Summary: | Apache2 SSL pages cause a hang with peruser enabled | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | nuitari |
Component: | [OLD] Server | Assignee: | Apache Team - Bugzilla Reports <apache-bugs> |
Status: | RESOLVED UPSTREAM | ||
Severity: | critical | ||
Priority: | High | ||
Version: | unspecified | ||
Hardware: | x86 | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
nuitari
2005-03-20 00:18:44 UTC
The peruser mpm is experimental; it is of course your choice to run experimental software on a 'mission critical production server', however we do not support nor recommend it. we should add a `ewarn mpm-peruser is considered being EXPERIMENTIAL etc pp` if useq mpm-peruser; + - ? erm. sorry, one note left: when you can provide use with a backtrace, we can sent it to upstream (the peruser mpm devs) or you'll just do so ;) Because: finding a problem is one thing, but getting it fixed requires such problems *to be reported* (with detailed infos). There was already a notice that metux/peruser was experimental; that was displayed in src_compile, so I've moved that into pkg_setup and made the warning more verbose. :) Yes I do know that the mpm is experimental. However after the Santy worm, the tons of poorly programmed cgi and php script that require lots of files to be 777, users that don't or won't understand Linux's permission system, the unviability of having an apache process and an ip per user for individuals chroot, peruser's chroot and execution as a specific user should help limit security problems, barring any problems in peruser. How can I get a backtrace of a process while it is running ? does your default vhost have the ServerEnvironment directive? it is very important to give _EVERY_ vhost a ServerEnvironment, and you shouldn't put it in global scope Yes it has, however I'm also using vhost_mod_alias I'm trying to get peruser to work on a server of mine, but I cannot find *any* documentation for it. If you could at least post or point me to some where where I could see a simple example ala <IfModule peruser.c> ... Multiplexer ... </IfModule> and then what each vhost needs and where proccessor goes (I'm assuming in the vhost config Also, I'm confused by the ServerEnvironment directive and you mentioned it also. I cannot find any reference to it anywhere. Thanks. Due to a design flaw in peruser, it will not work for SSL connections. This is an UPSTREAM issue. Please report it to them. Sure, thanks |