| View previous topic :: View next topic |
| Author |
Message |
sschueller
n00b
Joined: 26 Feb 2004
Posts: 12
|
 Posted: Fri Mar 19, 2004 6:54 pm Post subject: Apache - hangs when restarted using ssh connection. |
 |
|
Hi,
My apache hangs when I restart it from a ssh connection. If I restart apache from the console it works fine.
If I ssh to the server and run "/etc/init.d/apache2 stop", the
server shuts down gracefully as expected. Then if I run
"/etc/init.d/apache2 start", the server starts as root but does not
spawn the child processes.
My Error log gets stuck here:
[notice] Digest: generating secret for digest authentication ...
Ive searched the web but I cant find any solutions. I did find some others who have this problem with red hat and the suggestions were that maybe the environmental variables are not correct.
I have two gentoo machines one of which works perfectly. Ive been trying to compare the two apaches but they are almost identical. Can anyone guide me to where else I should look?
I also get the Could not determine the server's fully qualified domain name, using 127.0.0.1 for ServerName on the machine which hangs. The other machine doesnt get this error although the apache conf files are identical. Also the hosts, resolv, dnsdonainame and hostname files are all set. Maybe this problem is related.
-Stefan |
|
| Back to top |
|
 |
Throstur
n00b
Joined: 01 Jul 2002
Posts: 24
Location: Reykjavik, Iceland
|
| Posted: Fri Mar 19, 2004 10:57 pm Post subject: |
|
|
Had the same problem just now, workaround for me:
Edit /etc/apache2/conf/apache2.conf
Comment out the following line: | Code: | | LoadModule auth_digest_module modules/mod_auth_digest.so |
I'll post here if I find a more permanent solution. |
|
| Back to top |
|
|
gonzalo
Tux's lil' helper
Joined: 05 Jan 2004
Posts: 104
Location: CL
|
| Posted: Fri Mar 19, 2004 10:59 pm Post subject: |
|
|
| It happened to me once. Did the same as above |
|
| Back to top |
|
|
sschueller
n00b
Joined: 26 Feb 2004
Posts: 12
|
| Posted: Sat Mar 20, 2004 6:21 pm Post subject: |
|
|
What is auth_digest_module used for?
-Stefan |
|
| Back to top |
|
|
Icer
Guru
Joined: 26 Aug 2003
Posts: 395
Location: @home
|
| Posted: Sat Mar 20, 2004 6:38 pm Post subject: |
|
|
| Just a guess, but it looks like authorization and/or security related module. |
|
| Back to top |
|
|
mastabog
n00b
Joined: 13 Mar 2004
Posts: 59
|
| Posted: Sat Apr 10, 2004 9:28 am Post subject: |
|
|
That happens to me always if i have the auth_digest module turned On.
What's worse is that it happens even if i reboot Gentoo, not only when I restart Apache from a ssh session. If I reboot Gentoo Apache won;t work, but as soon as I ssh into the box, Apache starts working.
Looking into the error_log I found this:
| Code: | [Fri Apr 09 13:28:37 2004] [notice] Digest: generating secret for digest authentication ...
[Fri Apr 09 13:36:05 2004] [notice] Digest: done |
The "done" time is exactly the time when I ssh'ed into Gentoo. The previous entry, 8 minutes before is when Apache started. Within those 8 minutes I tried a page with my browser but no answer ... it was hanged.
It seems like a seed/random generatrion conflict with the one in SSH, cus as I said, as soon as i access the ssh daemon with my ssh client, apache starts working.
I'm using Apache 2.0.49 on a Gentoo installed at Linode.com on in a UML environment.
If anyone has a real fix, please tell. I post this as a Gentoo bug if there's not already there.
Last edited by mastabog on Thu Aug 11, 2005 9:11 am; edited 1 time in total |
|
| Back to top |
|
|
mcap
n00b
Joined: 04 Jun 2005
Posts: 2
|
|
| Back to top |
|
|
petlab
Apprentice
Joined: 03 May 2004
Posts: 290
Location: Armpit, Oregon
|
| Posted: Wed Jun 08, 2005 8:57 pm Post subject: |
|
|
Yo, this Works For Me.
| Code: | | 2.6.11.9-grsec #7 SMP Wed Jun 8 14:23:43 UTC 2005 x86_64 AMD Opteron(tm) Processor 246 AuthenticAMD GNU/Linux |
Now it has zero problems. I read that /dev/urandom is slightly less random during startup, therefore it isn't as secure. Hey, if apache won't even start, that is a bigger problem, Doh.
I note that in apache 2.0.54-r6 the directives in 40_mod_ssl.conf didn't work, so I HAD to specify the MYBUILTINS argument. It seems that when built without the argument, it may ignore these directives telling it which file to use:
| Code: | SSLRandomSeed startup file:/dev/urandom 1024
SSLRandomSeed connect file:/dev/urandom 1024 |
I note also that when I # cat /dev/random I get nothing, but when I # cat/dev/urandom I get the usual messed up terminal because it is spewing random out. Seems my /dev/random may not work, even tho I have it put into my kern.
HTH
_________________
Get Serious - Get JAWA CZ |
|
| Back to top |
|
|
frilled
Retired Dev
Joined: 15 Mar 2004
Posts: 386
Location: Atlantis, inner city ring
|
| Posted: Thu Aug 11, 2005 8:28 am Post subject: |
|
|
There are kernel options to let network traffic contribute to /dev/random. It's off by default for security reasons (to avoid that someone feeds you a random seed by sending network packets to you), but I think that would be very hard to exploit 
_________________
"Failure is not an option!"
"Sir, we are out of further options." |
|
| Back to top |
|
|
|
Networking & Security
