Ubuntu Apache Umask

Back to obscure technical topics for a moment.

Figuring out how to set umask for Apache on Ununtu was faaar more difficult than it needs to be. Even though it’s not an environmental variable, the “Ubuntu Way” seems to be to add this to the end of /etc/apache2/envvars like so:

## Some packages providing 'www-browser' need '--dump'
#export APACHE_LYNX='www-browser -dump'
umask 000

Restart Apache and voila, the above umask will give all files written by Apache a chmod of 777.

Use this particular example with caution.

apache2: apr_sockaddr_info_get() failed for somehost

Hypothetically speaking of course, let’s assume you forget to renew a domain name. And suddenly that domain’s email is not working. And then you notice the site is down. The next step is, logically speaking, to panic, followed by an attempt to figure out what the hell is going on. Which usually means restarting Apache. Which results in:

apache2: apr_sockaddr_info_get() failed for yourhost

Which is, wow, an exotic new error. If you see this it means that, even though Apache says its restarting, really its probably not. And now all your other sites are down. And, so, more panic. More panic for you.

Now that you’ve probably realized that the default domain name has expired, you will want to get Apache back up on a different, actually non-expired domain. Like this:

$ hostname actual-non-expired-domain-name.com

Now restart.

Alternatively if your hostname is set to something like “www”, probably you can change the default site in vhosts so that Apache can connect the hostname to the tld.

This is all hypothetical of course.

How to segfault Apache 2+ with mod_security

Build mod_security against the wrong set of headers, and Apache 2 will mysteriously begin to segfault in a persistent manner. Check which version you’re running with dpkg --get-selections | grep apache2.

Seems my shiny new Debian distro running the prefork version of Apache had the threaded (worker) headers installed against it. Duh. apt-get install apache2-prefork-dev reinstalled the correct prefork headers and Apache is happy again.

Mathiew Dessus has a great article about installing mod_securty on Debian for those interested.

Windows log file rotation

Yet another de facto Linux command that is oddly missing in Windows.

Some simple log files from a custom app were getting out of control. Google revealed that while basic rotation is possible for the standard Windows event logs, there’s no command in particular for log rotation, aside from some odd looking bat scripts that required typing output to temp directories and the like.

Tried rotatelogs.exe from the Windows distribution of Apache 2.2, but that didn’t seem to work at all.

Today, however, I stumbled across CHOMP. Works a peach, and surprisingly quick. Recommended.

(BTW, looks like the author has his own implementation of tail as well. Maybe this is the replacement for Cygwin tail that I was looking for last August..  Update:  It don’t work so well.)

Alternative authentication methods with Apache 2.2

Quick note on how to make alternative authentication modules work with Apache 2.2.

mod_auth_imap kept complaining about a missing password file:

(9)Bad file descriptor: Could not open password file: (null)

Turns out with Apache 2.2 you have to explicitly turn off Basic authentication even when you are using an alternative module. So a proper Apache 2.2 mod_auth_imap configuration would look something like this:

Auth_IMAP_Enabled On
AuthBasicAuthoritative Off
AuthType Basic
Require valid-user
Auth_IMAP_Authoritative On
Auth_IMAP_Server mail.server.com
Auth_IMAP_Port 143
Auth_IMAP_Log On

Turning off AuthBasicAuthoritative forces Apache to ignore the standard password file authentication.

mod_perl on Gentoo

mod_perl doesn’t play so nice with Gentoo. Perl and, specifically, g-cpan still seem to have problems.

I’ve been scratching my head (read: driving my head into my desk) over the following error:

Can't locate lib.pm in @INC (@INC contains: blah blah blah) at /etc/apache2/modules.d/apache2-mod_perl-startup.pl line 1.\nBEGIN failed--compilation aborted at /etc/apache2/modules.d/apache2-mod_perl-startup.pl line 1.\nCompilation failed in require at (eval 2) line 1.\n

Thanks to an obscure post at the bottom of a thread from a couple of years back I was able to fix it with

# perl-cleaner reallyall
# emerge libperl

perl-cleaner appears to be like revdep-rebuild, but Larry Wall style.

Now I can run Apache::ASP.

Thank you crazy Larry Wall people.