[gentoo-user] issues with apache config

[gentoo-user] issues with apache config

[James]

I'm a long-time Cherokee user that is switching to Apache due to a
nasty Cherokee bug that I can't seem to work around.

I've configured Apache many times (albeit a long time ago), and can't
seem to figure out what's going on here.

I have a simple PHP app running that lives in some directory, say
/stuff/web/app.

I then have a vhost configuration that looks like this:

<Directory "/stuff/web/app">
        Options Indexes FollowSymLinks
        AllowOverride All
        Order allow,deny
        Allow from all
</Directory>

The vhost looks like this:

<VirtualHost app.server.com:80>
        ServerName app.server.com
        DocumentRoot "/stuff/web/app"
        ErrorLog /var/log/apache2/app.error
</VirtualHost>

When the server reboots, Apache refuses to serve me anything, giving
the following error:

==> error_log <==
[Mon Apr 04 07:17:59 2011] [error] [client 10.35.22.81] client denied
by server configuration: /usr/htdocs

==> access_log <==
10.35.22.81 - - [04/Apr/2011:07:17:59 -0400] "\x16\x03\x01\x01\x98\x01" 403 273

I'm well aware of the default apache configuration (defined in
/etc/apache2/modules.d/00_default_settings.conf), and that the default
directory directive has a "Deny from all" default.

However, if I *restart* my daemon with NO configuration changes after
seeing these errors, the page comes up beautifully. Also worth noting
is that rebooting the server again will put Apache back into a
"broken" state and only after restarting the daemon will things
function correctly.

Thoughts on how to fix this would be much, MUCH appreciated. I am
running out of hair to pull out of my head. :)

-james

[gentoo-user] Re: issues with apache config

[James]

It's also worth noting that I have *no* "/usr/htdocs" line in any of
my configuration file(s).

-james


On Mon, Apr 4, 2011 at 11:22, James <jtp@nc.rr.com> wrote:
> I'm a long-time Cherokee user that is switching to Apache due to a
> nasty Cherokee bug that I can't seem to work around.
>
> I've configured Apache many times (albeit a long time ago), and can't
> seem to figure out what's going on here.
>
> I have a simple PHP app running that lives in some directory, say
> /stuff/web/app.
>
> I then have a vhost configuration that looks like this:
>
> <Directory "/stuff/web/app">
>        Options Indexes FollowSymLinks
>        AllowOverride All
>        Order allow,deny
>        Allow from all
> </Directory>
>
> The vhost looks like this:
>
> <VirtualHost app.server.com:80>
>        ServerName app.server.com
>        DocumentRoot "/stuff/web/app"
>        ErrorLog /var/log/apache2/app.error
> </VirtualHost>
>
> When the server reboots, Apache refuses to serve me anything, giving
> the following error:
>
> ==> error_log <==
> [Mon Apr 04 07:17:59 2011] [error] [client 10.35.22.81] client denied
> by server configuration: /usr/htdocs
>
> ==> access_log <==
> 10.35.22.81 - - [04/Apr/2011:07:17:59 -0400] "\x16\x03\x01\x01\x98\x01" 403 273
>
> I'm well aware of the default apache configuration (defined in
> /etc/apache2/modules.d/00_default_settings.conf), and that the default
> directory directive has a "Deny from all" default.
>
> However, if I *restart* my daemon with NO configuration changes after
> seeing these errors, the page comes up beautifully. Also worth noting
> is that rebooting the server again will put Apache back into a
> "broken" state and only after restarting the daemon will things
> function correctly.
>
> Thoughts on how to fix this would be much, MUCH appreciated. I am
> running out of hair to pull out of my head. :)
>
> -james
>

Re: [gentoo-user] issues with apache config

[Pandu Poluan]

Based on the symptoms, i.e., works from CLI but fails during boot, I
suspect a problem with privileges/attributes. What UID is Apache
running as?

Anyways, what's wrong with Cherokee? I really like to know because I
am currently considering deploying Cherokee.

Rgds,


On 2011-04-04, James <jtp@nc.rr.com> wrote:
> It's also worth noting that I have *no* "/usr/htdocs" line in any of
> my configuration file(s).
>
> -james
>
>
> On Mon, Apr 4, 2011 at 11:22, James <jtp@nc.rr.com> wrote:
>> I'm a long-time Cherokee user that is switching to Apache due to a
>> nasty Cherokee bug that I can't seem to work around.
>>
>> I've configured Apache many times (albeit a long time ago), and can't
>> seem to figure out what's going on here.
>>
>> I have a simple PHP app running that lives in some directory, say
>> /stuff/web/app.
>>
>> I then have a vhost configuration that looks like this:
>>
>> <Directory "/stuff/web/app">
>>        Options Indexes FollowSymLinks
>>        AllowOverride All
>>        Order allow,deny
>>        Allow from all
>> </Directory>
>>
>> The vhost looks like this:
>>
>> <VirtualHost app.server.com:80>
>>        ServerName app.server.com
>>        DocumentRoot "/stuff/web/app"
>>        ErrorLog /var/log/apache2/app.error
>> </VirtualHost>
>>
>> When the server reboots, Apache refuses to serve me anything, giving
>> the following error:
>>
>> ==> error_log <==
>> [Mon Apr 04 07:17:59 2011] [error] [client 10.35.22.81] client denied
>> by server configuration: /usr/htdocs
>>
>> ==> access_log <==
>> 10.35.22.81 - - [04/Apr/2011:07:17:59 -0400] "\x16\x03\x01\x01\x98\x01"
>> 403 273
>>
>> I'm well aware of the default apache configuration (defined in
>> /etc/apache2/modules.d/00_default_settings.conf), and that the default
>> directory directive has a "Deny from all" default.
>>
>> However, if I *restart* my daemon with NO configuration changes after
>> seeing these errors, the page comes up beautifully. Also worth noting
>> is that rebooting the server again will put Apache back into a
>> "broken" state and only after restarting the daemon will things
>> function correctly.
>>
>> Thoughts on how to fix this would be much, MUCH appreciated. I am
>> running out of hair to pull out of my head. :)
>>
>> -james
>>
>
>


-- 
--
Pandu E Poluan - IT Optimizer
My website: http://pandu.poluan.info/

Re: [gentoo-user] issues with apache config

[James]

Hi Pandu,

Thanks for the response. What kind of permissions / privileges issues
would cause this sort of behavior.

~ % ps aux | grep -i apache
root      2421  1.1  0.3 224928 12312 ?        Ss   09:53   0:00
/usr/sbin/apache2 -D DEFAULT_VHOST -D INFO -D SSL -D SSL_DEFAULT_VHOST
-D LANGUAGE -D PHP5 -d /usr/lib64/apache2 -f /etc/apache2/httpd.conf
-k start
apache    2423  0.0  0.1 209904  3884 ?        S    09:53   0:00
/usr/sbin/apache2 -D DEFAULT_VHOST -D INFO -D SSL -D SSL_DEFAULT_VHOST
-D LANGUAGE -D PHP5 -d /usr/lib64/apache2 -f /etc/apache2/httpd.conf
-k start
apache    2428  0.0  0.2 438024  8152 ?        Sl   09:53   0:00
/usr/sbin/apache2 -D DEFAULT_VHOST -D INFO -D SSL -D SSL_DEFAULT_VHOST
-D LANGUAGE -D PHP5 -d /usr/lib64/apache2 -f /etc/apache2/httpd.conf
-k start
apache    2429  0.0  0.2 438024  8148 ?        Sl   09:53   0:00
/usr/sbin/apache2 -D DEFAULT_VHOST -D INFO -D SSL -D SSL_DEFAULT_VHOST
-D LANGUAGE -D PHP5 -d /usr/lib64/apache2 -f /etc/apache2/httpd.conf
-k start

Looks like there's one process running as root, and the rest are
running as Apache. /stuff/web/app is also apache:apache.

Cherokee has a bug that creeps up on you when you're using SSL. PHP
pages will half-load, sometimes completely load. The developers have
NO idea what causes the problem. They've got a bug open but apparently
they can't find root cause. While I love Cherokee, until this is fixed
simple things like a wiki page loading will present the issue when
there are graphics involved.

-james


On Mon, Apr 4, 2011 at 13:15, Pandu Poluan <pandu@poluan.info> wrote:
> Based on the symptoms, i.e., works from CLI but fails during boot, I
> suspect a problem with privileges/attributes. What UID is Apache
> running as?
>
> Anyways, what's wrong with Cherokee? I really like to know because I
> am currently considering deploying Cherokee.
>
> Rgds,
>
>
> On 2011-04-04, James <jtp@nc.rr.com> wrote:
>> It's also worth noting that I have *no* "/usr/htdocs" line in any of
>> my configuration file(s).
>>
>> -james
>>
>>
>> On Mon, Apr 4, 2011 at 11:22, James <jtp@nc.rr.com> wrote:
>>> I'm a long-time Cherokee user that is switching to Apache due to a
>>> nasty Cherokee bug that I can't seem to work around.
>>>
>>> I've configured Apache many times (albeit a long time ago), and can't
>>> seem to figure out what's going on here.
>>>
>>> I have a simple PHP app running that lives in some directory, say
>>> /stuff/web/app.
>>>
>>> I then have a vhost configuration that looks like this:
>>>
>>> <Directory "/stuff/web/app">
>>>        Options Indexes FollowSymLinks
>>>        AllowOverride All
>>>        Order allow,deny
>>>        Allow from all
>>> </Directory>
>>>
>>> The vhost looks like this:
>>>
>>> <VirtualHost app.server.com:80>
>>>        ServerName app.server.com
>>>        DocumentRoot "/stuff/web/app"
>>>        ErrorLog /var/log/apache2/app.error
>>> </VirtualHost>
>>>
>>> When the server reboots, Apache refuses to serve me anything, giving
>>> the following error:
>>>
>>> ==> error_log <==
>>> [Mon Apr 04 07:17:59 2011] [error] [client 10.35.22.81] client denied
>>> by server configuration: /usr/htdocs
>>>
>>> ==> access_log <==
>>> 10.35.22.81 - - [04/Apr/2011:07:17:59 -0400] "\x16\x03\x01\x01\x98\x01"
>>> 403 273
>>>
>>> I'm well aware of the default apache configuration (defined in
>>> /etc/apache2/modules.d/00_default_settings.conf), and that the default
>>> directory directive has a "Deny from all" default.
>>>
>>> However, if I *restart* my daemon with NO configuration changes after
>>> seeing these errors, the page comes up beautifully. Also worth noting
>>> is that rebooting the server again will put Apache back into a
>>> "broken" state and only after restarting the daemon will things
>>> function correctly.
>>>
>>> Thoughts on how to fix this would be much, MUCH appreciated. I am
>>> running out of hair to pull out of my head. :)
>>>
>>> -james
>>>
>>
>>
>
>
> --
> --
> Pandu E Poluan - IT Optimizer
> My website: http://pandu.poluan.info/
>
>

Re: [gentoo-user] issues with apache config

[Pandu Poluan]

I knew I forgot to reply to someone...

On Tue, Apr 5, 2011 at 00:58, James <jtp@nc.rr.com> wrote:
> Hi Pandu,
>
> Thanks for the response. What kind of permissions / privileges issues
> would cause this sort of behavior.
>
> ~ % ps aux | grep -i apache
> root      2421  1.1  0.3 224928 12312 ?        Ss   09:53   0:00
> /usr/sbin/apache2 -D DEFAULT_VHOST -D INFO -D SSL -D SSL_DEFAULT_VHOST
> -D LANGUAGE -D PHP5 -d /usr/lib64/apache2 -f /etc/apache2/httpd.conf
> -k start
> apache    2423  0.0  0.1 209904  3884 ?        S    09:53   0:00
> /usr/sbin/apache2 -D DEFAULT_VHOST -D INFO -D SSL -D SSL_DEFAULT_VHOST
> -D LANGUAGE -D PHP5 -d /usr/lib64/apache2 -f /etc/apache2/httpd.conf
> -k start
> apache    2428  0.0  0.2 438024  8152 ?        Sl   09:53   0:00
> /usr/sbin/apache2 -D DEFAULT_VHOST -D INFO -D SSL -D SSL_DEFAULT_VHOST
> -D LANGUAGE -D PHP5 -d /usr/lib64/apache2 -f /etc/apache2/httpd.conf
> -k start
> apache    2429  0.0  0.2 438024  8148 ?        Sl   09:53   0:00
> /usr/sbin/apache2 -D DEFAULT_VHOST -D INFO -D SSL -D SSL_DEFAULT_VHOST
> -D LANGUAGE -D PHP5 -d /usr/lib64/apache2 -f /etc/apache2/httpd.conf
> -k start
>
> Looks like there's one process running as root, and the rest are
> running as Apache. /stuff/web/app is also apache:apache.
>

Hmmm... is root member of apache group?

> Cherokee has a bug that creeps up on you when you're using SSL. PHP
> pages will half-load, sometimes completely load. The developers have
> NO idea what causes the problem. They've got a bug open but apparently
> they can't find root cause. While I love Cherokee, until this is fixed
> simple things like a wiki page loading will present the issue when
> there are graphics involved.
>
> -james
>

Sounds sucky.

What do you think of Hiawatha?

Rgds,
--
Pandu E Poluan
~ IT Optimizer ~
Visit my Blog: http://pepoluan.posterous.com