httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alexandru Duzsardi" <alexandru.duzsa...@pitechnologies.ro>
Subject RE: [users@httpd] HTTPD asking for password after power failure
Date Sat, 30 Jul 2016 08:47:02 GMT
Maybe check out how https://software.opensuse.org/package/haveged is configured if installed
on your system

 

Also http://www.onkarjoshi.com/blog/191/device-dev-random-vs-urandom/

 

From: Nick Williams [mailto:nicholas@nicholaswilliams.net] 
Sent: Saturday, July 30, 2016 6:05 AM
To: users@httpd.apache.org
Subject: Re: [users@httpd] HTTPD asking for password after power failure

 

It took me a while to get back to this (it’s not a mission-critical server, but I have hit
a point where I really do need to get it working again).

 

`apachectl restart` hung for many, many minutes without any input, and I eventually quit it.
I ran it again with `strace -Ff apachectl restart`. Towards the end it had read all of the
vhost config files and opened up the request and error logs configured in them, and it read
the media types config file:

 

[pid 22537] read(35, "# This file maps Internet media "..., 4096) = 4096

 

But after that is where things got weird:

 

[pid 22537] mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f73aff27000
[pid 22537] open("/dev/random", O_RDONLY|O_CLOEXEC) = 35
[pid 22537] read(35, " p$\242\33\241", 1024) = 6
[pid 22537] read(35, "\205\31\345\274A\336", 1018) = 6
[pid 22537] read(35, "\335\16\7\370\343\311", 1012) = 6
[pid 22537] read(35, "\265\362\20}F\234", 1006) = 6
[pid 22537] read(35, "\223}\\\0+\242", 1000) = 6
[pid 22537] read(35, 

 

Each `read` line there took about a full minute. It’s spending FOREVER reading from /dev/random.
That led me to try to read from /dev/random, and it is only generating a byte every few seconds.
I don’t know why, but /dev/random appears to be borked on this machine.

 

I changed ssl-global.conf to use /dev/urandom instead of /dev/random, and it started right
up in a matter of seconds.

 

I know this is now off-topic, but does anyone know why /dev/random would suddenly be gathering
almost no entropy? I have never had this problem on this system before.

 

Thanks,

 

Nick

 

On Jul 16, 2016, at 9:56 PM, Frank Gingras <thumbs@apache.org <mailto:thumbs@apache.org>
> wrote:

 

Try to use apachectl restart instead to bypass your init scripts. The latter are likely to
hide actual errors that would appear on STDERR.

 

If apachectl restart still gives you that error, perhaps your distro mangled it as well. Then,
I would use strace with httpd -X to get the complete picture.

 

On Sat, Jul 16, 2016 at 6:47 AM, Nicholas Williams <nicholas@nicholaswilliams.net <mailto:nicholas@nicholaswilliams.net>
> wrote:

I have a server running OpenSUSE 42.1 with stock Apache HTTPD 2 installed from the package
manager. It has been running without issue for well over a year. We've restarted the service
and the server since then without issue. The service always starts  on its own when the server
boots.

Last night we had a power failure. The sever came up fine. All services, including MySQL,
started fine. No obvious issues appear anywhere. But HTTPD didn't start automatically. So
I logged in to the server to investigate and try to start it.

`service apache2 status` said FAILED with no details. `/var/log/apache2/error_log` showed
nothing since the day before the power failure.

`service apache2 start` hung for about 2 minutes, and then said FAILED with no details. `/var/log/apache2/error_log`
still showed nothing since the day before the power failure. There was nothing in the system
log since my log-in to the server.

So I tried `strace -Ff service apache2 start`. The only thing I see suspicious is it calls
open on `/run/systemd/ask-password-block`. It appears it times out after never receiving a
password. But I have no idea why it would do that. None of my SSL certificates have passphrases,
and I've always been able to start HTTPD without a password.

I'm at a loss here. Any suggestions?

Thanks,

Nick
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org <mailto:users-unsubscribe@httpd.apache.org>

For additional commands, e-mail: users-help@httpd.apache.org <mailto:users-help@httpd.apache.org>


 

 


Mime
View raw message