-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, (Folloup on "How can I share photos in intenrnet, with control?") Following instructions on: <https://en.opensuse.org/SDB:Apache_installation#Virtual_Hosts> <http://httpd.apache.org/docs/2.2/vhosts/ip-based.html> And ideas from Knurpht configuration and <http://www.linuxandubuntu.com/home/how-to-create-virtual-hosts-on-apache-server-to-host-multiple-websites> The internal and external vhosts are taken from the distribution provided "/etc/apache2/vhosts.d/vhost.template" file. I got the "external view working", but not the "internal view", with basically the same configuration. **** "External view", or external vhost - comments removed: *** (DYN.DNS is a placeholder for the actual fqdns name accessible from internet) File /etc/apache2/vhosts.d/DYN.DNS.conf: <VirtualHost *:50000> ServerAdmin webmaster@localhost ServerName DYN.DNS DocumentRoot /data/waterhoard/vhosts/DYN.DNS/htdocs ErrorLog /var/log/apache2/DYN.DNS-error_log CustomLog /var/log/apache2/DYN.DNS-access_log combined HostnameLookups Off UseCanonicalName Off ServerSignature On # Include /etc/apache2/conf.d/php5.conf # # or, to include all configuration snippets added by packages: # Include /etc/apache2/conf.d/*.conf ScriptAlias /cgi-bin/ "/data/waterhoard/vhosts/DYN.DNS/cgi-bin" <Directory "/data/waterhoard/vhosts/DYN.DNS/cgi-bin"> AllowOverride None Options +ExecCGI -Includes <IfModule !mod_access_compat.c> Require all granted </IfModule> <IfModule mod_access_compat.c> Order allow,deny Allow from all </IfModule> </Directory> <Directory "/data/waterhoard/vhosts/DYN.DNS/htdocs"> Options Indexes FollowSymLinks AllowOverride None <IfModule !mod_access_compat.c> Require all granted </IfModule> <IfModule mod_access_compat.c> Order allow,deny Allow from all </IfModule> </Directory> </VirtualHost> And /etc/apache2/listen.conf: Listen 80 Listen 50000 This is working, I get a "hello world" when browsing via internet. *** Now the internal config. *** /etc/apache2/vhosts.d/isengard.valinor.conf: <VirtualHost *:80> ServerAdmin webmaster@isengard.valinor ServerName isengard.valinor DocumentRoot /srv/www/htdocs/ ErrorLog /var/log/apache2/isengard.valinor-error_log CustomLog /var/log/apache2/isengard.valinor-access_log combined # don't loose time with IP address lookups HostnameLookups Off # needed for named virtual hosts UseCanonicalName Off ServerSignature On Include /etc/apache2/conf.d/*.conf ScriptAlias /cgi-bin/ "/srv/www/cgi-bin/" <Directory "/srv/www/cgi-bin/"> AllowOverride None Options +ExecCGI -Includes <IfModule !mod_access_compat.c> Require all granted </IfModule> <IfModule mod_access_compat.c> Order allow,deny Allow from all </IfModule> </Directory> <IfModule mod_userdir.c> UserDir public_html Include /etc/apache2/mod_userdir.conf </IfModule> <Directory "/srv/www/htdocs/"> Options Indexes FollowSymLinks Options Indexes FollowSymLinks AllowOverride None <IfModule !mod_access_compat.c> Require all granted </IfModule> <IfModule mod_access_compat.c> Order allow,deny Allow from all </IfModule> </Directory> </VirtualHost> ** Differences from the default: ** Isengard:/etc/apache2/vhosts.d # diff vhost.template isengard.valinor.conf 14,15c14,15 < ServerAdmin webmaster@dummy-host.example.com < ServerName dummy-host.example.com - ---
ServerAdmin webmaster@isengard.valinor ServerName isengard.valinor
20c20 < DocumentRoot /srv/www/vhosts/dummy-host.example.com - ---
DocumentRoot /srv/www/htdocs/
23,24c23,24 < ErrorLog /var/log/apache2/dummy-host.example.com-error_log < CustomLog /var/log/apache2/dummy-host.example.com-access_log combined - ---
ErrorLog /var/log/apache2/isengard.valinor-error_log CustomLog /var/log/apache2/isengard.valinor-access_log combined
43c43 < # Include /etc/apache2/conf.d/*.conf - ---
Include /etc/apache2/conf.d/*.conf
53c53 < ScriptAlias /cgi-bin/ "/srv/www/vhosts/dummy-host.example.com/cgi-bin/" - ---
ScriptAlias /cgi-bin/ "/srv/www/cgi-bin/"
58c58 < <Directory "/srv/www/vhosts/dummy-host.example.com/cgi-bin"> - ---
<Directory "/srv/www/cgi-bin/">
96c96 < <Directory "/srv/www/vhosts/dummy-host.example.com"> - ---
<Directory "/srv/www/htdocs/">
Isengard:/etc/apache2/vhosts.d # This "internal view", or internal vhost, does not work, and I do not understand why. On the client, I get this: links http://isengard.valinor gets: +------------------ Error ------------------+ | | | Error loading http://isengard.valinor/: | | | | Error reading from socket | | | | [ Cancel ] | +-------------------------------------------+ On restart of server - /var/log/apache2/error_log: Sun Dec 29 13:41:17.457008 2019] [mpm_prefork:notice] [pid 22184] AH00170: caught SIGWINCH, shutting down gracefully [Sun Dec 29 13:41:17.572333 2019] [apparmor:error] [pid 22368] (1)Operation not permitted: Failed to change_hat to 'HANDLING_UNTRUSTED_INPUT' [Sun Dec 29 13:41:17.574198 2019] [apparmor:error] [pid 22370] (1)Operation not permitted: Failed to change_hat to 'HANDLING_UNTRUSTED_INPUT' [Sun Dec 29 13:41:17.574315 2019] [mpm_prefork:notice] [pid 22363] AH00163: Apache/2.4.33 (Linux/SUSE) configured -- resuming normal operations [Sun Dec 29 13:41:17.574542 2019] [core:notice] [pid 22363] AH00094: Command line: '/usr/sbin/httpd-prefork -D SYSCONFIG -C PidFile /var/run/httpd.pid -C Include /etc/apache2/sysconfig.d//loadmodule.conf -C Include /etc/apache2/sysconfig.d//global.conf -f /etc/apache2/httpd.conf -c Include /etc/apache2/sysconfig.d//include.conf -D SYSTEMD -DFOREGROUND' [Sun Dec 29 13:41:17.575249 2019] [apparmor:error] [pid 22369] (1)Operation not permitted: Failed to change_hat to 'HANDLING_UNTRUSTED_INPUT' [Sun Dec 29 13:41:17.576561 2019] [apparmor:error] [pid 22372] (1)Operation not permitted: Failed to change_hat to 'HANDLING_UNTRUSTED_INPUT' [Sun Dec 29 13:41:17.576819 2019] [apparmor:error] [pid 22371] (1)Operation not permitted: Failed to change_hat to 'HANDLING_UNTRUSTED_INPUT' On browsing (to the internal view): /var/log/apache2/isengard.valinor-access_log: 192.168.1.14 - - [29/Dec/2019:13:41:42 +0100] "GET / HTTP/1.1" 200 710 "-" "Links (2.20.1; Linux 4.12.14-lp151.28.36-default x86_64; GNU C 7.4.1; text)" 192.168.1.14 - - [29/Dec/2019:13:41:42 +0100] "GET / HTTP/1.1" 200 710 "-" "Links (2.20.1; Linux 4.12.14-lp151.28.36-default x86_64; GNU C 7.4.1; text)" 192.168.1.14 - - [29/Dec/2019:13:41:42 +0100] "GET / HTTP/1.1" 200 710 "-" "Links (2.20.1; Linux 4.12.14-lp151.28.36-default x86_64; GNU C 7.4.1; text)" /var/log/apache2/isengard.valinor-error_log: [Sun Dec 29 13:41:42.788877 2019] [apparmor:warn] [pid 22368] (1)Operation not permitted: [client 192.168.1.14:47426] aa_change_hatv call failed [Sun Dec 29 13:41:42.789642 2019] [apparmor:error] [pid 22368] (1)Operation not permitted: [client 192.168.1.14:47426] Failed to change_hat to 'HANDLING_UNTRUSTED_INPUT' [Sun Dec 29 13:41:42.791215 2019] [apparmor:warn] [pid 22370] (1)Operation not permitted: [client 192.168.1.14:47428] aa_change_hatv call failed [Sun Dec 29 13:41:42.791905 2019] [apparmor:error] [pid 22370] (1)Operation not permitted: [client 192.168.1.14:47428] Failed to change_hat to 'HANDLING_UNTRUSTED_INPUT' [Sun Dec 29 13:41:42.793221 2019] [apparmor:warn] [pid 22369] (1)Operation not permitted: [client 192.168.1.14:47430] aa_change_hatv call failed [Sun Dec 29 13:41:42.793810 2019] [apparmor:error] [pid 22369] (1)Operation not permitted: [client 192.168.1.14:47430] Failed to change_hat to 'HANDLING_UNTRUSTED_INPUT' The apparmor error I think means it tries to associate to an IP that the machine doesn't have. But I'm not doing that, I use "*": <VirtualHost *:80> I have done a test: I copied /etc/apache2/vhosts.d/isengard.valinor.conf to isengard.valinor.bis.conf, listening on port 81. Works instantly. So the error is not in that file! - -- Cheers Carlos E. R. (from 15.1 x86_64 at Telcontar) -----BEGIN PGP SIGNATURE----- iHoEARECADoWIQQZEb51mJKK1KpcU/W1MxgcbY1H1QUCXgimbBwccm9iaW4ubGlz dGFzQHRlbGVmb25pY2EubmV0AAoJELUzGBxtjUfVuYQAn0LlrC2I6vJ1Cf3pa93c JBTWuTP6AJ4qF1zU1eJptwogD4r1lIE6tT0+8Q== =27cy -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org