* [gentoo-user] Apache crashed, what could be the reason?
@ 2010-08-26 17:43 Jarry
2010-08-27 17:23 ` Kyle Bader
0 siblings, 1 reply; 4+ messages in thread
From: Jarry @ 2010-08-26 17:43 UTC (permalink / raw
To: gentoo-user
Hi,
I could not connect to my web-page so I logged in to the server
just to find appache was simply not running. I started checking
logs and the only thing which I find suspicious are these messages
in /var/log/apache2/error_log :
-----------------
6 times:
[Thu Aug 26 13:59:16 2010] [alert] (11)Resource temporarily unavailable:
setuid: unable to change to uid: 81
[Thu Aug 26 13:59:16 2010] [alert] Child 20303 returned a Fatal error...
Apache is exiting!
~30 times:
[Thu Aug 26 13:59:16 2010] [emerg] (43)Identifier removed: couldn't grab
the accept mutex
~50 times:
[Thu Aug 26 13:59:16 2010] [emerg] (22)Invalid argument: couldn't grab
the accept mutex
[Thu Aug 26 13:59:42 2010] [emerg] (22)Invalid argument: couldn't
release the accept mutex
-----------------
Except for that, only common scannings for phpMyAdmin, myadmin, pma,
mysql, scripts, etc. Nothing more. Any ideas why apache died?
Apart from that, nothing seems to be damaged. I started apache
as usuall, database is consistent, web-site is up & running.
But naturally, I do not want to see this happen again...
BTW, the system is stable amd64, with apache 2.2.15:
USE="ssl -debug -doc -ldap (-selinux) -static -suexec -threads"
APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon
authn_dbm authn_default authn_file authz_dbm authz_default
authz_groupfile authz_host authz_owner authz_user autoindex cache cgi
cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter
file_cache filter headers include info log_config logio mem_cache mime
mime_magic negotiation rewrite setenvif speling status unique_id userdir
usertrack vhost_alias -asis -auth_digest -authn_dbd -cern_meta
-charset_lite -dbd -dumpio -ident -imagemap -log_forensic -proxy
-proxy_ajp -proxy_balancer -proxy_connect -proxy_ftp -proxy_http
-substitute -version" APACHE2_MPMS="-event -itk -peruser -prefork -worker"
Jarry
--
_______________________________________________________________
This mailbox accepts e-mails only from selected mailing-lists!
Everything else is considered to be spam and therefore deleted.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [gentoo-user] Apache crashed, what could be the reason?
2010-08-26 17:43 [gentoo-user] Apache crashed, what could be the reason? Jarry
@ 2010-08-27 17:23 ` Kyle Bader
2010-08-27 18:02 ` Jarry
0 siblings, 1 reply; 4+ messages in thread
From: Kyle Bader @ 2010-08-27 17:23 UTC (permalink / raw
To: gentoo-user
> Except for that, only common scannings for phpMyAdmin, myadmin, pma,
> mysql, scripts, etc. Nothing more. Any ideas why apache died?
I noticed you have mod_dav & mod_cache and are running 2.2.15, perhaps
it's this?
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1452
--
Kyle
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [gentoo-user] Apache crashed, what could be the reason?
2010-08-27 17:23 ` Kyle Bader
@ 2010-08-27 18:02 ` Jarry
2010-08-28 15:42 ` Arttu V.
0 siblings, 1 reply; 4+ messages in thread
From: Jarry @ 2010-08-27 18:02 UTC (permalink / raw
To: gentoo-user
On 27. 8. 2010 19:23, Kyle Bader wrote:
> I noticed you have mod_dav& mod_cache and are running 2.2.15, perhaps
> it's this?
>
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1452
You may be right! But what can I do? There is not even masked
version 2.2.16 in portage, despite the fact it has been released
by apache-foundation on 2010-07-25 (together with description
of vulnerability found in 2.2.15). There has already been bug
opened in gentoo-bugzila on 2010-07-28...
BTW in the meantime my apache crashed again the same way, after
not a single day uptime! Something I have never seen before,
actually my apache has been running without any problem since
the last update. And now this! Quite unpleasant, for such
a critical server-software...
Jarry
--
_______________________________________________________________
This mailbox accepts e-mails only from selected mailing-lists!
Everything else is considered to be spam and therefore deleted.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [gentoo-user] Apache crashed, what could be the reason?
2010-08-27 18:02 ` Jarry
@ 2010-08-28 15:42 ` Arttu V.
0 siblings, 0 replies; 4+ messages in thread
From: Arttu V. @ 2010-08-28 15:42 UTC (permalink / raw
To: gentoo-user
On 8/27/10, Jarry <mr.jarry@gmail.com> wrote:
> On 27. 8. 2010 19:23, Kyle Bader wrote:
>
>> I noticed you have mod_dav& mod_cache and are running 2.2.15, perhaps
>> it's this?
>>
>> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1452
>
> You may be right! But what can I do? There is not even masked
> version 2.2.16 in portage, despite the fact it has been released
> by apache-foundation on 2010-07-25 (together with description
> of vulnerability found in 2.2.15). There has already been bug
> opened in gentoo-bugzila on 2010-07-28...
>
> BTW in the meantime my apache crashed again the same way, after
> not a single day uptime! Something I have never seen before,
> actually my apache has been running without any problem since
> the last update. And now this! Quite unpleasant, for such
> a critical server-software...
From apache.org:
"This crash would only be a denial of service if using the worker MPM."
Can you try with another MPM?
Btw, AFAICT, Gentoo apache herd is currently down to one (or fewer) dev(s). :-/
--
Arttu V. -- Running Gentoo is like running with scissors
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2010-08-28 16:05 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2010-08-26 17:43 [gentoo-user] Apache crashed, what could be the reason? Jarry
2010-08-27 17:23 ` Kyle Bader
2010-08-27 18:02 ` Jarry
2010-08-28 15:42 ` Arttu V.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox