[Bug 1853021] Re: ssl-cert generate-default-snakeoil provides no way to override default 10 year expiration or reduce to 825 day expiration
The link at [1] does not talk about self-signed certificates at all, only about DV and OV certificates. I agree that make-ssl-cert should have an option for the life time of the generated certificate, but I don't think that 825 days should be the default for 'generate-default- snakeoil'. If you have an official certificate, you don't have to do anything on the clients to make it trusted, but for a self-signed certificate, you have to distribute the certificate manually. Having to do this every 2.5 years seems excessive. [1] https://cabforum.org/2017/03/17/ballot-193-825-day-certificate-lifetimes/ -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1853021 Title: ssl-cert generate-default-snakeoil provides no way to override default 10 year expiration or reduce to 825 day expiration To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ssl-cert/+bug/1853021/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1566519] Re: Please add native systemd units
>From looking at the patch, I have a few comments/questions: - Don't you have to name the service exactly like the init script, apache-htcacheclean, to make sure it overrides the init script? - You should depend on network-online.target . Apache may not start if some IPs are not yet configured. - I would not recommend graceful stop as default stop action. We had that in the init script for a while and it didn't work too well. From the changelog: Make the init script use normal 'stop' instead of 'graceful-stop' again: With graceful-stop, it can take a long time until all child processes have closed their listening sockets and there is no way for the init script to know when it is save to start apache again. This could make the restart of apache fail. - You don't seem to support multiple instances, yet. Why do you call the service apache2@.service, then? But I haven't tested it, yet. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1566519 Title: Please add native systemd units To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1566519/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1468822] Re: Apache 2.4.7 does not set environment vars. Checked with "Apache2 -V" just after installation.
** Changed in: apache2 (Ubuntu) Status: Incomplete => Invalid -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1468822 Title: Apache 2.4.7 does not set environment vars. Checked with "Apache2 -V" just after installation. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1468822/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1556065] Re: I win but i did't get anything and I lost my awp
** Changed in: apache2 (Ubuntu) Status: New => Invalid -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1556065 Title: I win but i did't get anything and I lost my awp To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1556065/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1468822] Re: Apache 2.4.7 does not set environment vars. Checked with "Apache2 -V" just after installation.
Use 'apachectl -V' instead of calling apache2 directly. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1468822 Title: Apache 2.4.7 does not set environment vars. Checked with "Apache2 -V" just after installation. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1468822/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1366174] Re: apache2 SEGV with multiple SSL sites
> Looks like Vivid will need to either cherry-pick this, or a merge may be > sufficient > since your message says you picked r1629372, r1629485, r1629519 and Debian > 2.4.10-6 reports to have picked everything up to r1632831 but I need to check > this. The commits mentioned by Alex are in the trunk branch, but 2.4.10-6 merged only from the 2.4.x branch. The relevant fix in the 2.4.x branch is r1634529. I will include that commit in 2.4.10-8. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1366174 Title: apache2 SEGV with multiple SSL sites To manage notifications about this bug go to: https://bugs.launchpad.net/apache2/+bug/1366174/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1251939] Re: config*.m4 search path
Hi Robie, Am Montag, 6. Januar 2014, 13:01:06 schrieb Robie Basak: > I'm wondering if there's more of a potential issue in Ubuntu than in > Debian here. Our next release will be supported for five years, so > I expect that we'll backport a number of as-yet-unknown bug fixes. > As we're team based, it could be anybody doing this, and they may > be unaware of this issue. > > So I think I'd prefer to carry the backported fix for this, just so > there isn't a mine for a future developer to step on. > > We prefer to keep our delta against Debian small, so that's a vote > from me to have the fix in 2.4.7-2, please. That's assuming that we > just need the ignore-quilt-dir patch, or are there any > complications with build system regeneration or anything like that? The code is only executed when running buildconf to re-create configure. This is not normally done during package build. Therefore the patch to build/config-stubs is sufficient to avoid the problem in the future if/when someone needs to re-run buildconf again. I have committed the patch to be included in 2.4.7-2. Cheers, Stefan -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1251939 Title: Chroot fails with "Cannot chroot when not started as root" error To manage notifications about this bug go to: https://bugs.launchpad.net/apache2/+bug/1251939/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1251939] Re: config*.m4 search path
Hi Robie, Am Freitag, 3. Januar 2014, 16:53:26 schrieb Robie Basak: > I'm merging apache2 2.4.7-1 from Debian into Ubuntu, but I can't > find the fix in Debian for this issue. The upstream fix doesn't > seem to be present, and I tried dropping a config*.m4 file into > .pc/ and the "configfiles=" line picks it up. > > So is Debian 2.4.7-1 still affected by this issue, or has there been > some other fix of which I'm not aware? I'm not sure whether this is > a bug in Debian, or if I'm missing something. You are right, the real fix is not included. We "fixed" the issue by removing the patches that touch *.m4 files. Therefore, no *.m4 file will be created in the .pc directory. This reminds me that I need to propose the upstream patch for backport to 2.4.8. Maybe we should put the fix into the debian package for 2.4.7-2, too, but there are usually few reasons to patch the m4 files, now that we have moved mpm-itk to its own source package. Cheers, Stefan -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1251939 Title: Chroot fails with "Cannot chroot when not started as root" error To manage notifications about this bug go to: https://bugs.launchpad.net/apache2/+bug/1251939/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1251939] Re: Chroot fails with "Cannot chroot when not started as root" error
If you fix that, you also need to regenerate debian/patches/itk-rerun- configure.patch after the upstream patch has been applied . I have done that in the attached patch. I would recommend that you do that for saucy. This will also be fixed in 2.4.6-4, which will be uploaded to Debian soon. Therefore for trusty, there is probably no need for further action. ** Patch added: "patch against 2.4.6-2" https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1251939/+attachment/3911233/+files/unixd-fix.patch -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1251939 Title: Chroot fails with "Cannot chroot when not started as root" error To manage notifications about this bug go to: https://bugs.launchpad.net/apache2/+bug/1251939/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1232469] Re: Apache coredump when started with dbd and php5 enabled
I can reproduce this on Debian sid. Somehow openssl's int_free_ex_data() calls a free_func that points into nirvana. I guess this may be due to all the libraries being loaded, unloaded and then loaded again during apache config parsing. Some library using ssl may do the wrong thing during unloading and openssl gets confused. I think libpq is the primary suspect here. ** Attachment added: "backtrace with debug information" https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1232469/+attachment/3904134/+files/gdb.txt -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1232469 Title: Apache coredump when started with dbd and php5 enabled To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1232469/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1207384] Re: apache2 failure to start on boot when binding to IPv6 address
I don't think this should be fixed in apache'2 init script. It depends on '$network' and whatever is providing $network must ensure that the network is actually usable. Also, it makes much more sense to fix this in one place instead of hundreds of network daemons which are affected by the same issue. If apache2's upstart configuration is missing the equivalent of the dependency on $network, this should be fixed. But this would be a Ubuntu specific issue because upstart support is not included in the Debian package. OTOH, if apache2's upstart configuration is correct, reassign this report to whatever is doing the network configuration under Ubuntu. Because then the bug must be there. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1207384 Title: apache2 failure to start on boot when binding to IPv6 address To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1207384/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1203541] [NEW] Include output of bug script in crash reports
Public bug reported: Debian's apache2 package contains /usr/share/bug/apache2/script (actually it's a link to .../apache2-bin/script) which gives useful output for crash bug reports. It would be nice if apport could include the output of that script when reporting a crash report. Or maybe that should be done for all packages? Usually the Debian maintainer has a reason if (s)he includes a bug script. ** Affects: apache2 (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1203541 Title: Include output of bug script in crash reports To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1203541/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1202655] Re: mod_wsgi crashes during shutdown
** Summary changed: - apache2 crashed with SIGABRT in do_fcntl() + mod_wsgi crashes during shutdown ** Package changed: apache2 (Ubuntu) => mod-wsgi (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1202655 Title: mod_wsgi crashes during shutdown To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/mod-wsgi/+bug/1202655/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1202655] Re: apache2 crashed with SIGABRT in do_fcntl()
The "StacktraceTop" shown above is not actually the top of the stack. It looks like apache is shutting down and mod_wsgi is crashing during shutdown. #2 0x7f383822c6ee in Py_FatalError () from /tmp/apport_sandbox_EBD2sJ/usr/lib/x86_64-linux-gnu/libpython2.7.so.1.0 No symbol table info available. #3 0x7f383821a8dc in PyEval_AcquireThread () from /tmp/apport_sandbox_EBD2sJ/usr/lib/x86_64-linux-gnu/libpython2.7.so.1.0 No symbol table info available. #4 0x7f38374566ee in wsgi_python_child_cleanup (data=) at mod_wsgi.c:6885 interp = 0x0 #5 0x7f383dcc5d2e in run_cleanups (cref=) at ../memory/unix/apr_pools.c:2352 c = #6 apr_pool_destroy (pool=0x7f383e368028) at ../memory/unix/apr_pools.c:814 active = allocator = #7 0x7f383abfa1ae in clean_child_exit (code=code@entry=0) at prefork.c:218 No locals. #8 0x7f383abfa1eb in just_die (sig=) at prefork.c:344 No locals. #9 No locals. The "signal handler called" is actually the SIGTERM handler. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1202655 Title: apache2 crashed with SIGABRT in do_fcntl() To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1202655/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1028470] Re: apache2+ssl hangs on high load
Evgeny, you can use "netstat -tnp |grep curl " to get the other port number of the connection from curl to apache2. With that, you can look for the other end of the connection in "netstat -tnp" output. The last column should give be "123/apache2" where 123 is the pid of the apache2 process. You will have to execute netstat -tnp as root to get the info. The backtrace of the child process you posted looks more like a process that is waiting for a connection. But one would need the debug info installed to be absolutely sure. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1028470 Title: apache2+ssl hangs on high load To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1028470/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1028470] Re: apache2+ssl hangs on high load
I cannot reproduce this on Debian unstable with either 2.2.22-9 or 2.2.22-1. Wild guess: Do you have a per-user process limit configured in /etc/security/limits.conf ? If no, it would be helpful if you could provide a backtrace of the process that curl connects to and hangs. There is some documentation about how to do that in /usr/share/doc/apache2.2-common/README.backtrace. But the doc is for Debian. For Ubuntu, the installing of the debugging symbols works differently (maybe someone else can provide a pointer). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1028470 Title: apache2+ssl hangs on high load To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1028470/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1028204] Re: /etc/apache2/sites-available/default-ssl contain a regex error at line 169
No, the regex is correct. It matches MSIE 7 to 9 and 10 to 19 ** Changed in: apache2 (Ubuntu) Status: New => Invalid -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1028204 Title: /etc/apache2/sites-available/default-ssl contain a regex error at line 169 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1028204/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 988819] Re: [SRU] wrong path to libxml2.so.2 in mod_security - broken by multiarch enabled libraries
There are two schools of thought here. Some people prefer linking to the libraries directly (the saner approach for a Linux distribution) and some people prefer to load depending libraries with LoadFile (to make it easier to avoid loading to different versions of the same library in the same process). Mod_security used to take the second approach. If that has changed, or the packaging modifies it to link to libxml, then simply removing the LoadFile line is the logical thing to do. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/988819 Title: [SRU] wrong path to libxml2.so.2 in mod_security - broken by multiarch enabled libraries To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/988819/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1018285] Re: Redirects incorrectly set Location header in response when Host header is set in request
Are you sure you have the same configuration for all versions? The behavior is defined by UseCanonicalName and UseCanonicalPhysicalPort: http://httpd.apache.org/docs/2.2/mod/core.html#usecanonicalphysicalport The behavior you describe for 2.2.22-1ubuntu1 seems to match the one for "UseCanonicalPhysicalPort on" while the compiled from source behavior seems to correspond to "off" -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1018285 Title: Redirects incorrectly set Location header in response when Host header is set in request To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1018285/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 917832] Re: init script and upstart job named apache2.1 instead apache2
This is likely this bug in logrotate: https://bugs.launchpad.net/ubuntu/+source/logrotate/+bug/387189 According to that bug it should be fixed in lucid, though. Do you have logrotate 3.7.8-4ubuntu2.1 or newer installed? Some more information is available here: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/392532 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/917832 Title: init script and upstart job named apache2.1 instead apache2 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/917832/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 897120] Re: apache2-suexec-custom changes permissions on suexec binary
That's what dpkg-statoverride is for. I will mention that in the suexec man page. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/897120 Title: apache2-suexec-custom changes permissions on suexec binary To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/897120/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 890219] Re: suexec-custom is not working correctly: only reading the www-data user config file.
What you want to achieve is out of scope of apache2-suexec-custom. The filename in /etc/apache2/suexec is the name of the run user of apache2, i.e. whatever is specified as 'User' in /etc/apache2/apache2.conf. Or put it differently, that's the user suexec changes from, while SuexecUserGroup specifies the user suexec changes to. This is described in the suexec man page, but I guess the description could be more clear. ** Changed in: apache2 (Ubuntu) Status: New => Invalid -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/890219 Title: suexec-custom is not working correctly: only reading the www-data user config file. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/890219/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 839569] Re: Apache2 is still Range header DoS vulnerable if gzip compression is enabled
Note that it is impossible to determine from apache's response alone if apache is vulnerable or not. The only way to check it is to do a request with lots of overlapping ranges (like killapache does) and check if the process size increases a lot or not. On 32bit machines, the original vulnerability caused an increase by 70-90MB per process/thread. On 64bit machines, the increase was even larger. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/839569 Title: Apache2 is still Range header DoS vulnerable if gzip compression is enabled To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/839569/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 811428] Re: Apache does not honor -FollowSymlinks due to TOCTOU, which allows access to /proc// files
This is an unsupported use-case of Apache httpd and I am pretty sure it won't be changed upstream. And I don't think Ubuntu or Debian should deviate from that, see http://seclists.org/oss-sec/2011/q3/111 ** Changed in: apache2 (Ubuntu) Status: New => Invalid -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/811428 Title: Apache does not honor -FollowSymlinks due to TOCTOU, which allows access to /proc// files To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/811428/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 711465] Re: mod_rewrite directives in section confusingly disable rewrites in .htaccess
I think you were only missing "RewriteOptions inherit". Without that, only the "last" set of RewriteRules are executed, and Location comes after .htaccess. Can you try that? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/711465 Title: mod_rewrite directives in section confusingly disable rewrites in .htaccess -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 387189] Re: /dev/null corrupted (/dev/null.1)
This is a logrotate issue and happens if the specified logfile directory (in this case /var/log/apache2) does not exist and the postrotate script contains a closing '}'. Therefore I don't think Jonathan's patch would fix the issue completely. The full info is at http://bugs.debian.org/cgi- bin/bugreport.cgi?bug=571033 and https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/392532 The patch is included in logrotate 3.7.8-5 and newer. ** Bug watch added: Debian Bug tracker #571033 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=571033 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/387189 Title: /dev/null corrupted (/dev/null.1) -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 697105] Re: Segfault on POST
That's weird indeed. Maybe the package in your PPA and the package in natty were compiled with slightly different versions of gcc? Are the buildlogs available somewhere? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/697105 Title: Segfault on POST -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 697105] Re: Segfault on POST
I haven't really looked into this issue in detail and don't know yet if the proposed fix is ok. But in case you want to ahead with it: Your patch is against the wrong package. srclib/ in apache2 is never compiled. You would have to patch the apr package and rebuild apache2 with the fixed libapr1-dev. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/697105 Title: Segfault on POST -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 694754] Re: Apache graceful-stop doesn't end apache processes
Have you checked with netstat that there are no more open connections? The processes will only die once there are no more open connections. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/694754 Title: Apache graceful-stop doesn't end apache processes -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 687275] Re: Fix "graceful" action in init script when mod_chroot is enabled
Which version of apache are you using? Since 2.2.10, it supports chroot without additional modules. And if that breaks graceful restart, that should be fixed. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/687275 Title: Fix "graceful" action in init script when mod_chroot is enabled -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 626728] Re: typing error in default-ssl
Luka, that's correct. "MSIE [17-9]" matches MSIE 7 to 9 and 10 to 19 (and 1, but that should not be a problem). -- typing error in default-ssl https://bugs.launchpad.net/bugs/626728 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 631064] Re: connection "forbidden" on localhost after wireless connected
Thanks for checking, Gerben. Maybe this is related to bug #633981: Can you please check in the output of ip a before and after wireless is connected. Are there any inet6 addresses besides the loop-back entry "inet6 ::1/128 scope host"? Do you use network manager for connecting to the wireless? Maybe some versions of network manager delete an existing IPv6 address when it creates the wireless connection. -- connection "forbidden" on localhost after wireless connected https://bugs.launchpad.net/bugs/631064 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 633981] Re: apache2 does not listen on ipv6 at all when there is no routable IPv6 address
** Package changed: apache2 (Ubuntu) => eglibc (Ubuntu) -- apache2 does not listen on ipv6 at all when there is no routable IPv6 address https://bugs.launchpad.net/bugs/633981 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 633981] Re: apache2 does not listen on ipv6 at all when there is no routable IPv6 address
It seems reasonable to not listen on IPv6 if no v6 address is configured. Unfortunately, Apache (or rather APR) does this by using getaddrinfo's AI_ADDRCONFIG flag. And glibc seems to ignore IPv6 addresses of scope host (i.e. ::1) when deciding if an v6 address is configured. For me, the default fe80::* address of scope link that is configured on eth0 is enough to make getaddrinfo return v6 addresses. If I delete that address, getaddressinfo returns only the v4 address. So, this looks more like a problem of eglibc than apache/APR to me. -- apache2 does not listen on ipv6 at all when there is no routable IPv6 address https://bugs.launchpad.net/bugs/633981 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 631064] Re: connection "forbidden" on localhost after wireless connected
Gerben, can you please also provide the output of the four commands getent hosts ::1 getent hosts 127.0.0.1 getent hosts localhost getent hosts ip6-localhost both before and after wireless network is configured? Thanks. -- connection "forbidden" on localhost after wireless connected https://bugs.launchpad.net/bugs/631064 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 582963] Re: SSL pass phrase dialog can't read input
Doesn't upstart have a facility to handle this kind of problems? If no, how does e.g. cryptsetup work in Ubuntu? -- SSL pass phrase dialog can't read input https://bugs.launchpad.net/bugs/582963 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 626728] Re: typing error in default-ssl
** Changed in: apache2 (Ubuntu) Status: Triaged => Invalid -- typing error in default-ssl https://bugs.launchpad.net/bugs/626728 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 629633] Re: suexec should be configured to use /home as its docroot
Using /home as suexec docroot is a big no-no from a security point of view. It will create local privilege escalation vulnerabilities in many situations. If you don't want to use /var/www you should probably use directories under /srv. In any case, the above howto is outdated. Nowadays there is the apache2 -suexec-custom package which allows to set the suexec docroot without recompiling. But you should read the security advice in the suexec man page that is contained in that package. ** Changed in: apache2 (Ubuntu) Status: Triaged => Invalid -- suexec should be configured to use /home as its docroot https://bugs.launchpad.net/bugs/629633 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 626728] Re: typing error in default-ssl
This is intentional, the regexp is supposed to match MSIE 10 and up. The probability that someone still uses MSIE 1 is zero, but MSIE 10 is not that far away. -- typing error in default-ssl https://bugs.launchpad.net/bugs/626728 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 270899] Re: /etc/init.d/apache2 restart fails on busy webservers
A possible culprit is mod_php. Andreas, do you use mod_php and if yes, which php extensions have you loaded? -- /etc/init.d/apache2 restart fails on busy webservers https://bugs.launchpad.net/bugs/270899 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 582963] Re: SSL pass phrase dialog can't read input
apache2's init script has the "X-Interactive: true" header. IMHO upstart should support this header like insserv does. -- SSL pass phrase dialog can't read input https://bugs.launchpad.net/bugs/582963 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 231706] Re: Enable ExtendedStatus for mod_status by default (was: munin apache plugin no data)
This has been done in 2.2.15-4 -- Enable ExtendedStatus for mod_status by default (was: munin apache plugin no data) https://bugs.launchpad.net/bugs/231706 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 589611] Re: client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23)
I think Jiří found the source of the problem, but it is a mod_ssl bug after all. Reassigning to apache2. This would be https://issues.apache.org/bugzilla/show_bug.cgi?id=45444 ** Bug watch added: Apache Software Foundation Bugzilla #45444 http://issues.apache.org/bugzilla/show_bug.cgi?id=45444 ** Package changed: eglibc (Ubuntu) => apache2 (Ubuntu) -- client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23) https://bugs.launchpad.net/bugs/589611 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 609290] Re: Critical bug in memcpy-ssse3-rep.S
This is https://issues.apache.org/bugzilla/show_bug.cgi?id=45444 Patch is at http://svn.apache.org/viewvc?rev=683280&view=rev ** Bug watch added: Apache Software Foundation Bugzilla #45444 http://issues.apache.org/bugzilla/show_bug.cgi?id=45444 ** Package changed: eglibc (Ubuntu) => apache2 (Ubuntu) -- Critical bug in memcpy-ssse3-rep.S https://bugs.launchpad.net/bugs/609290 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 609290] Re: Critical bug in memcpy-ssse3-rep.S
Thanks for digging into this, but I thing your analysis is wrong. From "man 3posix memcpy": "The memcpy() function shall copy n bytes from the object pointed to by s2 into the object pointed to by s1. If copying takes place between objects that overlap, the behavior is undefined." mod_ssl must use memmove if the buffers may overlap. Of course, the overlapping buffers may be another bug in mod_ssl. I will look into it. -- Critical bug in memcpy-ssse3-rep.S https://bugs.launchpad.net/bugs/609290 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 603211] Re: Apache fails to start after reboot due to missing /var/run/apache2 direcotry when ssl is enabled
That's strange. /usr/sbin/apache2ctl should contain "mkdir -p /var/run/apache2" and the init script should only call apache2ctl. Can you check that? And if apache2 failed to start after a boot, you should be able to restart it (using the init script or apache2ctl) without creating the directory. Maybe something is still cleaning /var/run while apache is already starting. -- Apache fails to start after reboot due to missing /var/run/apache2 direcotry when ssl is enabled https://bugs.launchpad.net/bugs/603211 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 603211] Re: Apache fails to start after reboot due to missing /var/run/apache2 direcotry when ssl is enabled
This should be fixed since 2.2.4-2. Which version are you using? -- Apache fails to start after reboot due to missing /var/run/apache2 direcotry when ssl is enabled https://bugs.launchpad.net/bugs/603211 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 601501] Re: Apache should tap into the shared-mime-info database
About magic: Apache's mod_mime_magic does not support all features that are used in /usr/share/mime/magic. Using that file would result in error messages. And from a quick glance at libmagic, it doesn't seem possible to use it in mod_mime_magic either because it is not thread safe. Therefore apache brings its own magic file. -- Apache should tap into the shared-mime-info database https://bugs.launchpad.net/bugs/601501 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 595116] Re: ssl "error reading the headers"
Robert, please try if deinstalling libc6-i686 or moving /lib/i686 away helps. If yes, please post your /proc/cpuinfo. See my comment in bug #589611 for an explanation. -- ssl "error reading the headers" https://bugs.launchpad.net/bugs/595116 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 589611] Re: client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23)
Actually, I have reproduced bug #595116 and not this one, but I still think it's the same. -- client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23) https://bugs.launchpad.net/bugs/589611 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 589611] Re: client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23)
This is a rather strange bug: - It happens if I enable exactly two out of the three modules deflate, reqtimeout, dump_io. But not with only one or all three of them. - I have also tried replacing mod_ssl.so, mod_deflate.so, and the openssl-libs with the versions from karmic and mod_ssl.so with the version from jaunty: no change But the bug disappears if I do mv /lib/i686 /lib/disabled_i686 There was a bug recently in Debian related to some gcc versions creating wrong code for SSE4. Maybe that is the problem here, too. What CPUs do you people have? Mine is a Core i7. Does moving /lib/i686 away (or deinstalling libc6-i686) help for you too? Does the "flags" line in /proc/cpuinfo on your machines contain sse4_1 or sse4_2? For reference, the Debian bug was http://bugs.debian.org/cgi- bin/bugreport.cgi?bug=583858 ** Bug watch added: Debian Bug tracker #583858 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=583858 -- client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23) https://bugs.launchpad.net/bugs/589611 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 589611] Re: client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23)
I suspect this is the same issue as bug #595855 and #595116: Headers are getting truncated with https. So far, I have no idea about the reason. If you have mod_reqtimeout and/or mod_deflate enabled, you can try if disabling one or both of them makes any difference. -- client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23) https://bugs.launchpad.net/bugs/589611 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 392759] Re: [FFE] apache2 DoS attack using slowloris
You have written "enable it by default" in the changelog, but AFAICS, you have missed the postinst change that actually enables the module. You may want to merge the NEWS.Debian entry, too. -- [FFE] apache2 DoS attack using slowloris https://bugs.launchpad.net/bugs/392759 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 554903] Re: apache2 with mod php5 does not execute index.php
Kenneth: Enabling php in the userdirs is a security hazard: It allows every local user on a machine to execute arbitrary code as user www- data. As this is non-obvious to most admins, the default was changed. In any case, this is not Zalzadore's problem: > http://localhost/bean/index.php the page will render correctly but not if I visit http://localhost/bean/ I have no idea what could be causing this. Zalzadore, can you post more details about your configuration? -- apache2 with mod php5 does not execute index.php https://bugs.launchpad.net/bugs/554903 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 551221] Re: consider a newer version of apache2 for lucid or backport some changes
I am not sure how wise it is to make a release that is supported for 5 years and does not contain the fix for CVE-2009-3555 (unless you mean to add it later). Clients may change their behaviour and refuse to connect to insecure servers at some time in the future. The "improved protection for vulnerable clients" I mentiond in my first post is already in 2.2.14-5, so just ignore that. The postrm hook is not urgent but may be required for the update to the next LTS release. Maybe it would be enough to add it later in a point release. Disclaimer: I don't know much about the Ubuntu release process. ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2009-3555 -- consider a newer version of apache2 for lucid or backport some changes https://bugs.launchpad.net/bugs/551221 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 551221] [NEW] consider a newer version of apache2 for lucid or backport some changes
Public bug reported: Binary package hint: apache2 Apache2 in an LTS release would greatly benefit from some recent changes in the Debian package: In 2.2.14-6: * Add a hook to apache2.2-common's postrm script that may come in handy when upgrading to 2.4. This may allow to do the 2.2 -> 2.4 upgrade in a cleaner way than the hack that was done for 2.0 -> 2.2 (which involved apache2.2-common deleting apache2-common's postrm script). In 2.2.15: - mod_ssl: Add SSLInsecureRenegotiation directive to allows insecure renegotiation with clients which do not yet support the secure renegotiation protocol. As this requires openssl 0.9.8m, bump build dependency accordingly. This allows an admin to configure how to treat clients that are vulnerable to CVE-2009-3555. Also, 2.2.15 has some improved protection for vulnerable clients. In case you want to update to the most recent version despite the sizable changes, you should use 2.2.15-3, which has some important bug fixes over 2.2.15-2. ** Affects: apache2 (Ubuntu) Importance: Undecided Status: New -- consider a newer version of apache2 for lucid or backport some changes https://bugs.launchpad.net/bugs/551221 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 540747] Re: Apache Web DAV incorrect permissions
The patch is a backport from upstream trunk (2.3.x). The correct fix would be to use apr_file_open() with APR_OS_DEFAULT permissions instead of apr_file_mktemp() to create the temp file. Unfortunately, I don't think I will have time to fix it in the next week or so. -- Apache Web DAV incorrect permissions https://bugs.launchpad.net/bugs/540747 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 392532] Re: apache2.2-common: /etc/init.d/apache2 script is empty
** Bug watch added: Debian Bug tracker #571033 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=571033 ** Also affects: logrotate (Debian) via http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=571033 Importance: Unknown Status: Unknown -- apache2.2-common: /etc/init.d/apache2 script is empty https://bugs.launchpad.net/bugs/392532 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 392532] Re: apache2.2-common: /etc/init.d/apache2 script is empty
Thanks for your help, Matt. I think you changed the directory name and that caused the bug to appear. But it is definitely a grave bug in logrotate that it mis-parses the config file and clobbers random files if the log directory does not exist. Uhh, can somebody with more launchpad foo please reassign this to logrotate in a way that it stays visible with apache2? Thanks. ** Changed in: apache2 (Ubuntu) Status: Incomplete => Confirmed -- apache2.2-common: /etc/init.d/apache2 script is empty https://bugs.launchpad.net/bugs/392532 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 392532] Re: apache2.2-common: /etc/init.d/apache2 script is empty
The output of logrotate -d /etc/logrotate.conf (run as root) would be interesting, too. Especially if it mentions errors or the file /etc/init.d/apache2. BTW, you can restore the file with cd /tmp aptitude download apache2.2-common dpkg --extract apache2.2-common_*.deb apache2.2-common sudo cp apache2.2-common/etc/init.d/apache2 /etc/init.d A normal reinstall is not enough because dpkg will think you have emptied the file intentionally. (Purging and installing again would work, but that would delete your whole apache configuration). -- apache2.2-common: /etc/init.d/apache2 script is empty https://bugs.launchpad.net/bugs/392532 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 392532] Re: apache2.2-common: /etc/init.d/apache2 script is empty
I suspect that logrotate chokes on the '}' that is in the postrotate script in /etc/logrotate.d/apache2. Normally it works fine, but maybe if there is a configuration parse error before the script, something goes wrong. Please provide the output from ls -l /etc/logrotate.d and the contents of /etc/logrotate.d/apache2 and any file in that directory that comes before apache2 when sorted alphabetically. If you have modified /etc/logrotate.conf, please provide that file as well. You can determine if you have modified it by comparing the md5sums in the output of the following two commands: dpkg -s logrotate |grep /etc/logrotate.conf md5sum /etc/logrotate.conf Thanks. -- apache2.2-common: /etc/init.d/apache2 script is empty https://bugs.launchpad.net/bugs/392532 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 520389] Re: package gnome-user-share 2.28 .0-0ubuntu1 failed to install/upgrade: Abhängigke itsprobleme - lasse es unkonfiguriert
It looks like some file corrupion. Please provide the output of these two commands: file /var/lib/dpkg/info/apache2.2-common.postinst head -1 /var/lib/dpkg/info/apache2.2-common.postinst You could also try "aptitude reinstall apache2.2-common" -- package gnome-user-share 2.28.0-0ubuntu1 failed to install/upgrade: Abhängigkeitsprobleme - lasse es unkonfiguriert https://bugs.launchpad.net/bugs/520389 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 221933] Re: package update-manager 1:0.87.24 failed to install/upgrade: ErrorMessage: SystemError in cache.commit(): E:Sub-process /usr/bin/dpkg returned an error code (1)
This has been fixed in 2.2.8-5 ** Changed in: apache2 (Ubuntu) Status: Confirmed => Fix Released -- package update-manager 1:0.87.24 failed to install/upgrade: ErrorMessage: SystemError in cache.commit(): E:Sub-process /usr/bin/dpkg returned an error code (1) https://bugs.launchpad.net/bugs/221933 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 392532] Re: apache2.2-common: /etc/init.d/apache2 script is empty
What file system do you use for your root partition? ext4? -- apache2.2-common: /etc/init.d/apache2 script is empty https://bugs.launchpad.net/bugs/392532 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 507616] Re: CustomLog directive in apache2.conf makes it impossible to change default logging without editing the global config.
You can and should edit apache2.conf in this case. I think the number of users who profit from a fall back access log is much higher than the number of users who want to disable the access log altogether ** Changed in: apache2 (Ubuntu) Status: Confirmed => Invalid -- CustomLog directive in apache2.conf makes it impossible to change default logging without editing the global config. https://bugs.launchpad.net/bugs/507616 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 347992] Re: Apache CustomLog and TransferLog directives leave blank logfiles
t3rmin4t0r: This works as intended and as documented, see: http://httpd.apache.org/docs/2.2/logs.html#virtualhost dananarama: Can you please post the configuration excerpt where you put the custom logging inside the virtualhost block and it still does not work? -- Apache CustomLog and TransferLog directives leave blank logfiles https://bugs.launchpad.net/bugs/347992 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 73363] Re: logrotate, apache2, PidFile hardcoded
This has been fixed in 2.2.8-1 ** Changed in: apache2 (Ubuntu) Status: Triaged => Fix Released -- logrotate, apache2, PidFile hardcoded https://bugs.launchpad.net/bugs/73363 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 225105] Re: Mimetypes coming from package mime-support cannot be removed
Since 2.2.14-2, RemoveType also works for types coming from /etc/mime.types ** Changed in: apache2 (Ubuntu) Status: Confirmed => Fix Committed -- Mimetypes coming from package mime-support cannot be removed https://bugs.launchpad.net/bugs/225105 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 422138] Re: Slow memory leak, seen on two machines, appears to be dupe of 224945 even after -updates
> > A workaround may be to add MaxRequestsPerChild 1000 (or an even lower > > value) to your configuration. > > > > > That wouldn't really help since long-running children just hold onto > memory no matter what it seems. A lower MaxRequestsPerChild should make the children terminate earlier. > Does the package information I put in the beginning look right? I think so. Do you use SSLSessionCache dbm? If yes, try switching to shmcb. I seem to remeber a known memory leak in dbm. You can also try if disabling mod_deflate helps. -- Slow memory leak, seen on two machines, appears to be dupe of 224945 even after -updates https://bugs.launchpad.net/bugs/422138 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 422138] Re: Slow memory leak, seen on two machines, appears to be dupe of 224945 even after -updates
Is the parameter -f TLS1 necessary to reproduce the problem? Is the URL / of your webserver a php page? If yes, why is the content length of the page 0, what does the php script do? If not php, what is it? A simple redirect? A workaround may be to add MaxRequestsPerChild 1000 (or an even lower value) to your configuration. -- Slow memory leak, seen on two machines, appears to be dupe of 224945 even after -updates https://bugs.launchpad.net/bugs/422138 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 392759] Re: apache2 DoS attack using slowloris
Some comments: - All Apache MPMs are affected. The sole exception may be if you use the event MPM without SSL. - The slowloris attack leaves plenty of error 400 entries in the access log. - Using iptables connlimit with a reasonable maximum number of connections per IP (like 1/5 or 1/10 of what you server can handle) will give you good protection from single attacking hosts. When the attacker has many hosts (i.e. a botnet) you have lost anyway. - mod_antiloris has some design issues as discussed on the httpd-dev mailing list. Also, it does not protect against a slightly modified attack. Therefore mod_antiloris is not the general solution. - I hope that mod_reqtimeout may be a better approach, but the discussion and testing is not finished yet. For now, the recommendation is to use iptables. -- apache2 DoS attack using slowloris https://bugs.launchpad.net/bugs/392759 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 347992] Re: Apache CustomLog and TransferLog directives leave blank logfiles
Where exactly did you put the CustomLog and TransferLog directives? They need to be inside the virtualhost block(s) in your virtual host config file(s) in .../sites-enabled . -- Apache CustomLog and TransferLog directives leave blank logfiles https://bugs.launchpad.net/bugs/347992 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 306293] Re: Mod_ssl randomly causes apache threads to use 100% of CPU
This looks like https://issues.apache.org/bugzilla/show_bug.cgi?id=44381 which is fixed in 2.2.9. -- Mod_ssl randomly causes apache threads to use 100% of CPU https://bugs.launchpad.net/bugs/306293 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 283187] Re: package apache2.2-common 2.2.9-7ubuntu3 failed to install/upgrade: subprocess post-installation script returned error exit status 1
Setting up apache2.2-common (2.2.9-7ubuntu3) ... ERROR: Module alias not properly enabled: /etc/apache2/mods-enabled/alias.load is a real file, not touching it dpkg: error processing apache2.2-common (--configure): subprocess post-installation script returned error exit status 1 This means you had /etc/apache2/mods-enabled/alias.load lying around from a previous install, you put it there yourself (the package itself only puts symlinks in *-enabled), and now a2enmod is confused. Probably a2enmod should not exit with an error in this case, I will think about it. You can fix the problem by removing that file (and any other files in the same directory). -- package apache2.2-common 2.2.9-7ubuntu3 failed to install/upgrade: subprocess post-installation script returned error exit status 1 https://bugs.launchpad.net/bugs/283187 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 270899] Re: /etc/init.d/apache2 restart fails on busy webservers
Since 2.2.9-2, "/etc/init.d/apache2 restart" does a hard (non-graceful) restart again, so this should already be fixed in Intrepid. James, do you also experience hangs with the default action "/etc/init.d/apache2 reload" during logrotate? If the problem is only with restart, you could just get the init script from Intrepid. -- /etc/init.d/apache2 restart fails on busy webservers https://bugs.launchpad.net/bugs/270899 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 276145] Re: Apace2 default configuration incorrect for allowoverride
Anything other than "AllowOverride None" has a negative impact on performance and should only be enabled on those directories where it is necessary. Therefore "AllowOverride None" is a sensible default. -- Apace2 default configuration incorrect for allowoverride https://bugs.launchpad.net/bugs/276145 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 268868] Re: [Intrepid Alpha 5] NameVirtualHost entry in ports.conf causes "NameVirtualHost *:80 has no VirtualHosts" warning
This is documented in NEWS.Debian. Maybe an entry in the release notes is needed, too? -- [Intrepid Alpha 5] NameVirtualHost entry in ports.conf causes "NameVirtualHost *:80 has no VirtualHosts" warning https://bugs.launchpad.net/bugs/268868 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 239048] Re: apache2 conf.d and sites-enabled oops
Most current version control systems (like SVN, git, hg) use files or dirs starting with a dot to store their data. These files are already ignored. The same is true for RCS because the filenames contain a comma. CVS is the only VCS I know that does not use special chars in its file name. We could probably add a special case for CVS. The exact list of files that are ignored is documented in README.Debian. -- apache2 conf.d and sites-enabled oops https://bugs.launchpad.net/bugs/239048 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 259363] Re: Need to source envvars before being able to use 'apache2' binary.
You can use apache2ctl to pass arbitrary options to apache2. Things like apache2ctl -S apache2ctl -DSOMETHING -X work without sourcing the envvars file. Probably this should be documented more clearly in README.Debian and/or the man page. The alternatives to using envvars for the run user and pid file have different problems and are not really an improvement. -- Need to source envvars before being able to use 'apache2' binary. https://bugs.launchpad.net/bugs/259363 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 234367] Re: If many queries come in too quickly, apache2 freezes.
Some ideas to narrow down the problem: - configure the ldap-status url and see if it gives any useful information while the problem appears (see http://httpd.apache.org/docs/2.2/mod/mod_ldap.html ) - increase apache loglevel - use netstat to watch the number of connections from apache to slapd - possibly increase ldap cache sizes -- If many queries come in too quickly, apache2 freezes. https://bugs.launchpad.net/bugs/234367 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs