Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 04 Sep 2013 18:54:39 +0300
From:      Andriy Gapon <avg@FreeBSD.org>
To:        apache@FreeBSD.org, ohauer@FreeBSD.org
Subject:   www/apache22/files/patch-support__apachectl.in change in r322368
Message-ID:  <522757BF.60300@FreeBSD.org>

next in thread | raw e-mail | index | archive | help

http://svnweb.freebsd.org/ports?view=revision&revision=322368
Commit message says:
	- add fix for CVE-2013-1862
	- adjust vuxml

At the same time there is the following change to patch-support__apachectl.in:
+-case $ARGV in
+-start|stop|restart|graceful|graceful-stop)
+-    $HTTPD -k $ARGV
++case $ACMD in
++start|stop|restart|rcvar|reload|graceful|gracefulstop|graceful-stop)
++#    $HTTPD -k $ARGV
++    $SERVICE $( echo $ACMD | tr -d '-' )
+     ERROR=$?
+     ;;

Of particular interest to me is this change from direct start of httpd to
starting via service(8) command.
There is no rationale for this change in commit message...

Now I will describe a problem that this changes causes for us.
Among other things we use piped loggers with apache.  Our filter commands need
custom PATH to be specified for them.  Basically they start with:
#!/usr/bin/env blah-blah
And finding blah depends on the proper PATH.
We are careful to set PATH before running apachectl.  Everything used to work
without any glitch.

Now, service(8) does the following:
exec env -i HOME=/ PATH=/sbin:/bin:/usr/sbin:/usr/bin $dir/$script $*
This obviously nullifies any effects of our PATH customization.
Our configuration became broken.

Do you have any suggestions on how we can work around the problem?

Another minor consequence of this change is that now apache22_enable="YES" must
be set to start httpd even via apachectl.  Previously it didn't have to be
specified.
And unlike rc.d/apache22 which accepts onestart/forcestart as all rc scripts do,
apachectl rejects these commands.

So, I think that the change:
- was not appropriately committed but rather sneaked into another change
- is a POLA violation
- is a PITA

So, perhaps you could consider reverting it?

Thank you very much for all the hard work on apache ports.
Hope that you will be able to help to resolve the reported issues.
-- 
Andriy Gapon



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?522757BF.60300>