httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marat Khalili <...@rqc.ru>
Subject Re: [users@httpd] HTTPD asking for password after power failure
Date Fri, 12 Aug 2016 03:10:03 GMT
>From what I saw, this behavior of /dev/random is totally normal on an idle Linux system.
Just do not ever use /dev/random.
-- 

With Best Regards,
Marat Khalili

On July 30, 2016 6:04:42 AM GMT+03:00, Nick Williams <nicholas@nicholaswilliams.net>
wrote:
>It took me a while to get back to this (it’s not a mission-critical
>server, but I have hit a point where I really do need to get it working
>again).
>
>`apachectl restart` hung for many, many minutes without any input, and
>I eventually quit it. I ran it again with `strace -Ff apachectl
>restart`. Towards the end it had read all of the vhost config files and
>opened up the request and error logs configured in them, and it read
>the media types config file:
>
>[pid 22537] read(35, "# This file maps Internet media "..., 4096) =
>4096
>
>But after that is where things got weird:
>
>[pid 22537] mmap(NULL, 8192, PROT_READ|PROT_WRITE,
>MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f73aff27000
>[pid 22537] open("/dev/random", O_RDONLY|O_CLOEXEC) = 35
>[pid 22537] read(35, " p$\242\33\241", 1024) = 6
>[pid 22537] read(35, "\205\31\345\274A\336", 1018) = 6
>[pid 22537] read(35, "\335\16\7\370\343\311", 1012) = 6
>[pid 22537] read(35, "\265\362\20}F\234", 1006) = 6
>[pid 22537] read(35, "\223}\\\0+\242", 1000) = 6
>[pid 22537] read(35, 
>
>Each `read` line there took about a full minute. It’s spending FOREVER
>reading from /dev/random. That led me to try to read from /dev/random,
>and it is only generating a byte every few seconds. I don’t know why,
>but /dev/random appears to be borked on this machine.
>
>I changed ssl-global.conf to use /dev/urandom instead of /dev/random,
>and it started right up in a matter of seconds.
>
>I know this is now off-topic, but does anyone know why /dev/random
>would suddenly be gathering almost no entropy? I have never had this
>problem on this system before.
>
>Thanks,
>
>Nick
>
>> On Jul 16, 2016, at 9:56 PM, Frank Gingras <thumbs@apache.org> wrote:
>> 
>> Try to use apachectl restart instead to bypass your init scripts. The
>latter are likely to hide actual errors that would appear on STDERR.
>> 
>> If apachectl restart still gives you that error, perhaps your distro
>mangled it as well. Then, I would use strace with httpd -X to get the
>complete picture.
>> 
>> On Sat, Jul 16, 2016 at 6:47 AM, Nicholas Williams
><nicholas@nicholaswilliams.net <mailto:nicholas@nicholaswilliams.net>>
>wrote:
>> I have a server running OpenSUSE 42.1 with stock Apache HTTPD 2
>installed from the package manager. It has been running without issue
>for well over a year. We've restarted the service and the server since
>then without issue. The service always starts  on its own when the
>server boots.
>> 
>> Last night we had a power failure. The sever came up fine. All
>services, including MySQL, started fine. No obvious issues appear
>anywhere. But HTTPD didn't start automatically. So I logged in to the
>server to investigate and try to start it.
>> 
>> `service apache2 status` said FAILED with no details.
>`/var/log/apache2/error_log` showed nothing since the day before the
>power failure.
>> 
>> `service apache2 start` hung for about 2 minutes, and then said
>FAILED with no details. `/var/log/apache2/error_log` still showed
>nothing since the day before the power failure. There was nothing in
>the system log since my log-in to the server.
>> 
>> So I tried `strace -Ff service apache2 start`. The only thing I see
>suspicious is it calls open on `/run/systemd/ask-password-block`. It
>appears it times out after never receiving a password. But I have no
>idea why it would do that. None of my SSL certificates have
>passphrases, and I've always been able to start HTTPD without a
>password.
>> 
>> I'm at a loss here. Any suggestions?
>> 
>> Thanks,
>> 
>> Nick
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
><mailto:users-unsubscribe@httpd.apache.org>
>> For additional commands, e-mail: users-help@httpd.apache.org
><mailto:users-help@httpd.apache.org>
>> 
>> 

Mime
View raw message