httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Goran Tepshic <purpleri...@gmail.com>
Subject Re: [users@httpd] FreebSD jailed Apache 2.4 rewrite/proxy module errors
Date Wed, 13 Aug 2014 12:05:54 GMT
Hmm, interesting tip Jedd.

I now tried changing mutex (*commended by default*) to *sem *and those
error logs stopped.
Now, reading this page
http://httpd.apache.org/docs/current/mod/core.html#mutex i see that there
are couple of mutexes available (*i still don't know what that is and why
do I need one*) and couple of them seems to remedy this issue.
Not sure which one should i choose, which is stable and most performant.

I'm by no means an expert, just a unix fan trying to set up a simple,
secure VPS.
Could you please shed some light on choosing the best solution?


ALso, HUGE thanks for your help!


On Wed, Aug 13, 2014 at 1:10 PM, Jeff Trawick <trawick@gmail.com> wrote:

> On Wed, Aug 13, 2014 at 6:40 AM, Goran Tepshic <purpleritza@gmail.com>
> wrote:
>
>> Just set up a FreeBSD jail to run httpd in it and all works good except
>> these two, rewrite/proxy modules.
>>
>> *These are error logs excerpts:*
>>
>>
>> *mod_rewrite* error:
>>
>> [rewrite:crit] [pid 43447] (13)Permission denied: AH00666: mod_rewrite:
>> could not init rewrite_mapr_lock_acquire in child
>>
>> *mod_proxy* error:
>>
>> [proxy:crit] [pid 43447] (13)Permission denied: AH02479: could not init
>> proxy_mutex in child
>>
>>
>> Not sure permissions of *what* are being denied as html in document root
>> is being served just fine when these modules are disabled.
>>
>> I tried googling but found nothing but rubbish.
>>
>>
>> Please help, this thing is making me crazy.
>>
> httpd/APR on FreeBSD uses a file-based mutex ("flock") by default.  It
> looks like the mutex files are placed in a location where the httpd child
> processes don't have permission.
>
> You should be able to use 2.4's Mutex directive (
> http://httpd.apache.org/docs/current/mod/core.html#mutex) to resolve the
> issue.
>
> Perhaps the necessary magic is
>
> Mutex file:/some/path/ default
>
> where /some/path is writable by httpd parent and child.  I don't *think*
> this is some jail-specific issue, other than that child-writable paths in
> the jail may be different/more limited due to the way it is set up.
>
>
> --
> Born in Roswell... married an alien...
> http://emptyhammock.com/
>
>

Mime
View raw message