** Description changed:
[Impact]
+ There are two conditions for this bug to happen, as far as I could figure out:
+ a) the mpm_prefork module configuration files are named just
prefork.{conf,module} instead of mpm_prefork.{conf,module}
+ b) this renamed prefork mpm module is enabled manually instead of using
a2enmod
- * An explanation of the effects of the bug on users and
+ These conditions mean that one will have two mpm modules enabled at the
+ same time in /etc/apache2/mod-enabled, something that the a2enmod tool
+ knows how to prevent. But the symlinks can still be created manually.
- * justification for backporting the fix to the stable release.
+ These were the conditions I could figure out via code inspection and
+ from logs from this bug and #1771934, meaning, I could reproduce the
+ same error, including shell code path execution.
- * In addition, it is helpful, but not required, to include an
- explanation of how the upload fixes this bug.
+ It's quite a corner case, but it showed a real bug in the apache apache2
+ -maintscript-helper shell script. It seems to be triggered by a
+ puppetlabs module, but I didn't install or configure puppet to confirm.
+
+ One could argue it's a local configuration issue, since non-standard
+ tools were used, but the bug it showed in the apache script is real and
+ I believe it's worth fixing.
+
+ Once the two mpm modules (event, from the default install, and preform, from
the manual symlink) are enabled at the same time, the following happens when
php is installed:
+ - php's postinst runs a2query -M to check which mpm is in use
+ - that call returns "event", so php proceeds to switch the mpm to prefork by
calling "apache2_switch_mpm prefork"
+ - due to the bug, apache2_switch_mpm() will check if "prefork" (and NOT
mpm_prefork) is already enabled. At this line, $MPM=preform, and $mpm is not
defined. So this:
+
+ a2query -m "$mpm_$MPM" > /dev/null 2>&1 || a2query_ret=$?
+
+ Turns into:
+ a2query -m "prefork" > /dev/null 2>&1 || a2query_ret=$?
+
+ - because there is a /etc/apache2/mods-enabled/prefork.* symlink (manually
created), this returns 0, in which case the function determines there is
nothing to do (prefork is already enabled!) and exits 0 without actually
switching anything
+ - mpm_event is still enabled, and when a2enmod is called to enable php, that
correctly complains and fails.
+
+ With the fix, the a2query call from apache2_switch_mpm() will correctly
+ determine that mpm_prefork is not enabled, and perform the requested
+ switch.
+
[Test Case]
sudo apt update
sudo apt install apache2
sudo cp /etc/apache2/mods-available/{mpm_prefork,prefork}.conf
sudo cp /etc/apache2/mods-available/{mpm_prefork,prefork}.load
sudo ln -s /etc/apache2/mods-{available,enabled}/prefork.load
sudo ln -s /etc/apache2/mods-{available,enabled}/prefork.conf
Installing the php7.2 module now will fail:
sudo apt install libapache2-mod-php7.2
Creating config file /etc/php/7.2/apache2/php.ini with new version
apache2_switch_mpm prefork: No action required
dpkg: error processing package libapache2-mod-php7.2 (--configure):
- installed libapache2-mod-php7.2 package post-installation script subprocess
returned error exit status 1
+ installed libapache2-mod-php7.2 package post-installation script subprocess
returned error exit status 1
E: Sub-process /usr/bin/dpkg returned an error code (1)
With the package from proposed, the above will work just fine.
If a user is in the failed situation already, a dist-upgrade also fixes the
problem.
[Regression Potential]
* discussion of how regressions are most likely to manifest as a result
of this change.
* It is assumed that any SRU candidate patch is well-tested before
upload and has a low overall risk of regression, but it's important
to make the effort to think about what ''could'' happen in the
event of a regression.
* This both shows the SRU team that the risks have been considered,
and provides guidance to testers in regression-testing the SRU.
[Other Info]
* Anything else you think is useful to include
* Anticipate questions from users, SRU, +1 maintenance, security teams and
the Technical Board
* and address these questions in advance
[Original Description]
The following line appears to have a typo:
a2query -m "$mpm_$MPM" > /dev/null 2>&1 || a2query_ret=$?
It should read:
a2query -m "mpm_$MPM" > /dev/null 2>&1 || a2query_ret=$?
Since $mpm is not defined. Later on there are references to enabling and
disabling "mpm_$MPM".
https://salsa.debian.org/apache-
team/apache2/blob/master/debian/debhelper/apache2-maintscript-
helper#L290
This appears to trip up the Puppet apache module since it creates a
prefork module (rather than mpm_prefork), which results in the above
query returning a positive response. This is what's happening in bug
#1771934.
Fix is obvious and trivial so can hopefully be implemented soon. Appears
only to affect bionic since xenial had different code.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1782806
Title:
Typo in apache2-maintscript-helper causes MPM check to misfire
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1782806/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
