Exim love apache

I'd love to have the issue fixed as well, but no one's doing it, it's been around a long time, and I don't want to rewrite either exim or mod_php (or both), so for me, on servers running mod_php, if I see the problem (for some reason I never have), the answer would be to restart exim inside the httpd start/stop script.

I'd love to discuss on these forums the differences in the security model of mod_php vs php as cgi. Perhaps I'll start a thread in a few days.

In the meantime, this article may be a good place to start reading.

(Note I don't like disabling a lot of functions in PHP which would be perfectly safe when PHP is run as CGI. Am I wrong?)

Hopefully over the weekend I'll have time to create a new Security subforum.

Jeff
 
Driesp said:
Hello

I found another post about this bug:
http://directadmin.com/forum/showthread.php?t=23416&highlight=exim+80

Isn't that a good solution?

Dries
Click to expand...

Can anyone confirm if that works or not? Cause this problem is getting annoying, I don't want my server to go offline everytime I create a new user, and I need to kill exim before i can start httpd... It started only a couple of days ago...

Is there NO solution at all? :confused: I don't want to run php as CGI because I need the php_* in .htaccess + this problem started only a couple of days ago
 
Alright, excellent. So the solution is:

edit
Code: 
/etc/rc.d/init.d/httpd

Replace
Code: 
  restart)
	stop
	waitforexit "httpd" 20
	start
	;;
with
Code: 
  restart)
	httpd_childs=$(pstree -p $(ps u -C httpd |grep ^root |awk '{print $2}') 2>/dev/null |egrep -o '\([[:digit:]]+\)' |tr -d '()')
	stop
	waitforexit "httpd" 20
	for pid in $httpd_childs; do kill -9 $pid 2>/dev/null; done
	start
	;;

Thanks Tillo!!!
 
Last edited:
Nope, that's not it.

You have to find the "restart" function, and put those two commands before the start and stop calls, not declarations.
In bash you can see the difference from a call and a declaration by looking for "()": the call doesn't have it. Also, a declaration always have "{", the content, and "}" at the end.

In my case, I have:
Code: 
  restart)
        stop
        waitforexit "httpd" 20
        start
        ;;

This is the result:
Code: 
  restart)
        httpd_childs=$(pstree -p $(ps u -C httpd |grep ^root |awk '{print $2}') |egrep -o '\([[:digit:]]+\)' |tr -d '()')
        stop
        waitforexit "httpd" 20
        for pid in $httpd_childs; do kill -9 $pid 2>/dev/null; done
        start
        ;;
 
Last edited:
Alright, excellent. I edited my post and I edited my file. Thanks Tillo, your the best :)
 
There's some error in your httpd restart call

It throws this error, but then restarts it anyway.

Any ideas?

Code: 
# service httpd restart
Usage: pstree [ -a ] [ -c ] [ -h | -H PID ] [ -l ] [ -n ] [ -p ] [ -u ]
              [ -A | -G | -U ] [ PID | USER ]
       pstree -V
Display a tree of processes.

    -a     show command line arguments
    -A     use ASCII line drawing characters
    -c     don't compact identical subtrees
    -h     highlight current process and its ancestors
    -H PID highlight this process and its ancestors
    -G     use VT100 line drawing characters
    -l     don't truncate long lines
    -n     sort output by PID
    -p     show PIDs; implies -c
    -u     show uid transitions
    -U     use UTF-8 (Unicode) line drawing characters
    -V     display version information
    -Z     show SELinux security contexts
    PID    start at this PID; default is 1 (init)
    USER   show only trees rooted at processes of this user
 
Yep, it requires a little correction.

Change this:
Code: 
httpd_childs=$(pstree -p $(ps u -C httpd |grep ^root |awk '{print $2}') |egrep -o '\([[:digit:]]+\)' |tr -d '()')
To This:
Code: 
httpd_childs=$(pstree -p $(ps u -C httpd |grep ^root |awk '{print $2}') 2>/dev/null |egrep -o '\([[:digit:]]+\)' |tr -d '()')

It will just make it silent if there is no child.
 
tillo said:
Yep, it requires a little correction.

Change this:
Code: 
httpd_childs=$(pstree -p $(ps u -C httpd |grep ^root |awk '{print $2}') |egrep -o '\([[:digit:]]+\)' |tr -d '()')
To This:
Code: 
httpd_childs=$(pstree -p $(ps u -C httpd |grep ^root |awk '{print $2}') 2>/dev/null |egrep -o '\([[:digit:]]+\)' |tr -d '()')

It will just make it silent if there is no child.
Click to expand...

edited my post ;)
 
Uhm, now that I think about it there must be at least one PID, the parent's one... so there is something incompatible with your system.

Please run these commands and copy/paste the result here so that I can debug it:
Code: 
cat /etc/*version
ps u -C httpd |grep ^root

This unless httpd was already stopped when you restarted it... in this case it's ok. :)
 
httpd just went offline and didnt restart, i tried to restart from command line:

(98)Address already in use: make_sock: could not bind to address [::]:80
(98)Address already in use: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
Unable to open logs

in other words, making the modification to /etc/rc.d/init.d/httpd doesn't help or I did it wrong... :(
my file:
Code: 
#!/bin/bash
#
# Startup script for the Apache Web Server
#
# chkconfig: - 85 15
# description: Apache is a World Wide Web server.  It is used to serve \
#	       HTML files and CGI.
# processname: httpd
# pidfile: /var/run/httpd.pid
# config: /etc/httpd/conf/access.conf
# config: /etc/httpd/conf/httpd.conf
# config: /etc/httpd/conf/srm.conf

ulimit -HSn 32768

# Source function library.
. /etc/rc.d/init.d/functions

# This will prevent initlog from swallowing up a pass-phrase prompt if
# mod_ssl needs a pass-phrase from the user.
INITLOG_ARGS=""

# Path to the apachectl script, server binary, and short-form for messages.
apachectl=/usr/sbin/apachectl
httpd=/usr/sbin/httpd
prog=httpd
RETVAL=0


PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/etc/domeny:/etc/local/bin:.:$PATH
ENV="env -i LANG=C PATH=/usr/local/bin:/usr/bin:/bin LC_MESSAGES=en_US"

# check for 1.3 configuration
check13 () {
	CONFFILE=/etc/httpd/conf/httpd.conf
	GONE="(ServerType|BindAddress|Port|AddModule|ClearModuleList|"
	GONE="${GONE}AgentLog|RefererLog|RefererIgnore|FancyIndexing|"
	GONE="${GONE}AccessConfig|ResourceConfig)"
	if grep -Eiq "^[[:space:]]*($GONE)" $CONFFILE; then
		echo
		echo 1>&2 " Apache 1.3 configuration directives found"
		echo 1>&2 " please read @docdir@/migration.html"
		failure "Apache 1.3 config directives test"
		echo
		exit 1
	fi
}



# The semantics of these two functions differ from the way apachectl does
# things -- attempting to start while running is a failure, and shutdown
# when not running is also a failure.  So we just do it the way init scripts
# are expected to behave here.
start() {
        echo -n $"Starting $prog: "
	check13 || exit 1
        $ENV $httpd -k start -DSSL
        RETVAL=$?
        echo
        [ $RETVAL = 0 ] && touch /var/lock/subsys/httpd
        return $RETVAL
}
stop() {
	echo -n $"Stopping $prog: "
	killproc $httpd
	RETVAL=$?
	echo
	[ $RETVAL = 0 ] && rm -f /var/lock/subsys/httpd /var/run/httpd.pid
}
waitforexit() {
	count=${2:-30}
	while [ 0$count -gt 0 ]
	do
		PIDS=`ps -C$prog --no-heading e | grep $httpd` || break
		PIDS=`echo "$PIDS" | awk '{print $1}' | tr '\n' ' '`
		echo Remaining processes: $PIDS
		stop
		sleep 2
		count=`expr $count - 1`
	done
	if [ 0$count -eq 0 ];
	then
		echo Remaining processes: $PIDS
		return 1
	fi
	return 0
}


reload() {
	echo -n $"Reloading $prog: "
	check13 || exit 1
	killproc $httpd -HUP
	RETVAL=$?
	echo
}

# See how we were called.
case "$1" in
  start)
	start
	;;
  stop)
	stop
	;;
  status)
        status $httpd
	RETVAL=$?
	;;
  restart)
	httpd_childs=$(pstree -p $(ps u -C httpd |grep ^root |awk '{print $2}') 2>/dev/null |egrep -o '\([[:digit:]]+\)' |tr -d '()')
	stop
	waitforexit "httpd" 20
	for pid in $httpd_childs; do kill -9 $pid 2>/dev/null; done
	start
	;;
  condrestart)
	if [ -f /var/run/httpd.pid ] ; then
		stop
		start
	fi
	;;
  reload)
        reload
	;;
  graceful|help|configtest|fullstatus)
	$apachectl $@
	RETVAL=$?
	;;
  *)
	echo $"Usage: $prog {start|stop|restart|condrestart|reload|status|fullstatus|graceful|help|configtest}"
	exit 1
esac

exit $RETVAL
 
Oh I might add than the second time I attempted to restart from command line it did restart.
 
Oh sorry, I didnt know that it was meant for me. Im running on centos. Result of running your commands:
[root@s006 ~]# cat /etc/*version
cat: /etc/subversion: Is a directory
[root@s006 ~]# ps u -C httpd |grep ^root
root 5097 1.3 1.9 67076 40564 ? Ss 20:16 0:01 /usr/sbin/httpd -k start -DSSL
Click to expand...
 
Ok, now try this:
Code: 
pstree -p $(ps u -C httpd |grep ^root |awk '{print $2}') |egrep -o '\([[:digit:]]+\)' |tr -d '()'
 
Code: 
[root@s006 ~]# pstree -p $(ps u -C httpd |grep ^root |awk '{print $2}') |egrep -o '\([[:digit:]]+\)' |tr -d '()'
20137
20286
20390
20410
20412
20472
20475
20476
20503
20510
20514
20516
20517
 
You must log in or register to reply here.
Back
Top