Bug#398223: Acknowledgement (apache2: "[notice] caught SIGTERM, shutting down")
On Sun, 2007-01-07 at 23:06 +0800, Clayton wrote:
> After enduring seven consecutive Sunday morning Apache2 shutdowns (ie. this
> is REALLY reproducible on my end) I commented out the following in my one
> SSL-enabled virtual host:
>
> NameVirtualHost *:443
>
> DocumentRoot /var/www/langex
> ServerName www.langex.net
> ServerAlias server langex.net *.langex.net
> CustomLog /var/log/apache2/access.log combined
> # SSLEngine on
> # SSLCertificateFile /etc/apache2/ssl/langex.self.crt
> # SSLCertificateKeyFile /etc/apache2/ssl/langex.net.key
>
>
> No more spontaneous shutdowns. In other words, with the SSL stuff above
> turned on, Apache2 shuts down every Sunday morning. With it commented out as
> above, I have now gotten through two Sundays without a shutdown.
>
> Sure looks like SSL has something to do with this, at least tangentially.
Hmm, apache2 invokes logrotate weeky, so maybe there's a bug in the
logrotate script. I'd change /etc/logrotate/apache2 to:
/var/log/apache2/*.log {
weekly
missingok
rotate 52
compress
delaycompress
notifempty
create 640 root adm
sharedscripts
postrotate
if [ -f /var/run/apache2.pid ]; then
echo "--- `date` " >> /var/log/apache2/logrotate
/etc/init.d/apache2 restart
>> /var/log/apache2/logrotate 2>&1
fi
endscript
}
and see what happens.
HTH, Ralf Mattes
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#398223: Acknowledgement (apache2: "[notice] caught SIGTERM, shutting down")
bOn Sun, 2007-01-14 at 10:44 +0800, Clayton wrote:
>
> Hi Ralf,
>
> I re-enabled the SSL stuff and sure enough, apache2 died again this morning,
> this time with your logrotate mods above in place.
Fine,
> However, sorry to say that the "logrotate" log file that was generated only
> contains a time stamp, ie.:
>
> --- Sun Jan 14 06:37:50 CST 2007
>
So, logrotate runs on Sunday mornig at 06:37 - that's exactly what we
wanted to know.
> error.log contains the usual nauz:
Gosh, read it. It's all there!
> [Sun Jan 14 06:38:11 2007] [error] Init: Unable to read pass phrase [Hint:
> key introduced or changed before restart?]
> [Sun Jan 14 06:38:12 2007] [error] SSL Library Error: 218710120
> error:0D094068:asn1 encoding routines:d2i_ASN1_SET:bad tag
> [Sun Jan 14 06:38:12 2007] [error] SSL Library Error: 218529960
> error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
> [Sun Jan 14 06:38:12 2007] [error] SSL Library Error: 218595386
> error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error
> [Sun Jan 14 06:38:12 2007] [error] SSL Library Error: 218734605
> error:0D09A00D:asn1 encoding routines:d2i_PrivateKey:ASN1 lib
>
Well, logrotate rotates the logfiles and then restarts the server
("/etc/init.d/apache2 restart" in the postrotate section). And,
according to the "usual nauz" you server can't start because someone was
smart enough to 'protect' the certificate with a passphrase
> Let me know if there is anything else I can do to help,
> Clayton
Fix your setup by using a certificate with an empty passphrase.
HTH Ralf Mattes
>
>
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#360561: [cl-debian] Bug#360561: cmucl: CMUCL does not run under kernel version 2.6.16
On Wed, 2006-07-26 at 17:48 +0200, Peter Van Eynde wrote: > [... schnip ...] > I can see what the solution would be but there are technical and cultural > problems with it, basicly the debian package would be 'different' from a > normal cmucl and this is often enough reason to distrust bug reports from > debian users. > This is a _very_ good point! > > > I'm open to suggestions on what I should 'require'. ;-) > > > > Well, hopefull this is only a short-term issue. I don't really know the > > Debian package syntax, but can't you can something like "requires > > linux-image-2.4, or linux-image-2.6 with version <= 2.6.15"? > > This would only require a specific version of the kernel to be installed, > there is no general way to say 'this package only runs with kernels < 2.6.15 > and > 2.7.17-5 (I hope). Well, isn't this a job for the 'Conflicts' section. Of course this would only protect the user from installing a not-working kernel image but those who compile their own kernels should know what they do. Cheers, Ralf Mattes > Groetjes, Peter > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#423002: apache: The RLimitCPU directive doesn't act
On Wed, 2007-05-09 at 13:01 +0200, Stefan Fritsch wrote: > > Using the RLimitCPU directive doesn't change anything in Apache behaviour > > : it doesn't limit execution time. > > I used RLimitCPU 30 in the config of a virtual server in order to limit > > execution time to 30 seconds, but it didn't seem to work, so I added : > > php_admin_value max_execution_time 60 to the virtual server config then, > > running a very long php page I got : > >> PHP Fatal error: Maximum execution time of 60 seconds exceeded > > It shows that the script ran until the php time limit, without considering > > at all the RLimitCPU directive. > > If you use mod_php this is the intended behaviour. From > > http://httpd.apache.org/docs/1.3/mod/core.html#rlimitcpu > > "This applies to processes forked off from Apache children servicing > requests, not the Apache children themselves." > > So this will affect php only if you use it in cgi mode, not if the php > scripts run in apache with mod_php. Note also: there is a difference between CPU time and execution time ... running for 60 seconds most likely _doesn't_ mean hogging the CPU for 60 seconds. Cheers, Rald Mattes > Cheers, > Stefan > > > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#444048: apache2: CGI scripts entirely broken
On Tue, 2007-09-25 at 13:08 -0700, Nick Price wrote: > I've tried with several known-good scripts as well, and with \r\n\r\n > and still nothing. The permissions are correct on the script and I am > not using suexec. > > Any ideas? Yes, many. But you might help us by providing the _exact_ script you try to run. This smells like a not-working sheebang line. How do you specify the perl interpreter? Remember: apache2 runs in a rather restricted environment: ENV="env -i LANG=C PATH=/usr/local/bin:/usr/bin:/bin" HTH Ralf Mattes > > On 9/25/07, martin f krafft <[EMAIL PROTECTED]> wrote: > also sprach Nick Price <[EMAIL PROTECTED]> [2007.09.25.1918 > +0100]: > > I have a perl script that is simply > > print "Content-type: text/html\n\n"; > > I believe this has to be \r\n\r\n. > > -- > .''`. martin f. krafft <[EMAIL PROTECTED]> > : :' : proud Debian developer, author, administrator, and > user > `. `'` http://people.debian.org/~madduck - > http://debiansystem.info > `- Debian - when you have better things to do than fixing > systems > > -BEGIN PGP SIGNATURE- > Version: GnuPG v1.4.6 (GNU/Linux) > > iD8DBQFG > +WgeIgvIgzMMSnURAgIwAJ9HVrWvWyEaOGA3DFaie39C6ssoHgCgw4NX > ozbk8SYOOMs7s7X+QzeYThM= > =d1yx > -END PGP SIGNATURE- > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#444048: apache2: CGI scripts entirely broken
On Tue, 2007-09-25 at 13:36 -0700, Nick Price wrote: > That script I pasted, as well as the latest version of awstats > (http://awstats.sourceforge.net/), and uber-uploader > (http://uber-uploader.sourceforge.net/) You mean your script looks like this: *- | print "Content-type: text/html\n\n"; | Nothing more? No #!-line at the begining? How do you invoke your script from the command line? What does the following produce: $ sudo -s # su - www-data $ env -i LANG=C PATH=/usr/local/bin:/usr/bin:/bin ./your-script-name Cheers, RalfD > They were all working just fine until after an apt-get upgrade, I > didn't catch which version of apache was previously running, > unfortunately. > > On 9/25/07, Ralf Mattes <[EMAIL PROTECTED]> wrote: > On Tue, 2007-09-25 at 13:08 -0700, Nick Price wrote: > > I've tried with several known-good scripts as well, and with > \r\n\r\n > > and still nothing. The permissions are correct on the > script and I am > > not using suexec. > > > > Any ideas? > > Yes, many. But you might help us by providing the _exact_ > script you try > to run. This smells like a not-working sheebang line. How do > you specify > the perl interpreter? Remember: apache2 runs in a rather > restricted > environment: > > ENV="env -i LANG=C PATH=/usr/local/bin:/usr/bin:/bin" > > HTH Ralf Mattes > > > > > On 9/25/07, martin f krafft <[EMAIL PROTECTED] > wrote: > > also sprach Nick Price <[EMAIL PROTECTED]> > [2007.09.25.1918 > > +0100]: > > > I have a perl script that is simply > > > print "Content-type: text/html\n\n"; > > > > I believe this has to be \r\n\r\n. > > > > -- > > .''`. martin f. krafft <[EMAIL PROTECTED]> > > : :' : proud Debian developer, author, > administrator, and > > user > > `. `'` http://people.debian.org/~madduck - > > http://debiansystem.info > > `- Debian - when you have better things to do > than fixing > > systems > > > > -BEGIN PGP SIGNATURE- > > Version: GnuPG v1.4.6 (GNU/Linux) > > > > iD8DBQFG > > > +WgeIgvIgzMMSnURAgIwAJ9HVrWvWyEaOGA3DFaie39C6ssoHgCgw4NX > > ozbk8SYOOMs7s7X+QzeYThM= > > =d1yx > > -END PGP SIGNATURE- > > > > > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#444048: apache2: CGI scripts entirely broken
On Tue, 2007-09-25 at 14:42 -0700, Nick Price wrote: > It does actually begin with #!/usr/bin/perl -w and then the single > line of code. I wasn't sure what you meant. > > [EMAIL PROTECTED]:~$ env -i LANG=C PATH=/usr/local/bin:/bin ./test.pl > Content-type: text/html > > [EMAIL PROTECTED]:~$ > > To invoke the script via commandline earlier, I did the same thing > without forcing the env variables. Ok, I had a closer look at your script - as others already mentioned: HTTP headers end with Carriage-Return,Newline. If I test locally with your version I get the same error message, if I use "\r\n\r\n" I get the expected, correct behavior. HTH Ralf Mattes > > On 9/25/07, Ralf Mattes <[EMAIL PROTECTED]> wrote: > On Tue, 2007-09-25 at 13:36 -0700, Nick Price wrote: > > That script I pasted, as well as the latest version of > awstats > > (http://awstats.sourceforge.net/), and uber-uploader > > (http://uber-uploader.sourceforge.net/) > > You mean your script looks like this: > > *- > | print "Content-type: text/html\n\n"; > | > > Nothing more? No #!-line at the begining? > How do you invoke your script from the command line? > What does the following produce: > > $ sudo -s > # su - www-data > $ env -i LANG=C > PATH=/usr/local/bin:/usr/bin:/bin ./your-script-name > > Cheers, RalfD > > > They were all working just fine until after an apt-get > upgrade, I > > didn't catch which version of apache was previously running, > > unfortunately. > > > > On 9/25/07, Ralf Mattes <[EMAIL PROTECTED]> wrote: > > On Tue, 2007-09-25 at 13:08 -0700, Nick Price wrote: > > > I've tried with several known-good scripts as > well, and with > > \r\n\r\n > > > and still nothing. The permissions are correct on > the > > script and I am > > > not using suexec. > > > > > > Any ideas? > > > > Yes, many. But you might help us by providing the > _exact_ > > script you try > > to run. This smells like a not-working sheebang > line. How do > > you specify > > the perl interpreter? Remember: apache2 runs in a > rather > > restricted > > environment: > > > > ENV="env -i LANG=C > PATH=/usr/local/bin:/usr/bin:/bin" > > > > HTH Ralf Mattes > > > > > > > > On 9/25/07, martin f krafft <[EMAIL PROTECTED] > > wrote: > > > also sprach Nick Price <[EMAIL PROTECTED]> > > [2007.09.25.1918 > > > +0100]: > > > > I have a perl script that is simply > > > > print "Content-type: text/html\n\n"; > > > > > > I believe this has to be \r\n\r\n. > > > > > > -- > > > .''`. martin f. krafft > <[EMAIL PROTECTED]> > > > : :' : proud Debian developer, author, > > administrator, and > > > user > > > `. `'` http://people.debian.org/~madduck > - > > > http://debiansystem.info > > > `- Debian - when you have better things > to do > > than fixing > > > systems > > > > > > -BEGIN PGP SIGNATURE- > > > Version: GnuPG v1.4.6 (GNU/Linux) > > > > > > iD8DBQFG > > > > > > +WgeIgvIgzMMSnURAgIwAJ9HVrWvWyEaOGA3DFaie39C6ssoHgCgw4NX > > > ozbk8SYOOMs7s7X+QzeYThM= > > > =d1yx > > > -END PGP SIGNATURE- > > > > > > > > > > > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
