Apache's failing because of FollowSymlinks in 2.4.48

jesper

New member
Joined
May 26, 2021
Messages
1
All our servers that just updated to Apache 2.4.48 are starting to fail because of this:

May 26 12:01:06 server01.xxx.nl httpd[49971]: AH00526: Syntax error on line 3 of /etc/httpd/conf/extra/httpd-directories.conf:
May 26 12:01:06 server01.xxx.nl httpd[49971]: Option FollowSymLinks not allowed here

The changelogs for Apache 2.4.48 say:

*) core: In the absence of any Options directives, the default is now
"FollowSymlinks" instead of "All". [Igor Galić]

That looks like the FollowSymlinks in /etc/httpd/conf/extra/httpd-directory.conf is not necessary anymore, but it should be allowed. That might be a bug.

We're currently bulk-updating the /etc/httpd/conf/extra/httpd-directories.conf to prevent servers from going offline.
 
Has this been pushed to all mirrors? Switching mirrors got the new rev. for me.
Code:
./build update
--2021-05-26 08:56:27--  https://files2.directadmin.com/services/custombuild/2.0/custombuild.tar.gz
Resolving files2.directadmin.com (files2.directadmin.com)... 185.42.221.168
Connecting to files2.directadmin.com (files2.directadmin.com)|185.42.221.168|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 262486 (256K) [application/x-gzip]
Saving to: './custombuild.tar.gz'

100%[====================================================================================================================================================================================================>] 262,486      716KB/s   in 0.4s  

2021-05-26 08:56:28 (716 KB/s) - './custombuild.tar.gz' saved [262486/262486]

Extracting custombuild.tar.gz...
[root custombuild]# ./build version
2.0.0 (rev: 2711)
 
Has this been pushed to all mirrors? Switching mirrors got the new rev. for me.
Code:
./build update
--2021-05-26 08:56:27--  https://files2.directadmin.com/services/custombuild/2.0/custombuild.tar.gz
Resolving files2.directadmin.com (files2.directadmin.com)... 185.42.221.168
Connecting to files2.directadmin.com (files2.directadmin.com)|185.42.221.168|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 262486 (256K) [application/x-gzip]
Saving to: './custombuild.tar.gz'

100%[====================================================================================================================================================================================================>] 262,486      716KB/s   in 0.4s 

2021-05-26 08:56:28 (716 KB/s) - './custombuild.tar.gz' saved [262486/262486]

Extracting custombuild.tar.gz...
[root custombuild]# ./build version
2.0.0 (rev: 2711)
https://files2.directadmin.com/services/custombuild/2.0/custombuild/build is rev. 2712 at this time.
 
Hi, I have the same issue that after updating all available updates from within Custombuild I end up with a stopped httpd and cannot restart it.
I tried to build Custombuild and Apache. When doing Apache I see this error line:
  • aclocal: warning: autoconf input should be named 'configure.ac', not 'configure.in'
I'm on custombuild rev 2722.

I should check the file mentioned above and remove a link from there?
/etc/httpd/conf/extra/httpd-directories.conf

This clearly isn't my cup of tea. Can someone help me tell which line I should delete or update?

These commands also didn't help:
cd /usr/local/directadmin/custombuild
./build update
./build apache

I get an error at the end:
Job for httpd.service failed because the control process exited with error code. See "systemctl status httpd.service" and "journalctl -xe" for details.

And this:

Jun 17 05:15:06 server.berrishosting.nl systemd[1]: Starting The Apache HTTP Server...
Jun 17 05:15:06 server.berrishosting.nl httpd[12165]: AH00526: Syntax error on line 34 of /usr/local/directadmin/data/users/admin/httpd.conf:
Jun 17 05:15:06 server.berrishosting.nl httpd[12165]: Invalid command '|UNIT_PROXY|', perhaps misspelled or defined by a module not included in the server configuration
Jun 17 05:15:06 server.berrishosting.nl systemd[1]: httpd.service: main process exited, code=exited, status=1/FAILURE
Jun 17 05:15:06 server.berrishosting.nl systemd[1]: Failed to start The Apache HTTP Server.
Jun 17 05:15:06 server.berrishosting.nl systemd[1]: Unit httpd.service entered failed state.
Jun 17 05:15:06 server.berrishosting.nl systemd[1]: httpd.service failed.



Thanks a milliion. (All sites down now....)
 
Last edited:
THis is the part in httpd.conf where the Unit Proxy is mentioned:

<VirtualHost 92.48.231.23:80 >
ServerName www.berrishosting.nl
ServerAlias www.berrishosting.nl berrishosting.nl
ServerAdmin [email protected]
DocumentRoot /home/admin/domains/berrishosting.nl/public_html
ScriptAlias /cgi-bin/ /home/admin/domains/berrishosting.nl/public_html/cgi-bin/
UseCanonicalName OFF
|UNIT_PROXY|
<IfModule !mod_ruid2.c>
SuexecUserGroup admin admin
</IfModule>
<IfModule mod_ruid2.c>
RMode config
RUidGid admin admin
#RGroups apache access
RGroups @none
</IfModule>
CustomLog /var/log/httpd/domains/berrishosting.nl.bytes bytes
CustomLog /var/log/httpd/domains/berrishosting.nl.log combined
ErrorLog /var/log/httpd/domains/berrishosting.nl.error.log
<Directory /home/admin/domains/berrishosting.nl/public_html>
php_admin_flag engine ON
php_admin_value sendmail_path '/usr/sbin/sendmail -t -i -f [email protected]'
php_admin_value mail.log /home/admin/.php/php-mail.log
php_admin_value open_basedir /home/admin/:/tmp:/var/tmp:/opt/alt/php73/usr/share/pear/:/dev/urandom:/usr/local/lib/php/:/usr/local/php73/lib/php/
</Directory>
</VirtualHost>
 
Is that latest version of DirectAdmin? Try:
Code:
/usr/local/directadmin/custombuild/build rewrite_confs
 
We have experienced the same issue on a couple of servers. It does not seem to affect all systems.

CB version: 2722
Apache/2.4.48
Affected files: /usr/local/directadmin/data/users/*/httpd.conf
Error message: Invalid command '|UNIT_PROXY|', perhaps misspelled or defined by a module not included in the server configuration
Affected OS: CentOS 7 & Ubuntu 18.04

I have also tested it on some older machines and it does not seem to affect EOL Ubuntu 16.04.

Code:
/usr/local/directadmin/custombuild/build update
/usr/local/directadmin/custombuild/build clean
/usr/local/directadmin/custombuild/build apache
/usr/local/directadmin/custombuild/build rewrite_confs

The above commands do not fix the issue, a manual removal of the configuration is needed to fix the issue. Please let me know if you need any more information.
 
Last edited:
As I didn't know exactly what to do and didn't want to break things I asked Poralix to help me fix the issue.
It was fixed in less than 5 minutes....

I asked about the reason behind this issue, the reply was this:
It seems something went wrong on the developers side, and updates to Apache templates released earlier than DirectAdmin itself.

But apart from more developer issues on the DA side it's safe to update from custombuild in the future.... (according to Poralix)

Anyway thanks for your messages and hopefully I don't get more scares like this for simply running an update!

Have a great day!
 
As I didn't know exactly what to do and didn't want to break things I asked Poralix to help me fix the issue.
It was fixed in less than 5 minutes....

I asked about the reason behind this issue, the reply was this:
It seems something went wrong on the developers side, and updates to Apache templates released earlier than DirectAdmin itself.

But apart from more developer issues on the DA side it's safe to update from custombuild in the future.... (according to Poralix)

Anyway thanks for your messages and hopefully I don't get more scares like this for simply running an update!

Have a great day!
THE FIX itself? ( wat was die fix binnen 5 minuten dan in weze? )
 
You can fix the issue with '|UNIT_PROXY|' configuration error by removing the offending piece of configuration from the config files. For example:

Code:
sed -i '/|UNIT_PROXY|/d' /usr/local/directadmin/data/users/*/httpd.conf
systemctl restart httpd
 
You can fix the issue with '|UNIT_PROXY|' configuration error by removing the offending piece of configuration from the config files. For example:

Code:
sed -i '/|UNIT_PROXY|/d' /usr/local/directadmin/data/users/*/httpd.conf
systemctl restart httpd
You save my life.
 
Hello,

We've released 1.62.2. I believe the UNIT_PROXY token issue was caused by the old dataskq not being correctly re-linked, thus it didn't fill the value. After updating, if you're still getting the error, just rewrite the configs:
Code:
cd /usr/local/directadmin/custombuild
./build update
./build rewrite_confs
Sorry for any confusion!

John
 
Hello,

We've released 1.62.2. I believe the UNIT_PROXY token issue was caused by the old dataskq not being correctly re-linked, thus it didn't fill the value. After updating, if you're still getting the error, just rewrite the configs:
Code:
cd /usr/local/directadmin/custombuild
./build update
./build rewrite_confs
Sorry for any confusion!

John
Hello John,
This doesn't work on my server:
Jun 18 11:49:02 hv10 httpd[41464]: AH00526: Syntax error on line 26 of /usr/local/directadmin/data/users/admin/httpd.conf:
Jun 18 11:49:02 hv10 httpd[41464]: Invalid command '|UNIT_PROXY|', perhaps misspelled or defined by a module not included in the server configuration
Jun 18 11:49:02 hv10 systemd[1]: httpd.service: main process exited, code=exited, status=1/FAILURE
Jun 18 11:49:02 hv10 systemd[1]: Failed to start The Apache HTTP Server.
[root@hv10 custombuild]# ./build version
2.0.0 (rev: 2722)
[root@hv10 custombuild]# /usr/local/directadmin/directadmin v
Version: DirectAdmin v.1.62.2
I was forced to use the old way again:
sed -i '/|UNIT_PROXY|/d' /usr/local/directadmin/data/users/*/httpd.conf
systemctl restart httpd
 
Hello John,
This doesn't work on my server:



I was forced to use the old way again:
Me too, had to use:
sed -i '/|UNIT_PROXY|/d' /usr/local/directadmin/data/users/*/httpd.conf
systemctl restart httpd
 
Earlier I used below command to fix the problem. But the problem still reappears automatically.
Do you guys have a way to fix it permanently?
 
After
Code:
cd /usr/local/directadmin/custombuild
./build update
./build rewrite_confs
./build update apache

Code:
root@t800 custombuild]#  ./build version
2.0.0 (rev: 2723)
[root@t800 custombuild]# /usr/local/directadmin/directadmin v
Version: DirectAdmin v.1.62.2

I still have to do

Code:
sed -i '/|UNIT_PROXY|/d' /usr/local/directadmin/data/users/*/httpd.conf
systemctl restart httpd

The problem appired today night on few (not al) servers.
 
Earlier I used below command to fix the problem. But the problem still reappears automatically.
Do you guys have a way to fix it permanently?
Permanent fix is mentioned in my previous reply.
 
Back
Top