Careful with apache upgrades

You might (or not if you don’t visit) notice all my websites were down.  A rushed apt-get dist-upgrade and I found two problems:

  1. PHP5 got removed, which is bad if you run a wordpress site that uses PHP to run
  2. The apache configuration has changed.

Yes, the NEWS entries did warn me, if I read them fully. Yes, I didn’t read them enough.

Apache now ignores configuration files that don’t end in .conf To give a completely non-theoretical example, if you have your virtual hosts in files such as /etc/apache2/sites-enabled/enc.com.au then this will not be recognised and your sites will show the default “It works” page.

Stuff that doesn’t fall in the usual places where website stuff should go, which for my setup is a lot of things, will also be denied as the developers have tightened up the rules around what is permitted.  Pretty simple to fix with a few <Directory blah> clauses.

This isn’t a criticism of the Debian apache developers. They do an awesome job of keeping the package workable, flexible but secure which isn’t easy.  Now it’s all back working, I actually agree with the changes they have made. It is just that the latest changes are, well, tricky so be forewarned.

 

Enhanced by Zemanta

Comments

8 responses to “Careful with apache upgrades”

  1. Just to make it clear for the benefit of any readers who are not familiar with the distinction.

    This is Debian’s packaging of Apache that sprung a stealth change on you. If you use Apache’s packages (from apache.org), they will NEVER spring incompatible changes on you UNLESS you make a major version change (as in 2.2.x to 2.4.x) or use features marked “experimental”.

    I have a longstanding gripe with Debian’s packagers: they reorganise it so as to leave users who read Apache’s documentation hopelessly confused. See for example this article or trawl my blog for mentions of Debian (some of which are more positive).

    1. Richard Avatar
      Richard

      Indeed, this was an upgrade from apache 2.2 to 2.4 and I think the debian packagers do a sterling job on taking the ability to customize the configuration while leaving sane defaults in most areas. Admittedly the change from httpd.conf to apache2.conf seems totally unecessary to me but is easily discoverable and documented in a standard location for debian packages (i.e. /usr/share/doc/apache2/README.Debian.gz) so going to the distributor for first line of support is not a bad thing to do ( apache being especially well served by debian-apache mailing list, plus many people on the #debian irc channels being familiar with it). It is frustrating I realize but I don’t think this is a problem that can be laid at the feet of the end users, the distributors or upstream. It’s hard to know for a beginner whether they need help with the distribution or upstream. It’s hard for the distributor to know everything about every package in their channel, especially when maintainers of a particular package are inactive or have abdicated their maintainership. And it’s hard for upstream to know the differences introduced by the multitude of different channels their software is available through.

    2. Karellen Avatar
      Karellen

      “A rushed apt-get dist-upgrade…”

      “If you use Apache’s packages (from apache.org), they will NEVER spring incompatible changes on you UNLESS you make a major version change (as in 2.2.x to 2.4.x)”

      Um, it’s entirely possible that recent “dist-upgrade” *did* include a major version change from 2.2.22-13 to 2.4.6-2. Check http://packages.qa.debian.org/a/apache2.html and note the news articles “MIGRATED to testing” from 2013-03-10 and 2013-08-02.

      “This is Debian’s packaging of Apache that sprung a stealth change on you.”

      It’s a good idea to install “apt-listchanges” if you run testing or unstable, which will show you any NEWS changes at the point of upgrade.
      (If you run “stable”, you should probably check *everything* manually after a full Debian release upgrade)

  2. Hello

    What version of Debian are you talking about? I have Squeeze and it doesn’t have issues although it is updated regularly. Is it about Wheezy?

    1. 2.2 something to 2.4 something. They’re big changes, I think they are important ones.
      But they can bite, so treat with care

Leave a Reply

Your email address will not be published. Required fields are marked *