View previous topic :: View next topic |
Author |
Message |
nader emami Tux's lil' helper
Joined: 14 Sep 2006 Posts: 88 Location: Netherlands
|
|
Back to top |
|
|
cdstealer Guru
Joined: 30 Oct 2005 Posts: 431 Location: Leeds
|
Posted: Sat Sep 17, 2011 9:11 pm Post subject: |
|
|
The error is quite specific.. can you provide you conf (obviously masking any sensitive info)? _________________ # touch it
touch: cannot touch `it': Permission denied |
|
Back to top |
|
|
nader emami Tux's lil' helper
Joined: 14 Sep 2006 Posts: 88 Location: Netherlands
|
Posted: Sat Sep 17, 2011 9:56 pm Post subject: |
|
|
Do you need the configuration of apache (/etc/apache2/httpd.conf , /etc/conf.d/apache2) or emerge --info? |
|
Back to top |
|
|
cdstealer Guru
Joined: 30 Oct 2005 Posts: 431 Location: Leeds
|
Posted: Sat Sep 17, 2011 10:13 pm Post subject: |
|
|
Hi, The file /etc/apache2/modules.d/00_default_settings.conf so I can check the syntax.. there maybe an error/typeo at line 90 or somewhere else. Apache is complaining about the "order" statement which I guess maybe this line... _________________ # touch it
touch: cannot touch `it': Permission denied |
|
Back to top |
|
|
nader emami Tux's lil' helper
Joined: 14 Sep 2006 Posts: 88 Location: Netherlands
|
Posted: Sat Sep 17, 2011 10:23 pm Post subject: |
|
|
This the 00_default_settings.conf file.
Quote: |
# This configuration file reflects default settings for Apache HTTP Server.
# You may change these, but chances are that you may not need to.
# Timeout: The number of seconds before receives and sends time out.
Timeout 300
# KeepAlive: Whether or not to allow persistent connections (more than
# one request per connection). Set to "Off" to deactivate.
KeepAlive On
# MaxKeepAliveRequests: The maximum number of requests to allow
# during a persistent connection. Set to 0 to allow an unlimited amount.
# We recommend you leave this number high, for maximum performance.
MaxKeepAliveRequests 100
# KeepAliveTimeout: Number of seconds to wait for the next request from the
# same client on the same connection.
KeepAliveTimeout 15
# UseCanonicalName: Determines how Apache constructs self-referencing
# URLs and the SERVER_NAME and SERVER_PORT variables.
# When set "Off", Apache will use the Hostname and Port supplied
# by the client. When set "On", Apache will use the value of the
# ServerName directive.
UseCanonicalName Off
# AccessFileName: The name of the file to look for in each directory
# for additional configuration directives. See also the AllowOverride
# directive.
AccessFileName .htaccess
# ServerTokens
# This directive configures what you return as the Server HTTP response
# Header. The default is 'Full' which sends information about the OS-Type
# and compiled in modules.
# Set to one of: Full | OS | Minor | Minimal | Major | Prod
# where Full conveys the most information, and Prod the least.
ServerTokens Prod
# TraceEnable
# This directive overrides the behavior of TRACE for both the core server and
# mod_proxy. The default TraceEnable on permits TRACE requests per RFC 2616,
# which disallows any request body to accompany the request. TraceEnable off
# causes the core server and mod_proxy to return a 405 (Method not allowed)
# error to the client.
# For security reasons this is turned off by default. (bug #240680)
TraceEnable off
# Optionally add a line containing the server version and virtual host
# name to server-generated pages (internal error documents, FTP directory
# listings, mod_status and mod_info output etc., but not CGI generated
# documents or custom error documents).
# Set to "EMail" to also include a mailto: link to the ServerAdmin.
# Set to one of: On | Off | EMail
ServerSignature On
# HostnameLookups: Log the names of clients or just their IP addresses
# e.g., www.apache.org (on) or 204.62.129.132 (off).
# The default is off because it'd be overall better for the net if people
# had to knowingly turn this feature on, since enabling it means that
# each client request will result in AT LEAST one lookup request to the
# nameserver.
HostnameLookups Off
# EnableMMAP and EnableSendfile: On systems that support it,
# memory-mapping or the sendfile syscall is used to deliver
# files. This usually improves server performance, but must
# be turned off when serving from networked-mounted
# filesystems or if support for these functions is otherwise
# broken on your system.
#EnableMMAP off
#EnableSendfile off
# ErrorLog: The location of the error log file.
# If you do not specify an ErrorLog directive within a <VirtualHost>
# container, error messages relating to that virtual host will be
# logged here. If you *do* define an error logfile for a <VirtualHost>
# container, that host's errors will be logged there and not here.
ErrorLog /var/log/apache2/error_log
# LogLevel: Control the number of messages logged to the error_log.
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
# We configure the "default" to be a very restrictive set of features.
<Directory />
Options FollowSymLinks
AllowOverride None
Order deny, allow
Deny from all
</Directory># DirectoryIndex: sets the file that Apache will serve if a directory
# is requested.
#
# The index.html.var file (a type-map) is used to deliver content-
# negotiated documents. The MultiViews Options can be used for the
# same purpose, but it is much slower.
#
# To add files to that list use AddDirectoryIndex in a custom config
# file. Do not change this entry unless you know what you are doing.
<IfModule dir_module>
DirectoryIndex index.html index.html.var
</IfModule>
# The following lines prevent .htaccess and .htpasswd files from being
# viewed by Web clients.
<FilesMatch "^\.ht">
Order allow,deny
Deny from all
</FilesMatch>
# vim: ts=4 filetype=apache
|
|
|
Back to top |
|
|
cdstealer Guru
Joined: 30 Oct 2005 Posts: 431 Location: Leeds
|
Posted: Sat Sep 17, 2011 10:30 pm Post subject: |
|
|
fixed go to line 90
and delete the space between "," and "allow"
Also on line 92, you cannot have comment after tags. Put everything including the "#" on a new line Code: | </Directory># DirectoryIndex: sets the file that Apache will serve if a directory |
eg
Code: | </Directory>
# DirectoryIndex: sets the file that Apache will serve if a directory |
_________________ # touch it
touch: cannot touch `it': Permission denied |
|
Back to top |
|
|
nader emami Tux's lil' helper
Joined: 14 Sep 2006 Posts: 88 Location: Netherlands
|
Posted: Sat Sep 17, 2011 10:40 pm Post subject: |
|
|
I have changed it but I get the same error!
Quote: |
# This configuration file reflects default settings for Apache HTTP Server.
# You may change these, but chances are that you may not need to.
# Timeout: The number of seconds before receives and sends time out.
Timeout 300
# KeepAlive: Whether or not to allow persistent connections (more than
# one request per connection). Set to "Off" to deactivate.
KeepAlive On
# MaxKeepAliveRequests: The maximum number of requests to allow
# during a persistent connection. Set to 0 to allow an unlimited amount.
# We recommend you leave this number high, for maximum performance.
MaxKeepAliveRequests 100
# KeepAliveTimeout: Number of seconds to wait for the next request from the
# same client on the same connection.
KeepAliveTimeout 15
# UseCanonicalName: Determines how Apache constructs self-referencing
# URLs and the SERVER_NAME and SERVER_PORT variables.
# When set "Off", Apache will use the Hostname and Port supplied
# by the client. When set "On", Apache will use the value of the# ServerName directive.
UseCanonicalName Off
# AccessFileName: The name of the file to look for in each directory
# for additional configuration directives. See also the AllowOverride
# directive.
AccessFileName .htaccess
# ServerTokens
# This directive configures what you return as the Server HTTP response
# Header. The default is 'Full' which sends information about the OS-Type
# and compiled in modules.
# Set to one of: Full | OS | Minor | Minimal | Major | Prod
# where Full conveys the most information, and Prod the least.
ServerTokens Prod
# TraceEnable
# This directive overrides the behavior of TRACE for both the core server and
# mod_proxy. The default TraceEnable on permits TRACE requests per RFC 2616,
# which disallows any request body to accompany the request. TraceEnable off
# causes the core server and mod_proxy to return a 405 (Method not allowed)
# error to the client.
# For security reasons this is turned off by default. (bug #240680)TraceEnable off
# Optionally add a line containing the server version and virtual host
# name to server-generated pages (internal error documents, FTP directory
# listings, mod_status and mod_info output etc., but not CGI generated
# documents or custom error documents).
# Set to "EMail" to also include a mailto: link to the ServerAdmin.
# Set to one of: On | Off | EMail
ServerSignature On
# HostnameLookups: Log the names of clients or just their IP addresses
# e.g., www.apache.org (on) or 204.62.129.132 (off).
# The default is off because it'd be overall better for the net if people
# had to knowingly turn this feature on, since enabling it means that
# each client request will result in AT LEAST one lookup request to the
# nameserver.
HostnameLookups Off
# EnableMMAP and EnableSendfile: On systems that support it,
# memory-mapping or the sendfile syscall is used to deliver
# files. This usually improves server performance, but must# be turned off when serving from networked-mounted
# filesystems or if support for these functions is otherwise
# broken on your system.
#EnableMMAP off
#EnableSendfile off
# ErrorLog: The location of the error log file.
# If you do not specify an ErrorLog directive within a <VirtualHost>
# container, error messages relating to that virtual host will be
# logged here. If you *do* define an error logfile for a <VirtualHost>
# container, that host's errors will be logged there and not here.
ErrorLog /var/log/apache2/error_log
# LogLevel: Control the number of messages logged to the error_log.
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
# We configure the "default" to be a very restrictive set of features.
<Directory />
Options FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
</Directory>
# DirectoryIndex: sets the file that Apache will serve if a directory
# is requested.
#
# The index.html.var file (a type-map) is used to deliver content-
# negotiated documents. The MultiViews Options can be used for the
# same purpose, but it is much slower.
#
# To add files to that list use AddDirectoryIndex in a custom config
# file. Do not change this entry unless you know what you are doing.
<IfModule dir_module>
DirectoryIndex index.html index.html.var
</IfModule>
The following lines prevent .htaccess and .htpasswd files from being
# viewed by Web clients.
<FilesMatch "^\.ht">
Order allow,deny
Deny from all
</FilesMatch>
# vim: ts=4 filetype=apache
|
And if I do Code: | sudo apache2ctl reload |
I get the next error.
Quote: | * apache2 has detected an error in your setup:
Syntax error on line 90 of /etc/apache2/modules.d/00_default_settings.conf:
Invalid command 'Order', perhaps misspelled or defined by a module not included in the server configuration
|
|
|
Back to top |
|
|
cdstealer Guru
Joined: 30 Oct 2005 Posts: 431 Location: Leeds
|
Posted: Sun Sep 18, 2011 6:25 am Post subject: |
|
|
Now it's because line 103 is not commented. I don't know what you are doing to your file to give me a different error everytime so just download this working copy of your config http://cdstealer.com/filez/00_default_settings.conf Once you've done that, test it by running /etc/init.d/apache2 configtest
To avoid any errors copy and paste the following:
cd /etc/apache2/modules.d/
mv /etc/apache2/modules.d/00_default_settings.conf /etc/apache2/modules.d/00_default_settings.conf.old
wget http://cdstealer.com/filez/00_default_settings.conf
/etc/init.d/apache2 configtest
If that doesn't work, then I'm stumped as both times the edit has worked for me _________________ # touch it
touch: cannot touch `it': Permission denied |
|
Back to top |
|
|
nader emami Tux's lil' helper
Joined: 14 Sep 2006 Posts: 88 Location: Netherlands
|
Posted: Sun Sep 18, 2011 9:33 am Post subject: |
|
|
I have done it, and get the file: wget http://cdstealer.com/filez/00_default_settings.conf.
/etc/init.d/apache2 configtest to test it, but unfortunately the same problem only in other line!
Quote: | apache2 has detected an error in your setup:
Syntax error on line 86 of /etc/apache2/modules.d/00_default_settings.conf:
Invalid command 'Order', perhaps misspelled or defined by a module not included in the server configuration |
I have been become confuse! Is it a good idea to emerge the "apache2" once again? |
|
Back to top |
|
|
cdstealer Guru
Joined: 30 Oct 2005 Posts: 431 Location: Leeds
|
Posted: Sun Sep 18, 2011 10:34 am Post subject: |
|
|
Hi, did you open the file by any chance after you had saved it? The file works fine, there for, something on your system is changing the file.
So, my question is:
What editor are you using to open the file?
If you have or use VI, open the file, go to line 86 and look for spaces. the line should be "Order deny,allow" with only one space after Order and only a "," between deny and allow. Also check for any lines that should be commented that aren't and then retest the config. Re-emerging is not going to solve the issue and is complete overkill. _________________ # touch it
touch: cannot touch `it': Permission denied |
|
Back to top |
|
|
michelle778 n00b
Joined: 19 Mar 2005 Posts: 73
|
Posted: Sun Sep 18, 2011 10:56 am Post subject: |
|
|
got the same problem and I just merge apache and php - didn't change anything, didn't even put PHP5 in the apache_opts
Code: | /etc/init.d/apache2 start
* Use of the opts variable is deprecated and will be
* removed in the future.
* Please use extra_commands or extra_started_commands.
* apache2 has detected an error in your setup:
Syntax error on line 90 of /etc/apache2/modules.d/00_default_settings.conf:
Invalid command 'Order', perhaps misspelled or defined by a module not included in the server configuration
* ERROR: apache2 failed to start
|
If I use cdstealers config I get this:
Code: | agrotux modules.d # /etc/init.d/apache2 configtest
* Use of the opts variable is deprecated and will be
* removed in the future.
* Please use extra_commands or extra_started_commands.
* Checking apache2 configuration ...
* apache2 has detected an error in your setup:
Syntax error on line 86 of /etc/apache2/modules.d/00_default_settings.conf:
Invalid command 'Order', perhaps misspelled or defined by a module not included in the server configuration |
Any more ideas? And is there an explanation for the part with the deprecated opts variable somewhere? Where and how do I put in extra_commands or extra_started_commands? _________________ Nothing is easier than being busy - and nothing more difficult than being effective. |
|
Back to top |
|
|
cdstealer Guru
Joined: 30 Oct 2005 Posts: 431 Location: Leeds
|
Posted: Sun Sep 18, 2011 11:04 am Post subject: |
|
|
strange...
This is the version of apache and modules I am running:
Code: | Calculating dependencies... done!
[ebuild R ] www-servers/apache-2.2.21 USE="ssl -debug -doc -ldap (-selinux) -static -suexec -threads" APACHE2_MODULES="actions alias auth_basic auth_digest authn_anon authn_dbd authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock dbd deflate dir disk_cache env expires ext_filter file_cache filter headers ident imagemap include info log_config logio mem_cache mime mime_magic negotiation proxy proxy_ajp proxy_balancer proxy_connect proxy_http rewrite setenvif speling status unique_id userdir usertrack vhost_alias -asis -authn_alias -cern_meta -cgi -cgid -charset_lite -dumpio -log_forensic -proxy_ftp -proxy_scgi -reqtimeout -substitute -version" APACHE2_MPMS="-event -itk -peruser -prefork -worker" 0 kB |
_________________ # touch it
touch: cannot touch `it': Permission denied |
|
Back to top |
|
|
nader emami Tux's lil' helper
Joined: 14 Sep 2006 Posts: 88 Location: Netherlands
|
Posted: Sun Sep 18, 2011 11:16 am Post subject: |
|
|
I use the "emacs/nano" editor. But didn't change anything, and I have checked de file and I don't see any space between deny and allow. The comments are okay also.
This is the version of apache which I use.
Quote: | [ebuild R ] www-servers/apache-2.2.20 USE="ssl -debug -doc -ldap (-selinux) -static -suexec -threads" APACHE2_MODULES="vhost_alias -actions -alias -asis -auth_basic -auth_digest -authn_alias -authn_anon -authn_dbd -authn_dbm -authn_default -authn_file -authz_dbm -authz_default -authz_groupfile -authz_host -authz_owner -authz_user -autoindex -cache -cern_meta -cgi -cgid -charset_lite -dav -dav_fs -dav_lock -dbd -deflate -dir -disk_cache -dumpio -env -expires -ext_filter -file_cache -filter -headers -ident -imagemap -include -info -log_config -log_forensic -logio -mem_cache -mime -mime_magic -negotiation -proxy -proxy_ajp -proxy_balancer -proxy_connect -proxy_ftp -proxy_http -proxy_scgi -reqtimeout -rewrite -setenvif -speling -status -substitute -unique_id -userdir -usertrack -version" APACHE2_MPMS="-event -itk -peruser -prefork -worker" 0 kB |
Regards,
Nader |
|
Back to top |
|
|
michelle778 n00b
Joined: 19 Mar 2005 Posts: 73
|
Posted: Sun Sep 18, 2011 11:19 am Post subject: |
|
|
cdstealer wrote: | strange...
This is the version of apache and modules I am running:
Code: | Calculating dependencies... done!
[ebuild R ] www-servers/apache-2.2.21 USE="ssl -debug -doc -ldap (-selinux) -static -suexec -threads" APACHE2_MODULES="actions alias auth_basic auth_digest authn_anon authn_dbd authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock dbd deflate dir disk_cache env expires ext_filter file_cache filter headers ident imagemap include info log_config logio mem_cache mime mime_magic negotiation proxy proxy_ajp proxy_balancer proxy_connect proxy_http rewrite setenvif speling status unique_id userdir usertrack vhost_alias -asis -authn_alias -cern_meta -cgi -cgid -charset_lite -dumpio -log_forensic -proxy_ftp -proxy_scgi -reqtimeout -substitute -version" APACHE2_MPMS="-event -itk -peruser -prefork -worker" 0 kB |
|
Ok - I got way less modules, but supposedly you need to have authz_host (cgi or cgid) dir mime. I merged it without first, remerged since I got those portage messages. I merged again without prefork (although this seems to be default). After that I had 3 files to do an etc-update. Did that and it works like a charm now.
Question remaining is this: Code: | * Use of the opts variable is deprecated and will be
* removed in the future.
* Please use extra_commands or extra_started_commands.
* Starting apache2 ... |
_________________ Nothing is easier than being busy - and nothing more difficult than being effective. |
|
Back to top |
|
|
nader emami Tux's lil' helper
Joined: 14 Sep 2006 Posts: 88 Location: Netherlands
|
Posted: Sun Sep 18, 2011 11:27 am Post subject: |
|
|
I don't understand what you mean of: " but supposedly you need to have authz_host (cgi or cgid) dir mime"?
would you give the emerge options how I can re-emerge it? |
|
Back to top |
|
|
michelle778 n00b
Joined: 19 Mar 2005 Posts: 73
|
Posted: Sun Sep 18, 2011 11:44 am Post subject: |
|
|
Code: | APACHE2_MODULES="authz_host cgi dir mime"
|
in /etc/make.conf _________________ Nothing is easier than being busy - and nothing more difficult than being effective. |
|
Back to top |
|
|
cdstealer Guru
Joined: 30 Oct 2005 Posts: 431 Location: Leeds
|
|
Back to top |
|
|
nader emami Tux's lil' helper
Joined: 14 Sep 2006 Posts: 88 Location: Netherlands
|
|
Back to top |
|
|
cdstealer Guru
Joined: 30 Oct 2005 Posts: 431 Location: Leeds
|
Posted: Sun Sep 18, 2011 1:45 pm Post subject: |
|
|
Result! Nice work guys.. glad you both got sorted... Happy Gentooing _________________ # touch it
touch: cannot touch `it': Permission denied |
|
Back to top |
|
|
foux Tux's lil' helper
Joined: 04 Jul 2004 Posts: 89 Location: Rennes, France
|
Posted: Mon Dec 10, 2012 10:12 am Post subject: |
|
|
Hello,
I know this is quiet an old topic, but I've got exactly the same problem, exept that your solution didn't solved it.
Here are my APACHE2_MODULES : "${APACHE2_MODULES} authz_host cgi dir mime auth_basic auth_digest authn_alias authn_default authz_default authz_groupfile authz_owner authz_user userdir"
But Apache still won't let me use a Order directive.
Any idea? |
|
Back to top |
|
|
Thomas Carrie n00b
Joined: 19 Apr 2004 Posts: 70
|
Posted: Sun Feb 21, 2016 4:24 pm Post subject: Re: apache2 failed to start |
|
|
You can fix the issue by using new instructions that replace Order, Deny and Allow as explained here: https://httpd.apache.org/docs/2.4/fr/upgrading.html
There are around 5 usages of the old instructions in the conf files shipped by apache on gentoo, all of these usage have straight forward replacement indicated in the upgrading page |
|
Back to top |
|
|
cdstealer Guru
Joined: 30 Oct 2005 Posts: 431 Location: Leeds
|
Posted: Sun Feb 21, 2016 5:19 pm Post subject: |
|
|
Thomas is correct. If you are on version 2.4 then Apache have simplified the config sytax for access control.
<=2.2 example:
Code: | Order deny,allow
Allow from xxx.xxx.xxx.xxx/24 etc etc etc
Deny from All |
>=2.4 example:
Code: | Require ip xxx.xxx.xxx.xxx/24 etc etc etc
Require all denied |
_________________ # touch it
touch: cannot touch `it': Permission denied |
|
Back to top |
|
|
|