Why apache-1.3.17 ... leads to probs with .htaccess
What is the reason to upgrade to Apache-1.3.17 with SuSE 7.0? I have been looking into the page with current fixes for SuSE 7.0 http://www.suse.de/de/support/download/updates/70_i386.html recently and found that Apache needs to be fixed. So I applied the recommended rpms (besides Apache some of the modules: - mod_php4-4.0.4pl1-19 - mod_perl-1.24-74 - modcontr-1.0.7-154 ) and all went ok. But today one of my users claimed that pages with .htaccess are no longer accessible. I investigated the problem and found that the respective Apache child process aborts with a segmentation fault ... Any ideas? I could not find a reason why to upgrade to 1.3.17 (I do not read the Apache mailing lists). Regards, -- Gerd Aschemann --- Veröffentlichen heißt Verändern (Carmen Thomas)
Gerd Aschemann wrote/schrieb:
But today one of my users claimed that pages with .htaccess are no longer accessible. I investigated the problem and found that the respective Apache child process aborts with a segmentation fault ...
Sorry, it is already to late this evening. I meant: Directories with password (Basic) authentication via .htaccess ... -- Gerd Aschemann --- Veröffentlichen heißt Verändern (Carmen Thomas)
Last Apache version is 1.3.19 (1.3.18 hasn't been released). It claims to achieve some security related fix (I don't remember exactly) so I think SuSE should release the correspondant rpm's. Apache installation is not so trivial (at least with some abundant funcionality: php, mysql, ssl, etc). I use my own compiled version and I can tell it. .htaccess needs the auth_module. Is it correctly built? =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= ** RoMaN SoFt / LLFB ** roman@madrid.com http://pagina.de/romansoft ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
RoMaN SoFt / LLFB!! wrote/schrieb:
Last Apache version is 1.3.19 (1.3.18 hasn't been released). It claims to achieve some security related fix (I don't remember exactly) so I think SuSE should release the correspondant rpm's.
Apache installation is not so trivial (at least with some abundant funcionality: php, mysql, ssl, etc). I use my own compiled version and I can tell it.
Sure, you are right. To do it yourself is sometimes better. I have used my own software for years on our Suns. But to be up to date with current software releases (at least with security related things) makes a lot of work. One of the reasons to use a distribution like SuSE is to reduce work. And in fact, it reduces work mostly. But sometimes ...
.htaccess needs the auth_module. Is it correctly built?
I reduced the problem to authldap. If I drop the "-DLDAP" from the httpd-call, .htaccess seems to work again. -- Gerd Aschemann --- Veröffentlichen heißt Verändern (Carmen Thomas)
Well me too. With my install. Things were really lousy. The rpm installed fine and I restarted apache. Lo and behold I could no longer make http connections to my server. and yet doing /sbin/init.d/apache status showed OK however a full status would show OK and then fail to show the server-status page. I gave up got my CDs and went back to the old one. Is there anything wrong with that rpm? This happened on three different machines.
semat wrote/schrieb:
Well me too. With my install. Things were really lousy. The rpm installed fine and I restarted apache. Lo and behold I could no longer make http connections to my server. and yet doing /sbin/init.d/apache status showed OK however a full status would show OK and then fail to show the server-status page. I gave up got my CDs and went back to the old one. Is there anything wrong with that rpm? This happened on three different machines.
Have you seen my second posting? Do you still have the same problems when you drop LDAP? Two ways to test that: 1. Try "sh -x /sbin/init.d/apache start" and look for the line where the daemon is really started. The will be a lot of -D -directives. Use the same command line without "-DLDAP". 2. Edit /etc/rc.config.d/apache.rc.config and change HTTPD_SEC_MOD_LDAP=yes to HTTPD_SEC_MOD_LDAP=no If LDAP authentication is not necessary run your patched Apache with this configuration. -- Gerd Aschemann --- Veröffentlichen heißt Verändern (Carmen Thomas)
Hi!
I had big problems too, I kinda fixed them by not loading any other modules
than those in the httpd.conf and an additional of mod_php4 and mod_ssl,
cause those are the only ones I actually use. My problem was that I did not
recognize that the new mod_ssl and the according OpenSSH update was located
on the german ftp.suse.de server because of some export/import rules. after
i had updated openSSH and mod_sll and mod_php4 apache runs ok now, althoug I
found a bug in the new php4 but that is not critical.
there is also an article in the sdb about installing and using apache 1.3.17
with SuSE 7.1, sadly i found that only after i got everything working =)
mathias
----- Original Message -----
From: "Gerd Aschemann"
semat wrote/schrieb:
Well me too. With my install. Things were really lousy. The rpm installed fine and I restarted apache. Lo and behold I could no longer make http connections to my server. and yet doing /sbin/init.d/apache status showed OK however a full status would show OK and then fail to show the server-status page. I gave up got my CDs and went back to the old one. Is there anything wrong with that rpm? This happened on three different machines.
Have you seen my second posting? Do you still have the same problems when you drop LDAP?
Two ways to test that:
1. Try "sh -x /sbin/init.d/apache start" and look for the line where the daemon is really started. The will be a lot of -D -directives. Use the same command line without "-DLDAP". 2. Edit /etc/rc.config.d/apache.rc.config and change
HTTPD_SEC_MOD_LDAP=yes
to
HTTPD_SEC_MOD_LDAP=no
If LDAP authentication is not necessary run your patched Apache with this configuration.
-- Gerd Aschemann --- Veröffentlichen heißt Verändern (Carmen Thomas)
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
participants (4)
-
Gerd Aschemann
-
mathias rockel
-
RoMaN SoFt / LLFB!!
-
semat