance,
Don



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED] apache 2.2 and mod_auth_pam

[Jason Keltz]

I am trying to upgrade from running mod_auth_pam on the Apache 1.3.X 
series to mod_auth_pam on the Apache 2.2.X series.  I see that the 
authentication and authorization has changed in Apache from the 2.1 
series.  I was able to successfully compile the mod_auth_pam module for 
Apache 2.0.X, but I can't use it because I get errors in the log files:


Tue Aug 01 11:54:52 2006] [error] [client X] (9)Bad file descriptor: 
Could not open password file: (null)
[Tue Aug 01 11:54:58 2006] [error] Internal error: pcfg_openfile() 
called with NULL filename


... which, as I understand it is because I haven't specified an 
AuthBasicProvider since the module doesn't define one.


Has anyone made available a mod_authnz_pam module?  (or mod_authn_pam 
and mod_authz_pam)? I can't imagine that i'm the first to want to use 
pam authentication on the 2.2.X series server.  If a module isn't 
available, is there any way to use the existing authentication module 
with the 2.2 series server? I can't seem to find anything in the 
documentation on this.  The only thing I can find is a claim that most 
2.0 modules will continue to work with 2.2 - they just need to be 
recompiled, but it seems like with the changes in authentication and 
authorization that more than recompilation may be necessary...


I wonder why the "pam" module hasn't made it into the default Apache 
installation yet? I imagine it's used in quite a few installations..


Any assistance would be appreciated...

Jason.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED] Detailed steps to build a module for Windows

[Jose Adriano Baltieri]

I have seen a module called mod_xsendfile 
(http://celebnamer.celebworld.ws/stuff/mod_xsendfile/) and I need to put 
it to run along with Apache under Windows.


Since that module is not distributed ready for that, I wonder if someone 
else can help me to get there.


Unfortunatelly, I need detailed steps. Yes, I have MSVC but I'm not a C 
expert (nor a DLL one).


So, I need something like :

1) Go to File , create a new workspace
2) Now add a project to this workspace by clicking on ... Set the 
project properties by 

3) Now add your C sourcefile to this project by clicking on ...
4) Now Build you project
5) Copy the generated DLL (or SO) file onto this folder...

Thanks in advance for your help !

--
Obrigado,
--
   Jose Adriano Baltieri - Analista de Sistemas
   DTI - CENTRO - UNIMEP - Universidade Metodista de Piracicaba
   PIRACICABA - SP - Brasil - Fone : (19) 3124-1858
--


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] Reg. Permissions problem

[Christian Folini]

On Mon, Jul 31, 2006 at 11:15:13PM -0700, vivek k wrote:
>   When the Apache server tries to modify the file it
> is gving
> permission denied error in the error_log file.
>
>   Is there a way of solving this problem ? Can i
> configure the Webserver to run as userID dts.


As mentioned before you can run apache as whatever you
choose, but it is preferred to use the distribution
standard. Here i would change the permission
of the file in question:

Change the group of the file in question to the group
of the webserver and allow the group to change the file.

-> permission 664

That way apache still runs as the default user and the
application can continue to work as before.

Cheers,

Christian


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED] URL Rewriting with proxy-html

[Errol Neal]

I'm having trouble getting proxy-html to behave the way I want it to.
It's rewriting comments and touching parts of the html that permit our
flash stuff to work..


ServerAdmin [EMAIL PROTECTED]
DocumentRoot /var/www/proxy1/wwwroot
CustomLog "|/usr/local/sbin/cronolog
/var/www/proxy1_dfi-intl_com/logs/%Y-%m-%d-proxy1_dfi-intl_com.log"
combined
ProxyRequests Off
ProxyHTMLLogVerbose On
#ProxyHTMLStripComments On
ProxyPass /usaf/ http://172.16.103.200/
ProxyHTMLURLMap http://172.16.103.200/ /usaf

ProxyPassReverse /
#ProxyHTMLStripComments On
SetOutputFilter proxy-html

ProxyHTMLURLMap / /usaf/
ProxyHTMLURLMap /usaf/ /usaf
ProxyHTMLMeta on
ProxyHTMLFixups on
ProxyHTMLLogVerbose On
ProxyHTMLExtended on
ProxyHTMLStripComments On
RequestHeader unset Accept-Encoding




So for a example, "application/x-shockwave-flash" ends up as
"application/usaf/x-shockwave-flash" and a comment
"// Visual basic helper required to detect Flash Player ActiveX control
version information" is rewritten as 
" /usaf//usaf/ Visual basic helper required to detect Flash Player
ActiveX control version information". It also seems as if some recursive
behavior has been introduced, but only for the comments. Any helps/hints
are much apprecited. 
__
Errol Uriel Neal Jr.
Sr. Network Administrator
DFI International, Inc.
1717 Pennsylvania Ave NW, Suite 1300
Washington, DC  20006
Tel (202)452-6955
Fax (202)452-6910
[EMAIL PROTECTED]
www.dfi-intl.com


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED] Firefox - 'partially encrypted' SSL

[Declerck Michael-W30479]

Hello,
My system is Ubuntu 6.06 and Apache 2.2 with mod_ssl.
I have a problem with Firefox which says that the client-server
interaction is only partially encrypted.
The message from the Firefox says exactly:
 
Connection Partially Encrypted
Parts of the page you are viewing were not encrypted before being
transmitted over the Internet.
Information sent over the Internet without encryption can be seen by
other people while it is in transit.

I installed mod_ssl statically, which gave me the default
conf/extra/httpd-ssl.conf, where ssl is supported by virtual host.
The file httpd-ssl.conf is included in my main httpd.conf.
When I statically installed, Apache modified my httpd.conf file in some
way, but I mistakingly saved over it.
 
One issue might be with a PRNG, because I do not know where I have one
(if I have one, it is not in /dev) in the httpd-ssl.conf.
Here's my httpd-ssl.conf file:

#SSLRandomSeed startup file:/dev/random  512
#SSLRandomSeed startup file:/dev/urandom 512
#SSLRandomSeed connect file:/dev/random  512
#SSLRandomSeed connect file:/dev/urandom 512 

Listen 10.22.97.248:443
Listen 10.22.97.248:80
AddType application/x-x509-ca-cert .cert
AddType application/x-pkcs7-crl.crl
SSLPassPhraseDialog  builtin 
SSLSessionCacheshmcb:/usr/local/apache2/logs/ssl_scache(512000)
SSLSessionCacheTimeout  300
 
SSLMutex  file:/usr/local/apache2/logs/ssl_mutex
 

#   General setup for the virtual host
DocumentRoot "/usr/local/apache2/cgi-bin"
ServerName panicrepository.am.mot.com:443
ServerAdmin [EMAIL PROTECTED]
ErrorLog /usr/local/apache2/logs/error_log
TransferLog /usr/local/apache2/logs/access_log
 
#   SSL Engine Switch:
#   Enable/Disable SSL for this virtual host.
SSLEngine on

#   SSL Cipher Suite:
#   List the ciphers that the client is permitted to negotiate.
#   See the mod_ssl documentation for a complete list.
SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
 
#   Server Certificate:
SSLCertificateFile
/usr/local/openssl/certs/panicrepository.am.mot.com.cert

SSLCertificateKeyFile
/usr/local/openssl/private/panicrepository.am.mot.com.key
 

SSLOptions +StdEnvVars


SSLOptions +StdEnvVars

BrowserMatch ".*MSIE.*" \
 nokeepalive ssl-unclean-shutdown \
 downgrade-1.0 force-response-1.0
 
#   Per-Server Logging:
#   The home of a custom SSL log file. Use this when you want a
#   compact non-error SSL logfile on a virtual host basis.
CustomLog /usr/local/apache2/logs/ssl_request_log \
  "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
 




Any advice?
Does this sound like Firefox brokenness?
I would assume that it is my configuration that is the problem.

Michael DeClerck

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED] message /var/logs/messages

[Mididoc Productions]

hello,

my name is mike roland and i have a question as i'm a new learner:

we have a vps server and find a message in /var/logs/messages
which we don't understand:

Aug  1 00:05:52 mail vsapd[27368]: untie attempted while 1 inner references
still exist at
/usr/local/lib/perl5/vendor_perl/5.8.4/VSAP/Server/Modules/vsap/sys/logs.pm
line 256,  line 3.
Aug  1 00:06:36 mail vsapd[27369]: untie attempted while 1 inner references
still exist at
/usr/local/lib/perl5/vendor_perl/5.8.4/VSAP/Server/Modules/vsap/sys/logs.pm
line 256,  line 3.
Aug  1 00:07:35 mail vsapd[27369]: untie attempted while 1 inner references
still exist at
/usr/local/lib/perl5/vendor_perl/5.8.4/VSAP/Server/Modules/vsap/sys/logs.pm
line 256,  line 3.

Aug  1 00:12:23 mail vsapd[28063]: untie attempted while 1 inner references
still exist at
/usr/local/lib/perl5/vendor_perl/5.8.4/VSAP/Server/Modules/vsap/sys/logs.pm
line 256,  line 3.


could anybody perhaps tell us, what is the reason,and what we have to do?

thank you very much

mike


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED] SOT : SELinux Interference

[Rob Wilkerson]

In this case, I know what the problem is - SELinux - but I'm hoping
someone can help me understand why it's happening for my own
edification.  I have a webroot that's outside of the "standard"
webroot:  /opt/projects/htdocs.

I have Apache configured to recognize that directory and allow access,
of course, and I even bypass SELinux using "$ sudo chcon -R -t
httpd_sys_content_t /opt/projects/htdocs".  The problem is, though,
that I have a script which uses sed to update the index.htm file.  sed
dumps the output into a temporary file in /tmp and then I move the
temporary file to /opt/projects/htdocs, replacing the original
version.

It appears that this move is causing the SELinux bypass to close up.
I've added the chcon command to my script and it works fine, but I'm
hoping someone can enlighten me as to what's going on or help me
understand the rules of SELinux.

Thanks.

--

Rob Wilkerson

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] Reg. Permissions problem

[Declerck Michael-W30479]

>  Can i configure the Webserver to run as userID dts. 

You can configure the web server to run as whomever you choose.
You can change the user and group within the  directive, with 'User ' and 'Group '.
I am using Apache2.2 though.


-Original Message-
From: vivek k [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, August 01, 2006 1:15 AM
To: users@httpd.apache.org
Subject: [EMAIL PROTECTED] Reg. Permissions problem

Hi All,
  I am Vivek. I am faced with a problem regarding an applications which
runs under Redhat Linux.
   
  The application userid is dts and groupid being dtsprod. The Apache
server httpd runs as wwwsvr and when it tries to execute the application
this application creates a log file wth userid dts and groupid as dtprod
in the /tmp directory.
   
  rw_r__r__   dts  dtsprod  appexec.log
   
  When the Apache server tries to modify the file it is gving permission
denied error in the error_log file.
   
  Is there a way of solving this problem ? Can i configure the Webserver
to run as userID dts. 
   
Regards,
Vivek


__
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around
http://mail.yahoo.com 

-
The official User-To-User support forum of the Apache HTTP Server
Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED] sh permission denied

[Mark McDowall]

I am new to apache and am having problems.

The problem that I am having is that when I run a cgi script (Python),
it is able to return the information from the MySQL database, but when
it is asked to run an external program (clustalw), it is unable to find
the command.

When I run the scripts through command line I am able to run the
program and the 'clustalw' command works.   I have even
altered the command line to specify the exact path and I get the
following error message.

The error that is recorded within the error_log file is:[error] [client 127.0.0.1] sh: /usr/*/clustalw1.83/clustalw: Permission denied


I use Apache 2.0.52 running CentOS4 (Fedora Core 4).

I have tried searching the forums, but to no avail.   I have
tried creating a new  section that has the path of
the program, this did not work, I have changed the user name and group
to my own, which does have the correct permission, but I get the same
result.

Hope to hear from someone soon,

Mark-- Mark McDowallE-mail: [EMAIL PROTECTED]
WWW: 
http://www-users.york.ac.uk/~mm526WWW: http://bionet.0catch.com