Hi Luca, I increased the LogLevel to debug, but nothing related to the issue came up.
However, looking in /proc/$PID/fd/, where $PID is the process ID of an
Apache process, I find that there are two symbolic links pointing to
/run/lock/apache2/ssl-cache.19037 # number changes after restart
/run/lock/apache2/ssl-stapling.19037 # number changes after restart
Both these link destinations are deleted. So it looks like the SSL
session and stapling caches are created, opened, and then deleted, with
the file descriptors remaining active and the caches remaining functional.
What's more peculiar though is that my configuration says
SSLSessionCache shmcb:${APACHE_RUN_DIR}/ssl_scache(512000)
SSLStaplingCache shmcb:${APACHE_RUN_DIR}/ssl_stapling(32768)
where APACHE_RUN_DIR is /var/run/apache2. Note that
1.) the above file descriptors point inside /run/, not /var/run/
2.) the basenames are different (e.g. ssl-cache instead of ssl_scache)
So my settings are apparently ignored. This is on Ubuntu 14.04. I wonder
if the Ubuntu Apache package has something special going on here?
It would be nice if this could be understood. Any more thoughts?
Thanks a lot,
Peter
PS: I had a similar issue in the past, where I could not see temporary
files of a daemon. It turned out that the daemon had a private
/tmp/ mount in its own filesystem namespace, achieved via systemd's
PrivateTmp setting. However, the issue at hand does not seem to be
a namespace issue.
On 03/27/2017 04:12 PM, Luca Toscano wrote:
> Hi Peter,
>
> 2017-03-23 13:58 GMT+01:00 Peter Thomassen <[email protected]
> <mailto:[email protected]>>:
>
> Hi,
>
> Using Apache 2.4.10 on Ubuntu, I configured SSLSessionCache like
>
> SSLSessionCache shmcb:${APACHE_RUN_DIR}/ssl_scache(512000)
>
> ... where APACHE_RUN_DIR is /var/run/apache2.
>
> During operating, the ssl_scache file is not created. However, according
> to server-status, there are still entries in the cache.
>
> I don't understand this behavior -- is this normal?
>
>
> Anything relevant in the error logs? If not, could you increase the
> LogLevel (https://httpd.apache.org/docs/2.4/mod/core.html#loglevel) and
> see if anything comes up?
>
> Luca
>
--
Mit freundlichen Grüßen
Peter Thomassen
OpenPGP Key: 0x2BA469F9
Verwirrender Anhang? Das ist eine digitale Unterschrift.
Details: https://www.anonym-surfen.de/help/email-openpgp.html
------------------------------------------
a4a GmbH
Scheffelstr. 14
97072 Würzburg
Germany
fon: +49-931-2705351
fax: +49-931-27049942
web: https://a4a.de
e-mail: [email protected]
Geschäftsführer: Dr. Peter Thomassen
Registergericht AG Würzburg HRB 10041
USt-IdNr.: DE263344753
signature.asc
Description: OpenPGP digital signature
