Apache fatally exits when virtual domain's TransferLog can't be opened !

Apache fatally exits when virtual domain's TransferLog can't be opened !

Post by Richard Llo » Fri, 31 Oct 1997 04:00:00



We're running Apache 1.2.4 (HP-UX 10.10) and we deleted an old tree
for a virtual domain that we no longer used. When trying to restart Apache
with the same config (still had the <VirtualHost> section for the
deleted Web tree, complete with a TransferLog path to the non-existent
access_log in the deleted tree), IT WOULDN'T START AT ALL !

This is a major, major bug with Apache - if any of your access_log's can't
be opened for virtual domains (TransferLog directive), Apache refuses
completely to start up, so all your other virtual domains suddenly become
unavailable and your Web server stops Web serving completely. This is appalling
- Apache need to fix this ASAP - the solution should be to just *ignore*
virtual domains with inacessible TransferLog files (issuing a warning message)
[or alternatively start up the virtual domain and don't log accesses to it]
whilst firing up the httpd's to support the rest of the correctly configured
virtual domains.

We had exactly the same abhorrent behaviour if any of your virtual domains'
ServerName entries failed to DNS lookup in earlier versions of Apache (I
complained about it in this newsgroup several months ago), but this TransferLog
problem is just as bad.


Connect,                       WWW: http://www.csc.liv.ac.uk/~rkl/
5-31, Great Newton St,
Liverpool University,
Merseyside, UK. L69 3BX

 
 
 

Apache fatally exits when virtual domain's TransferLog can't be opened !

Post by Marc Slemk » Mon, 03 Nov 1997 04:00:00



Quote:>We're running Apache 1.2.4 (HP-UX 10.10) and we deleted an old tree
>for a virtual domain that we no longer used. When trying to restart Apache
>with the same config (still had the <VirtualHost> section for the
>deleted Web tree, complete with a TransferLog path to the non-existent
>access_log in the deleted tree), IT WOULDN'T START AT ALL !
>This is a major, major bug with Apache - if any of your access_log's can't
>be opened for virtual domains (TransferLog directive), Apache refuses
>completely to start up, so all your other virtual domains suddenly become
>unavailable and your Web server stops Web serving completely. This is appalling
>- Apache need to fix this ASAP - the solution should be to just *ignore*
>virtual domains with inacessible TransferLog files (issuing a warning message)
>[or alternatively start up the virtual domain and don't log accesses to it]
>whilst firing up the httpd's to support the rest of the correctly configured
>virtual domains.

I'm not really sure that this is such a big issue.  You talk as if
you are storing log files for virtual hosts within the virtual host's
document tree.  If this is somewhere that is writable by anyone
other than root, they can gain full root access to your system, assuming
your server is started as root.

You must not put log files in any directory that is writable (or
is below one writable) by anyone who you don't want to have root.
This is mentioned in the documentation.

So while this is something that should arguable be fixed, I really
don't see it being a major issue for most sites.  For most systems,
the only way someone can delete the directory where logs are written
to is if they have root access.  If they have root access, they
should know what they are doing.  Add that to the fact that most
sites put all their log files in one directory because it takes
special effort to be able to port them in seperate directories for
each virtualhost for the above mentioned security issues.

 
 
 

1. HELP: Virtual domain e-mail handler using '.domains'

Hi There

We have a machine with a few virtual domains handled by 'sendmail'.
All works ok, however we are looking for a 'mail handler' that can
handle mail seperated out based on domain name using the
'domainaliases' function in 'sendmail'.

I have seen this in action on a couple of sites. The administrator for
a domain has a '.domains' file in their home directory which decides
how mail is filtered or redirected. The mail handler they use is a 'c'
program called 'spcl' which could have been developed by themselves
(I'm not sure).

The contents of the '.domains' file looks something similar to the
following :-







foo.com jbeen

The '#' directive tells the mail handler to pass over function to
'MReply' which is used to handle mail lists. Otherwise the mail is
redirected to the account on the right. The last line indicates that
any other mail should be sent through to the specified user.

This is exactly what we would like to do on our small network here,
but after a couple of weeks searching the net and reading all the
available FAQs are no nearer finding a solution.

Any help would be VERY appreciated.

Paul

2. route-trouble

3. ksh: trap '...' exit int ... or just trap '...' exit?

4. Please advise upgrade path re: licq and Qt

5. APACHE/Newbie: Virtual Domains under a Virtual Domain?

6. How to disable CTRL-ALT-DEL restart in console mode?

7. pro's and con's of virtual domains (hosts) on solaris

8. remove an unused function from wd7000.c

9. Apache does't want to do name based virtual domains

10. Apache mod_auth_dbm err:'can't open dbm file'

11. Virtual domains don't work under Apache

12. Virtual Domains and '~user'

13. Virtual domains in apache proxy server (don't works)