Re: [PATCH] simplified apachectl that passes through options to httpd

[Jeff Trawick]

Cliff Woolley [EMAIL PROTECTED] writes:

 On 23 May 2002, Jeff Trawick wrote:
 
  Existing apachectl keywords are still supported for now (except for
  some alternate spellings of startssl -- whats up with that stuff?).
 
 I always assumed it was for Apache-SSL compatibility.  Ben?

google finds lots of hits for sslstart.  The only hits for start-SSL I
see so far are from the apachectl usage message.  I've added support
back in for the alternate spellings for the time being:

sslstart|start-SSL)
$HTTPD -k startssl
ERROR=$?
;;

(well, I'm calling anything but startssl an alternate spelling; I
dunno what came first, but it is -k startssl which httpd supports)

-- 
Jeff Trawick | [EMAIL PROTECTED]
Born in Roswell... married an alien...

Re: [PATCH] simplified apachectl that passes through options to httpd

[William A. Rowe, Jr.]

At 06:20 AM 5/24/2002, you wrote:
Cliff Woolley [EMAIL PROTECTED] writes:

  On 23 May 2002, Jeff Trawick wrote:
 
   Existing apachectl keywords are still supported for now (except for
   some alternate spellings of startssl -- whats up with that stuff?).
 

sslstart|start-SSL)
 $HTTPD -k startssl
 ERROR=$?
 ;;

(well, I'm calling anything but startssl an alternate spelling; I
dunno what came first, but it is -k startssl which httpd supports)

Can I ask WHY?  -k has never supported anything but start/stop/restart
and has always required a seperate -D SSL argument on Win32.

I see the advantage of a simple apachectl doit verb that includes ssl.
However, overloading -k start -D SSL with -k startssl seems outright
silly.  We can't argue back-compat here, -k didn't exist before.

Not that win32 was complete... -k stop should probably stop-graceful
while -k shutdown on win32 should probably slam it all down fast.
Likewise we should probably be adding -k graceful for what we do
today with -k restart, and let -k restart to hard shutdowns of open
connections.

This is similar to the -X debate, with one huge exception.  -X has
been around for a very long time :-)

Bill

Re: [PATCH] simplified apachectl that passes through options to httpd

[Ben Laurie]

Cliff Woolley wrote:
 On 23 May 2002, Jeff Trawick wrote:
 
 
Existing apachectl keywords are still supported for now (except for
some alternate spellings of startssl -- whats up with that stuff?).
 
 
 I always assumed it was for Apache-SSL compatibility.  Ben?

Apache-SSL always has SSL (surprise!), so just plain start suffices.

Cheers,

Ben.

Re: [PATCH] simplified apachectl that passes through options to httpd

[Jeff Trawick]

William A. Rowe, Jr. [EMAIL PROTECTED] writes:

 At 06:20 AM 5/24/2002, you wrote:
 Cliff Woolley [EMAIL PROTECTED] writes:
 
   On 23 May 2002, Jeff Trawick wrote:
  
Existing apachectl keywords are still supported for now (except for
some alternate spellings of startssl -- whats up with that stuff?).
  
 
 sslstart|start-SSL)
  $HTTPD -k startssl
  ERROR=$?
  ;;
 
 (well, I'm calling anything but startssl an alternate spelling; I
 dunno what came first, but it is -k startssl which httpd supports)
 
 Can I ask WHY?  -k has never supported anything but start/stop/restart
 and has always required a seperate -D SSL argument on Win32.
 
 I see the advantage of a simple apachectl doit verb that includes ssl.
 However, overloading -k start -D SSL with -k startssl seems outright
 silly.  We can't argue back-compat here, -k didn't exist before.

I think that this is your main point (please confirm):

  don't support httpd -k startssl, and instead force the user (or
  apachectl) to run httpd -k startssl -DSSL

One issue that may affect your opinion: historic apachectl verbs are
to be considered deprecated; the vision is that apachectl is just a
wrapper script whose user interface is the same as httpd.  Thinking
long-term (e.g., Apache 2.1 or whatever), would you want the user to
have to do

  httpd -k start -DSSL

instead of

  httpd -k startssl

?

-- 
Jeff Trawick | [EMAIL PROTECTED]
Born in Roswell... married an alien...

Re: [PATCH] simplified apachectl that passes through options to httpd

[Jim Jagielski]

Jeff Trawick wrote:
 
 I think that this is your main point (please confirm):
 
   don't support httpd -k startssl, and instead force the user (or
   apachectl) to run httpd -k startssl -DSSL
 
 One issue that may affect your opinion: historic apachectl verbs are
 to be considered deprecated; the vision is that apachectl is just a
 wrapper script whose user interface is the same as httpd.  Thinking
 long-term (e.g., Apache 2.1 or whatever), would you want the user to
 have to do
 
   httpd -k start -DSSL
 

But there are tons of configs out there with the IfDef SSL directives
in their httpd.conf file that want/expect/require that SSL
is defined

-- 
===
   Jim Jagielski   [|]   [EMAIL PROTECTED]   [|]   http://www.jaguNET.com/
  A society that will trade a little liberty for a little order
 will lose both and deserve neither - T.Jefferson

Re: [PATCH] simplified apachectl that passes through options to httpd

[William A. Rowe, Jr.]

At 10:52 AM 5/24/2002, you wrote:
William A. Rowe, Jr. [EMAIL PROTECTED] writes:

  Can I ask WHY?  -k has never supported anything but start/stop/restart
  and has always required a seperate -D SSL argument on Win32.
 
  I see the advantage of a simple apachectl doit verb that includes ssl.
  However, overloading -k start -D SSL with -k startssl seems outright
  silly.  We can't argue back-compat here, -k didn't exist before.

I think that this is your main point (please confirm):

   don't support httpd -k startssl, and instead force the user (or
   apachectl) to run httpd -k startssl -DSSL

err... still a bit redundant, httpd -k start -DSSL should suffice [I'm pretty
sure that's what you ment to ask :-]

One issue that may affect your opinion: historic apachectl verbs are
to be considered deprecated; the vision is that apachectl is just a
wrapper script whose user interface is the same as httpd.  Thinking
long-term (e.g., Apache 2.1 or whatever), would you want the user to
have to do

   httpd -k start -DSSL

Yes.  How many other server modules [protocols especially, such as
pop3 and so on] will beg the same.  It's bogus.

If you configure your machine for SSL, then run it as SSL already!!!
Why are we trying to say you've installed and configured SSL, so now
you have to turn it on explicitly everytime you start up.  Which most
will take as meaning I have apache2 installed, so now all I need to do
is to startssl and everything will work.

Either the user installs and configures SSL correctly or they don't,
I still don't see a benefit in this switch.

Uncommenting and Commenting Out our Include ssl.conf should suffice,
no?

And if a user wants to use the 'classic' mode of toggling a variable
[I did so very often when testing both jserv and tomcat, used -D JSERV
and -D TOMCAT for that purpose since they can never load together],
then do it explicitly before we start seeing -k starttomcat patches popping
up everywhere.

At 10:57 AM 5/24/2002, JimJag wrote:
But there are tons of configs out there with the IfDef SSL directives
in their httpd.conf file that want/expect/require that SSL
is defined

Apache 2.0 config files?  Tons of them?  Really :-?

Seriously, dump the IfDefine.  For most cases these should really be
IfModule mod_ssl.c entities instead anyways.  Only the load module
itself aught to be caught in an IfDefine SSL.

I fail to see how setting up ssl in Apache 2.0 should differ from setting up
mod_pop3, mod_mbox, mod_jk or any other module.

Bill

Re: [PATCH] simplified apachectl that passes through options to httpd

[Aaron Bannert]

On Fri, May 24, 2002 at 11:10:25AM -0500, William A. Rowe, Jr. wrote:
 If you configure your machine for SSL, then run it as SSL already!!!
 Why are we trying to say you've installed and configured SSL, so now
 you have to turn it on explicitly everytime you start up.  Which most
 will take as meaning I have apache2 installed, so now all I need to do
 is to startssl and everything will work.

Simple: We have static and dynamic modules. Static modules can't turn
off their LoadModule lines, so we can't use that to turn on and off the
functionality in those modules. -DSSL is the runtime switch that mod_ssl
uses to enable SSL functionality.

-aaron

Re: [PATCH] simplified apachectl that passes through options to httpd

[Aaron Bannert]

On Fri, May 24, 2002 at 11:10:25AM -0500, William A. Rowe, Jr. wrote:
 Seriously, dump the IfDefine.  For most cases these should really be
 IfModule mod_ssl.c entities instead anyways.  Only the load module
 itself aught to be caught in an IfDefine SSL.
 
 I fail to see how setting up ssl in Apache 2.0 should differ from setting up
 mod_pop3, mod_mbox, mod_jk or any other module.

I'd rather see us decouple loading of modules from enabling of
modules, and then come up with a consistent way to do both. That way
static modules are just implicitly loaded, DSOs can be optionally
loaded with LoadModule, and it takes something else entirely to
enable or disable*.

*(The default could be to enable or disable, but a consistent way to
  override this at start-time would make it really clear to an admin
  how they can control this.)

-aaron

Re: [PATCH] simplified apachectl that passes through options to httpd

[Jeff Trawick]

William A. Rowe, Jr. [EMAIL PROTECTED] writes:

 At 10:52 AM 5/24/2002, you wrote:
 William A. Rowe, Jr. [EMAIL PROTECTED] writes:
 
   Can I ask WHY?  -k has never supported anything but start/stop/restart
   and has always required a seperate -D SSL argument on Win32.
  
   I see the advantage of a simple apachectl doit verb that includes ssl.
   However, overloading -k start -D SSL with -k startssl seems outright
   silly.  We can't argue back-compat here, -k didn't exist before.
 
 I think that this is your main point (please confirm):
 
don't support httpd -k startssl, and instead force the user (or
apachectl) to run httpd -k startssl -DSSL
 
 err... still a bit redundant, httpd -k start -DSSL should suffice [I'm pretty
 sure that's what you ment to ask :-]

yep, I meant -k start -DSSL :)

 One issue that may affect your opinion: historic apachectl verbs are
 to be considered deprecated; the vision is that apachectl is just a
 wrapper script whose user interface is the same as httpd.  Thinking
 long-term (e.g., Apache 2.1 or whatever), would you want the user to
 have to do
 
httpd -k start -DSSL
 
 Yes.  How many other server modules [protocols especially, such as
 pop3 and so on] will beg the same.  It's bogus.
 
 If you configure your machine for SSL, then run it as SSL already!!!

I'm +.6 on removing the httpd -k startssl hack already committed (my
only reservation is due to my lack of interaction with the folks that
actually use the startssl|sslstart thingie).

Heck, I'm even fine with completely ditching the old apachectl verbs
with 2.0.37 and imposing the un-onerous task on admins of converting to
the httpd syntax.  Once that happens the help text for httpd matches
what apachectl will accept.

For the moment I'll wait until I hear more opinions before deviating
from the plan outlined in the original discussion.

Thanks,

-- 
Jeff Trawick | [EMAIL PROTECTED]
Born in Roswell... married an alien...

Re: [PATCH] simplified apachectl that passes through options to httpd

[William A. Rowe, Jr.]

At 11:30 AM 5/24/2002, Jeff Trawick wrote:
William A. Rowe, Jr. [EMAIL PROTECTED] writes:
 
  err... still a bit redundant, httpd -k start -DSSL should suffice [I'm 
 pretty
  sure that's what you ment to ask :-]

yep, I meant -k start -DSSL :)

  One issue that may affect your opinion: historic apachectl verbs are
  to be considered deprecated; the vision is that apachectl is just a
  wrapper script whose user interface is the same as httpd.  Thinking
  long-term (e.g., Apache 2.1 or whatever), would you want the user to
  have to do
  
 httpd -k start -DSSL
 
  Yes.  How many other server modules [protocols especially, such as
  pop3 and so on] will beg the same.  It's bogus.
 
  If you configure your machine for SSL, then run it as SSL already!!!

I'm +.6 on removing the httpd -k startssl hack already committed (my
only reservation is due to my lack of interaction with the folks that
actually use the startssl|sslstart thingie).

They don't [use the httpd thingie]...

Heck, I'm even fine with completely ditching the old apachectl verbs
with 2.0.37 and imposing the un-onerous task on admins of converting to
the httpd syntax.  Once that happens the help text for httpd matches
what apachectl will accept.

I'm not - apachectl has always been a convience thing.  If we are making
them change their conf to use httpd -k start without specifing -D SSL, I am
still in favor of handling apachectl startssl [and all the silly flavors 
thereof.]

I'm actually against pulling apachectl until version 2.1.  Give them some time
to adjust, provide some backwards compatibility for the present time.  And
in the meantime, don't break what apachectl already provides.

Bill

Re: [PATCH] simplified apachectl that passes through options to httpd

[William A. Rowe, Jr.]

At 11:18 AM 5/24/2002, you wrote:
On Fri, May 24, 2002 at 11:10:25AM -0500, William A. Rowe, Jr. wrote:
  If you configure your machine for SSL, then run it as SSL already!!!
  Why are we trying to say you've installed and configured SSL, so now
  you have to turn it on explicitly everytime you start up.  Which most
  will take as meaning I have apache2 installed, so now all I need to do
  is to startssl and everything will work.

Simple: We have static and dynamic modules. Static modules can't turn
off their LoadModule lines, so we can't use that to turn on and off the
functionality in those modules. -DSSL is the runtime switch that mod_ssl
uses to enable SSL functionality.

That isn't a reason to create -k startssl to duplicate -k start -D SSL

...in fact, if you have a problem with not being able to disable a module in
Apache2, then fix the essential problem, which is disabling modules.
That was the feature 'broken' in Apache 2.

And that still doesn't answer the question, why not simply;

#Include conf/ssl.conf

And let them uncomment it when they are good and ready.  This shouldn't
be a constantly toggled decision, either it's ready to run SSL or it's not.

Bill

RE: [PATCH] simplified apachectl that passes through options to httpd

[Ryan Bloom]

 From: William A. Rowe, Jr. [mailto:[EMAIL PROTECTED]]
 
 At 11:18 AM 5/24/2002, you wrote:
 On Fri, May 24, 2002 at 11:10:25AM -0500, William A. Rowe, Jr. wrote:
   If you configure your machine for SSL, then run it as SSL
already!!!
   Why are we trying to say you've installed and configured SSL, so
now
   you have to turn it on explicitly everytime you start up.  Which
most
   will take as meaning I have apache2 installed, so now all I need
to
 do
   is to startssl and everything will work.
 
 Simple: We have static and dynamic modules. Static modules can't turn
 off their LoadModule lines, so we can't use that to turn on and off
the
 functionality in those modules. -DSSL is the runtime switch that
mod_ssl
 uses to enable SSL functionality.
 
 That isn't a reason to create -k startssl to duplicate -k start -D SSL
 
 ...in fact, if you have a problem with not being able to disable a
module
 in
 Apache2, then fix the essential problem, which is disabling modules.
 That was the feature 'broken' in Apache 2.

I'm missing why that is considered broken.  If you are compiling your
own server, then you should only statically compile the modules that you
want to use.  If you are using a binary dist, then I don't know of any
binary dists that use static modules instead of dynamic ones.  Is there
actually a case where somebody has wanted to be able to disable a module
and been unable to?

Ryan

Re: [PATCH] simplified apachectl that passes through options to httpd

[Jeff Trawick]

William A. Rowe, Jr. [EMAIL PROTECTED] writes:

 Heck, I'm even fine with completely ditching the old apachectl verbs
 with 2.0.37 and imposing the un-onerous task on admins of converting to
 the httpd syntax.  Once that happens the help text for httpd matches
 what apachectl will accept.
 
 I'm not - apachectl has always been a convience thing.

by the way...  with 2.0 on Unix, apachectl is a required thing to
ensure that any environment variables (LD_LIBRARY_PATH and others) are
set up properly

If we are making
 them change their conf to use httpd -k start without specifing -D SSL, I am
 still in favor of handling apachectl startssl [and all the silly
 flavors thereof.]
 
 I'm actually against pulling apachectl until version 2.1.  Give them some time
 to adjust, provide some backwards compatibility for the present time.  And
 in the meantime, don't break what apachectl already provides.

no plan to pull apachectl at all... the issue is when to stop mapping
the old apachectl verbs onto httpd options...  the user needs to know
that all those options that can be passed to httpd can be passed to
apachectl with no problem...  the separate user interface for
apachectl vs. httpd is potentially confusing...

-- 
Jeff Trawick | [EMAIL PROTECTED]
Born in Roswell... married an alien...

Re: [PATCH] simplified apachectl that passes through options to httpd

[Bill Stoddard]

I think the old apachectl verbs should go. apachectl should source the envars and pass
args unmodified to httpd. That's it.

Bill

- Original Message -
From: Jeff Trawick [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, May 24, 2002 1:30 PM
Subject: Re: [PATCH] simplified apachectl that passes through options to httpd


 William A. Rowe, Jr. [EMAIL PROTECTED] writes:

  Heck, I'm even fine with completely ditching the old apachectl verbs
  with 2.0.37 and imposing the un-onerous task on admins of converting to
  the httpd syntax.  Once that happens the help text for httpd matches
  what apachectl will accept.
 
  I'm not - apachectl has always been a convience thing.

 by the way...  with 2.0 on Unix, apachectl is a required thing to
 ensure that any environment variables (LD_LIBRARY_PATH and others) are
 set up properly

 If we are making
  them change their conf to use httpd -k start without specifing -D SSL, I am
  still in favor of handling apachectl startssl [and all the silly
  flavors thereof.]
 
  I'm actually against pulling apachectl until version 2.1.  Give them some time
  to adjust, provide some backwards compatibility for the present time.  And
  in the meantime, don't break what apachectl already provides.

 no plan to pull apachectl at all... the issue is when to stop mapping
 the old apachectl verbs onto httpd options...  the user needs to know
 that all those options that can be passed to httpd can be passed to
 apachectl with no problem...  the separate user interface for
 apachectl vs. httpd is potentially confusing...

 --
 Jeff Trawick | [EMAIL PROTECTED]
 Born in Roswell... married an alien...

Re: [PATCH] simplified apachectl that passes through options to httpd

[Justin Erenkrantz]

On Fri, May 24, 2002 at 07:20:11AM -0400, Jeff Trawick wrote:
 google finds lots of hits for sslstart.  The only hits for start-SSL I
 see so far are from the apachectl usage message.  I've added support
 back in for the alternate spellings for the time being:
 
 sslstart|start-SSL)
 $HTTPD -k startssl
 ERROR=$?
 ;;

FWIW, my intention in adding the -k feature was that the startssl
would only be handled by apachectl - not by httpd itself.  For
startssl, apachectl would send in '-k start -DSSL'.  I don't
think it makes sense for httpd to recognize start-ssl (or its
variants).  That's something that apachectl can handle.  The
idea behind adding the -k feature to httpd on all platforms was
that the start code was abstracted out of apachectl - not to
support oddball invocation arguments.   -- justin

[PATCH] simplified apachectl that passes through options to httpd

[Jeff Trawick]

This apachectl can supposedly be used to pass anything through to
httpd.  Thus, we now have a wrapper script people can use to run httpd
with the proper environment variables.

Existing apachectl keywords are still supported for now (except for
some alternate spellings of startssl -- whats up with that stuff?).

Comments?

Index: support/apachectl.in
===
RCS file: /home/cvs/httpd-2.0/support/apachectl.in,v
retrieving revision 1.12
diff -u -r1.12 apachectl.in
--- support/apachectl.in15 Apr 2002 00:41:25 -  1.12
+++ support/apachectl.in23 May 2002 19:23:20 -
@@ -25,9 +25,6 @@
 #  START CONFIGURATION SECTION  
 #   
 # 
-# the path to your PID file
-PIDFILE=@exp_runtimedir@/@progname@.pid
-#
 # the path to your httpd binary, including options if necessary
 HTTPD='@exp_sbindir@/@progname@'
 #
@@ -50,146 +47,28 @@
 
 ERROR=0
 if [ x$ARGV = x ] ; then 
-ARGS=help
+ARGV=-h
 fi
 
-for ARG in $ARGV $ARGS
-do
-# check for pidfile
-if [ -f $PIDFILE ] ; then
-   PID=`cat $PIDFILE`
-   if [ x$PID != x ]  kill -0 $PID 2/dev/null ; then
-   STATUS=@progname@ (pid $PID) running
-   RUNNING=1
-   else
-   STATUS=@progname@ (pid $PID?) not running
-   RUNNING=0
-   fi
-else
-   STATUS=@progname@ (no pid file) not running
-   RUNNING=0
-fi
-
-case $ARG in
-start)
-   if [ $RUNNING -eq 1 ]; then
-   echo $0 $ARG: @progname@ (pid $PID) already running
-   continue
-   fi
-   if $HTTPD ; then
-   echo $0 $ARG: @progname@ started
-   else
-   echo $0 $ARG: @progname@ could not be started
-   ERROR=3
-   fi
-   ;;
-startssl|sslstart|start-SSL)
-if [ $RUNNING -eq 1 ]; then
-echo $0 $ARG: @progname@ (pid $PID) already running
-continue
-fi
-if $HTTPD -DSSL; then
-echo $0 $ARG: @progname@ started
-else
-echo $0 $ARG: @progname@ could not be started
-ERROR=3
-fi
-;;
-stop)
-   if [ $RUNNING -eq 0 ]; then
-   echo $0 $ARG: $STATUS
-   continue
-   fi
-   if kill $PID ; then
-   echo $0 $ARG: @progname@ stopped
-   else
-   echo $0 $ARG: @progname@ could not be stopped
-   ERROR=4
-   fi
-   ;;
-restart)
-   if [ $RUNNING -eq 0 ]; then
-   echo $0 $ARG: @progname@ not running, trying to start
-   if $HTTPD ; then
-   echo $0 $ARG: @progname@ started
-   else
-   echo $0 $ARG: @progname@ could not be started
-   ERROR=5
-   fi
-   else
-   if $HTTPD -t /dev/null 21; then
-   if kill -HUP $PID ; then
-   echo $0 $ARG: @progname@ restarted
-   else
-   echo $0 $ARG: @progname@ could not be restarted
-   ERROR=6
-   fi
-   else
-   echo $0 $ARG: configuration broken, ignoring restart
-   echo $0 $ARG: (run 'apachectl configtest' for details)
-   ERROR=6
-   fi
-   fi
-   ;;
-graceful)
-   if [ $RUNNING -eq 0 ]; then
-   echo $0 $ARG: @progname@ not running, trying to start
-   if $HTTPD ; then
-   echo $0 $ARG: @progname@ started
-   else
-   echo $0 $ARG: @progname@ could not be started
-   ERROR=5
-   fi
-   else
-   if $HTTPD -t /dev/null 21; then
-   if kill -@AP_SIG_GRACEFUL_SHORT@ $PID ; then
-   echo $0 $ARG: @progname@ gracefully restarted
-   else
-   echo $0 $ARG: @progname@ could not be restarted
-   ERROR=7
-   fi
-   else
-   echo $0 $ARG: configuration broken, ignoring restart
-   echo $0 $ARG: (run 'apachectl configtest' for details)
-   ERROR=7
-   fi
-   fi
-   ;;
-status)
-   $LYNX $STATUSURL | awk ' /process$/ { print; exit } { print } '
-   ;;
-fullstatus)
-   $LYNX $STATUSURL
-   ;;
-configtest)
-   if $HTTPD -t; then
-   :
-   else
-   ERROR=8
-   fi
-   ;;
-*)
-   echo usage: $0 
(start|stop|restart|fullstatus|status|graceful|configtest|help)
-   cat EOF
-
-start  - start @progname@
-startssl   - start @progname@ with SSL enabled
-stop   - stop @progname@
-restart- restart @progname@ if running by sending a SIGHUP or start if 
- not running
-fullstatus - dump a full status screen; requires lynx and mod_status enabled
-status - dump a short status screen; requires lynx and mod_status enabled
-graceful   - do a graceful restart by sending a