Apache 2.4 errors on 12.0-RELEASE

jontheil

Member


Messages: 75

I have an installation of www/apache24 that have been running flawlessly for years.
I made some changes (installed www/nextcloud, configured a nullfs(5) etc.). After that, I haven't been able to start the web server with my usual configuration.
When both mod_perl and mod_ssl are disabled, the server can be started when the inclusion of configuration files regarding virtual hosts and SSL is also removed.

The runtime configuration is
httpd -t -D DUMP_RUN_CFG
Code:
ServerRoot: "/usr/local"
Main DocumentRoot: "/usr/local/www/apache24/data"
Main ErrorLog: "/var/log/httpd-error.log"
Mutex default: dir="/var/run/" mechanism=default 
Mutex fcgid-pipe: using_defaults
Mutex authdigest-opaque: using_defaults
Mutex ssl-stapling-refresh: using_defaults
Mutex rewrite-map: using_defaults
Mutex authdigest-client: using_defaults
Mutex fcgid-proctbl: using_defaults
Mutex ssl-stapling: using_defaults
Mutex proxy: using_defaults
Mutex ssl-cache: using_defaults
PidFile: "/var/run/httpd.pid"
Define: DUMP_RUN_CFG
User: name="www" id=80
Group: name="www" id=80
Configuration files included while testing
httpd -t -D DUMP_INCLUDES
Code:
Included configuration files:
  (*) /usr/local/etc/apache24/httpd.conf
    (164) /usr/local/etc/apache24/modules.d/260_mod_perl.conf
    (164) /usr/local/etc/apache24/modules.d/270_mod_wsgi.conf
    (485) /usr/local/etc/apache24/extra/httpd-mpm.conf
    (491) /usr/local/etc/apache24/extra/httpd-autoindex.conf
    (494) /usr/local/etc/apache24/extra/httpd-languages.conf
    (500) /usr/local/etc/apache24/extra/httpd-info.conf
    (509) /usr/local/etc/apache24/extra/httpd-dav.conf
    (542) /usr/local/etc/apache24/Includes/no-accf.conf
With mod_perl enabled

When I run service apache24 start, nothing happens and the process crashes without even a core dump. The error log (configured with LogLevel debug) show very little information.

Code:
Assertion failed: (!argv[argc]), function perl_parse, file perl.c, line 1677.
With mod_ssl enabled, mod_perl disabled
With the following command, I get three lines in the error log and the core is dumped.

httpd -e info -X
Code:
*[ssl:info] [pid 98716:tid 34370617344] AH01883: Init: Initialized OpenSSL library
[info] [pid 98716] ssl_engine_init.c(365): [client AH01887: Init: Initializing (virtual) servers for SSL
[info] [pid 98716] ssl_engine_init.c(163): [client AH01876: mod_ssl/2.4.39 compiled against Server: Apache/2.4.39, Library: OpenSSL/1.0.2r
It seems unlikely that two errors (with openssl(1) and perl(1)) would happen simultaneously. I have been suspicious about the server certificates, but I cannot see anything wrong there – and the server fails to start even with no certificates configured.

Any help and suggestions will be appreciated.

Regards,
Jon Theil Nielsen
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 7,886
Messages: 31,157

How did you install Apache? From ports or packages? And is your 12.0-RELEASE fully up to date (patches)?
 

Lamia

Well-Known Member

Reaction score: 52
Messages: 327

Don't rule out the need to update your base pkgs. And you may want to get SSL working before setting up nextcloud.
 
OP
OP
jontheil

jontheil

Member


Messages: 75

How did you install Apache? From ports or packages? And is your 12.0-RELEASE fully up to date (patches)?
I installed apache from ports.
About kernel and userland:
Code:
freebsd-version -kru && uname -a
12.0-RELEASE-p4
12.0-RELEASE-p4
12.0-RELEASE-p5
FreeBSD example.com 12.0-RELEASE-p4 FreeBSD 12.0-RELEASE-p4 GENERIC  amd64
I think I read something about an issue when not running freebsd-update(8) correctly. I did
freebsd-update fetch
freebsd-update install
and rebooted to see the output above.
Could that be part of the problem?
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 7,886
Messages: 31,157

The last patch didn't update the kernel, so it still shows p4. That's fine, expected and normal.

As you built from ports, did you change the defaults with regards to SSL? Did you enable/disable any options at all? If you're using the defaults for everything why didn't you install the package?
 
OP
OP
jontheil

jontheil

Member


Messages: 75

The last patch didn't update the kernel, so it still shows p4. That's fine, expected and normal.

As you built from ports, did you change the defaults with regards to SSL? Did you enable/disable any options at all? If you're using the defaults for everything why didn't you install the package?
At least for www/apache24, I know I didn't change any options related to SSL. The reason why I build the port instead of using the package is that I years ago chose to build with all options (apart from the experimental) enabled. Might not be any good idea because of the size and complexity. But it worked fine. Another reason is that I generally don't want to mix ports and packages.
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 7,886
Messages: 31,157

The reason why I build the port instead of using the package is that I years ago chose to build with all options (apart from the experimental) enabled.
Why enable a bunch of stuff you're never going to use? That only serves to decrease your security (you can easily get bitten by a bug in a module you never realized was enabled). It would make more sense if you disabled everything, except the stuff you actually need.

Another reason is that I generally don't want to mix ports and packages.
My point exactly. There's often very little reason to even build from ports. It was commonly done on FreeBSD because the old package system was, errm, crap and maintaining it was a royal pain in the posterior. But nowadays we have pkg(8).
 
OP
OP
jontheil

jontheil

Member


Messages: 75

Why enable a bunch of stuff you're never going to use? That only serves to decrease your security (you can easily get bitten by a bug in a module you never realized was enabled). It would make more sense if you disabled everything, except the stuff you actually need.


My point exactly. There's often very little reason to even build from ports. It was commonly done on FreeBSD because the old package system was, errm, crap and maintaining it was a royal pain in the posterior. But nowadays we have pkg(8).
I get your point about using packages. Maybe I should migrate all ports into packages. Will take some time and I am not convinced that each of the will work with default settings. Though I am pretty sure most of them will.
As a test, I deleted apache24 and mod_perl2 and installed them with pkg install(8). After that, the server starts with mod_ssl enabled and mod_perl disabled. With the last one enabled, I get the same "assertion failed" error as mentioned above.
 

reddy

Member

Reaction score: 34
Messages: 72

As a test, I deleted apache24 and mod_perl2 and installed them with pkg install(8). After that, the server starts with mod_ssl enabled and mod_perl disabled. With the last one enabled, I get the same "assertion failed" error as mentioned above.
If you did that, haven't you just mixed packages and ports? Also, when you say "I usually prefer to avoid mixing", are you saying that you are sometimes mixing them? This could be a cause for the issues you are facing.
 
OP
OP
jontheil

jontheil

Member


Messages: 75

If you did that, haven't you just mixed packages and ports? Also, when you say "I usually prefer to avoid mixing", are you saying that you are sometimes mixing them? This could be a cause for the issues you are facing.
In fact, I said "...I generally don't want to mix ports and packages". So everything has been installed as ports. With a few exceptions, namely applications I just couldn't build whatever steps I took. For instance, I haven't been able to build ports-mgmt/synth which always fails because of lang/gcc6-aux. I don't know the exact number of these cases, and I don't remember how to find out. I have 1370 installed.

What specifically went wrong at the time these problem started, I don't know/remember. At least, now I know apache can be used when installed with default options set. I should be able to get the same result by something like make -C /usr/ports/www/apache24/ rmconfig deinstall clean install clean.
Then I could try to rebuild all perl-related ports (as described in /usr/ports/UPDATING) to resolve the issue with mod_perl2. Or..?
 

Lamia

Well-Known Member

Reaction score: 52
Messages: 327

Keep using ports against pkgs.There are always a few exceptions - I'm my case some browsers, vm, and a few others.
You should get Apache running with mod_ssl via ports like you did with pkgs. For the mod_perl, I hope you don't have multiple Perl versions. I have set it in my make.conf to avoid multiple versions. And that makes it easy to delete all Perl pkgs and rebuild them.

These things happen - you upgrade or update your base pkgs/repo and some pkgs won't build again.

I know that enabling unecessary build options also cause build failure or pkg crash (owing to a bug). 'make rmconfig' can be a good way to reset after deleting Apache or so.
 
Top