[lug] Bad Apache problem?

Justin-lists glow at jackmoves.com
Tue Mar 25 15:07:52 MST 2003 

Thanks for the reply. I am going to skip some of the questions because one of your other suggestions has led me to believe the problem was a result of the glibc updates. I ran 'ldd /usr/sbin/httpd' and checked all the shared libraries for Apache. Interestingly enough almost all of the files were updated when the glibc update completed. A couple of them for example are:
[glowecon at oldschool glowecon]$ ls -l /lib/libcrypt.so.1
lrwxrwxrwx    1 root     root           17 Mar 21 00:11 /lib/libcrypt.so.1 -> libcrypt-2.3.2.so

[glowecon at oldschool glowecon]$ ls -l /lib/libresolv.so.2
lrwxrwxrwx    1 root     root           18 Mar 21 00:11 /lib/libresolv.so.2 -> libresolv-2.3.2.so

If we look at my up2date log we see:
[Fri Mar 21 00:11:07 2003] up2date installing packages: ['glibc-2.3.2-4.80', 'glibc-common-2.3.2-4.80', 'glibc-devel-2.3.2-4.80']

When searching google on my htaccess error a couple days ago, I came across something that talked about how libcrypt was at fault for the error. The thread I found was a couple years old though. I'll have to try and dig that up again. 

My assumption is that whatever changed in the shared libraries is causing Apache to behave different than it should. That would also explain why I couldn't ssh into the box until a reboot since sshd uses almost all the same crypto libraries. Now I'm just wondering how to fix this. Backing out to the older glibc is probably not a good idea and I'm not sure how to fix this in Apache? Thanks for the help, definitely don't feel quite as dumb and boggled as I did before :)

Justin

--
glow at jackmoves.com

> I would have to wonder which version of apache you had before, and 
> which after? Are you sure that any updates of apache itself did not 
> update config files? Conversely, are you sure that any update of 
> apache was only a minor version update that does not update syntax 
> of config files? If compiling your own, did you set it to use the 
> same paths to find config files?
> 
> If updating library files that apache links to, perhaps changing 
> those link files causes it to behave differently (especially with 
> regard to plugins to apache itself). If you run ldd against the 
> apache binary 
> (whether named "apache" or "httpd"), did any of the files it links 
> against change? If one of those changed, is it a minor version 
> change, or a major version change?
> 
> Now I'm not big on apache config, but I would have to also interpret 
> the AllowOverride None to mean that there is no purpose in checking 
> for a .htaccess, while allowing any form of override would mean that 
> it then must check for .htaccess in any directory this is available 
> to...the allow override can be specified for everything, or for only 
> particular directories. If you allow override and don't provide a 
> .htaccess file for every relevant directory, it's probably just good 
> security that it complains; it'd just make sense that if .htaccess 
> is missing and it has been specified, that the directory should be 
> closed down until a .htaccess comes back. Exactly how was 
> AllowOverride specified...was it for everything, or specified for a 
> specific location? What you're seeing may just be a reflection of 
> saner security defaults compared to older versions.
> 
> D. Stimits, stimits AT attbi DOT com
> 
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: lug.boulder.co.us port=6667 channel=#colug
------- End of Original Message -------

More information about the LUG mailing list