Heiko St?wrote: > > Basically the problem is the postrotate command which calls > /etc/init.d/apache2 restart and since version 2.0.53-5 this fully stops > apache und then starts it again, killing the whole thing if the apache > uses an SSL certificate with passphrase since nobody can enter it.
There are valid reasons we do it this way, as some modules have been known to crash on any other type of restart. It was the lesser of two evils (or, the lesser of two unavoidable bug reports). I will be revisiting the fragility of apache's various restart/reload/graceful processes in relation to 3rd party modules after Sarge releases, but for Sarge, this is what we're stuck with. Perhaps the more interesting question for you is: Why do you use passphrases on your SSL certs? If they're only readable by root, what have you gained with a passphrase? If I'm root, I can do arbitrary things to your webserver anyway, including mucking with user sessions, inserting unwanted content, and hijacking sensitive data, so I fail to see how a passphrase does anything but make it more of a pain to both boot the machine and restart apache. The day someone comes up with a valid use case for passphrases on SSL certs is perhaps the day I care more about this bug than some others. :) > I know it's trivial to correct by myself but I try to keep the divergence > to the debian packages real low Everything in /etc/logrotate.d/ should be a conffile, so there's no harm in you editing it. Your changes won't be overwritten. ... Adam -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
