This site is now 100% read-only, and retired.

XML logo

Joke Apache debbug
Posted by Arthur on Fri 3 Nov 2006 at 03:41
Tags: none.
Careful guy that I am, I check bug reports before upgrading:

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=393083

Now the fun part: Basic authentication was broken by the upgrade due to module reorganization and name changes. Oh joy. I had to add auth_basic, authn_file, authz_host, and authz_user (with their .load names) to /etc/apache2/mods-available.
What's with those z's on there? It looks like script kiddie l33t speak... or maybe I'm just grumpy because I didn't want to have to futz around with Apache's configurations tonight... that's probably it.

 

Comments on this Entry

Re: Joke Apache debbug
Posted by dkg (162.84.xx.xx) on Sat 4 Nov 2006 at 03:00
[ View Weblogs ]
the authn/authz distinction is long-overdue, actually. i'm glad it's finally made it into testing. authn is authentication: "can i verify exactly who you are?" authz is authorization: "now that i know who you are, are you allowed to make the request you just made?"

You can read more about the refactoring in the overview of new features in 2.2.

i had similar frustrations to what you did during the upgrade from 2.0 to 2.2, though. it would have been nice if the package maintainers had made a bit more of an effort to at least alert users who might need those modules added...

btw, i hope you don't feel you have to add those symlinks in /etc/apache2/mods-enabled by hand. It's simplest to use a2enmod and a2dismod to enable/disable modules, as a parallel to a2ensite and a2dissite.

[ Parent ]

Re: Joke Apache debbug
Posted by dkg (216.254.xx.xx) on Sat 4 Nov 2006 at 22:38
[ View Weblogs ]
It looks like the apache maintainers are treating this upgrade annoyance as a bug. See bug 392349.

[ Parent ]

Re: Joke Apache debbug
Posted by Anonymous (66.236.xx.xx) on Tue 7 Nov 2006 at 20:27
I ran into this the other day on a semi-important server. I probably shouldn't have upgraded (or been running etch) without some prep, but it took me an hour or two to find out what was going on and how to fix it.

How do most of you guys find out about things like this? Upgrade a test system? Read the fine print at debian.org? apt-list-bugs? Just curious, I'd like to be in the know before I have another upgrade incident...

[ Parent ]

Re: Joke Apache debbug
Posted by Arthur (66.28.xx.xx) on Wed 8 Nov 2006 at 00:58
[ View Weblogs ]
My process is to always update a non-critical workstation that's running the common server stuff on it and look at the bug reports apt-listbugs mentions, then to upgrade my workstation, then my own servers, and finally my client's servers. So far, if it doesn't break going into my workstation which is my development machine, it's not going to break anywhere else.

I've managed to keep servers online with no downtime for four or five years at a stretch this way. Maybe I'm just lucky.

[ Parent ]