Date: Thu, 03 Jan 2013 22:49:14 +0100 From: Miroslav Lachman <000.fbsd@quip.cz> To: Scot Hetzel <swhetzel@gmail.com> Cc: freebsd-ports@freebsd.org Subject: Re: What is policy about auto-editing config files on port install / deinstall? Message-ID: <50E5FCDA.80906@quip.cz> In-Reply-To: <CACdU%2Bf9WKAsLZHqHMZKtgGoBRL%2BR9do0qfTL0d_c_8_e6Tb4bw@mail.gmail.com> References: <50E49A73.2070008@quip.cz> <CACdU%2Bf9WKAsLZHqHMZKtgGoBRL%2BR9do0qfTL0d_c_8_e6Tb4bw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Scot Hetzel wrote:
> On Wed, Jan 2, 2013 at 2:37 PM, Miroslav Lachman<000.fbsd@quip.cz> wrote:
>> Is somewhere written policy or portmgr recommendation about ports behavior
>> on install / deinstall?
>> I am talking about some ports doing "nasty" things.
>>
>> Some ports are stopping services on deinstall, some not.
>
> I prefer that when a port is uninstalled, that the service is stopped.
> If it isn't stopped, it could pose a security risk to the system at a
> later time.
Only if it will be optional. I am "the god in my world (my system)" and
I should know better than anybody else if I need to stop the daemon at
any time.
The maintainer of any port can't know all the dependencies on my system
and my workflow with updating ports.
Somebody can consider stopping (or restarting) Apache on upgrade as
"good thing", but it can be just a small piece of bigger upgrade process
with lot of dependencies like Apache modules, PHP, PHP extensions and
libraries used by both Apache and PHP extensions. So if for example
Apache is upgraded and it will made upgrade of PCRE with different
library version number, then restart of Apache will fail on PHP not
loading missing old PCRE library.
So the Apache should be restarted after upgrade of all the modules and
libraries, not after upgrade of it self.
> We still need to come up with a way of restarting the service after
> the upgrade. Currently, it has to be done manually to start the
> service.
>
>> Some ports are editing "my config files" on deinstall, so even on upgrade
>> procedure I must check if port did some changes before I can restart target
>> daemon.
>>
> Most ports don't edit the config files as they install the original
> config file to a different name.
>
>> For example some Apache modules (mod_bw, mod_xsendfile...) are commenting
>> out load_module lines in httpd.conf so I got syntax error on Apache restart
>> after upgrade of mentioned module and Apache failed to start.
>>
> Apache 2.x is an exception, as the installation of a Apache module
> requires apachectl to add/re-enable the module in the httpd.conf file.
> Upon deinstallation, apachectl is used to disable the module in the
> httpd.conf file. It doesn't remove the LoadModule directive, it just
> adds a '#" sign in front of it. When the port is re-installed, all
> apachectl has to do is remove the '#' sign. A restart of Apache
> should then load the module again.
>
> What errors are you getting when re-installing an Apache module?
Apache modules are not enabled by default. I am talking about 3rd party
modules. In some cases, they do nothing with httpd.conf, in other cases,
they are adding commented line and I must manualy uncomment this line,
so it is my will to have this module loaded / enabled.
But upgrade or reinstall or deinstall of this module causes commenting
this line out. It is undesirable.
If I enable this module and this module will be updated 10 times a year,
why am I forced to re-enable it 10 times again?
Real world example follows:
root@spare ~/# uname -srmi
FreeBSD 8.3-RC2 amd64 GENERIC
___________________________________________________
Only Apache is installed, no 3rd party modules
root@spare ~/# pkg_info -E ap22\* apache22-\*
apache22-2.2.23_4
___________________________________________________
Copy the config file for later comparision
root@spare ~/# cp -P /usr/local/etc/apache22/httpd.conf httpd.conf.orig
___________________________________________________
Install mod_xsendfile
root@spare ~/# portmaster www/mod_xsendfile
===>>> Installation of www/mod_xsendfile (ap22-mod_xsendfile-0.12_2)
complete
___________________________________________________
There is commented LoadModule line after install added to httpd.conf
root@spare ~/# diff -U 2 httpd.conf.orig /usr/local/etc/apache22/httpd.conf
--- httpd.conf.orig 2013-01-03 12:56:22.000000000 +0100
+++ /usr/local/etc/apache22/httpd.conf 2013-01-03 21:25:03.000000000 +0100
@@ -75,4 +75,5 @@
LoadModule rewrite_module libexec/apache22/mod_rewrite.so
LoadModule php5_module libexec/apache22/libphp5.so
+#LoadModule xsendfile_module libexec/apache22/mod_xsendfile.so
___________________________________________________
I must manually uncomment the line (which is OK, I don't need to modules
be auto enabled as services are not enabled in rc.conf)
root@spare ~/# vi /usr/local/etc/apache22/httpd.conf
LoadModule xsendfile_module libexec/apache22/mod_xsendfile.so
___________________________________________________
Then I added some configuration to VirtualHost
root@spare ~/# vi
/usr/local/etc/apache22/vhosts/available/www.example.com.conf
XSendFile on
XSendFilePath /vol0/web/test
___________________________________________________
Diff shows that module is enabled
root@spare ~/# diff -U 2 httpd.conf.orig /usr/local/etc/apache22/httpd.conf
--- httpd.conf.orig 2013-01-03 12:56:22.000000000 +0100
+++ /usr/local/etc/apache22/httpd.conf 2013-01-03 21:26:46.000000000 +0100
@@ -75,4 +75,5 @@
LoadModule rewrite_module libexec/apache22/mod_rewrite.so
LoadModule php5_module libexec/apache22/libphp5.so
+LoadModule xsendfile_module libexec/apache22/mod_xsendfile.so
___________________________________________________
Syntax check
root@spare ~/# httpd -t
Syntax OK
___________________________________________________
Reinstallation of the module (same as upgrading)
root@spare ~/# portmaster ap22-mod_xsendfile-0.12_2
===>>> Creating a backup package for old version ap22-mod_xsendfile-0.12_2
===>>> Package saved to /usr/ports/packages/portmaster-backup
Don't forget to remove all mod_xsendfile-related directives in your
httpd.conf
===> Installing for ap22-mod_xsendfile-0.12_2
===> Generating temporary packing list
===> Checking if www/mod_xsendfile already installed
/usr/local/share/apache22/build/instdso.sh
SH_LIBTOOL='/usr/local/share/apr/build-1/libtool'
/usr/ports/www/mod_xsendfile/work/mod_xsendfile-0.12/mod_xsendfile.la
/usr/local/libexec/apache22
/usr/local/share/apr/build-1/libtool --mode=install cp
/usr/ports/www/mod_xsendfile/work/mod_xsendfile-0.12/mod_xsendfile.la
/usr/local/libexec/apache22/
libtool: install: cp
/usr/ports/www/mod_xsendfile/work/mod_xsendfile-0.12/.libs/mod_xsendfile.so
/usr/local/libexec/apache22/mod_xsendfile.so
libtool: install: cp
/usr/ports/www/mod_xsendfile/work/mod_xsendfile-0.12/.libs/mod_xsendfile.lai
/usr/local/libexec/apache22/mod_xsendfile.la
libtool: install: cp
/usr/ports/www/mod_xsendfile/work/mod_xsendfile-0.12/.libs/mod_xsendfile.a
/usr/local/libexec/apache22/mod_xsendfile.a
libtool: install: chmod 644 /usr/local/libexec/apache22/mod_xsendfile.a
libtool: install: ranlib /usr/local/libexec/apache22/mod_xsendfile.a
chmod 755 /usr/local/libexec/apache22/mod_xsendfile.so
[preparing module `xsendfile' in /usr/local/etc/apache22/httpd.conf]
===> Registering installation for ap22-mod_xsendfile-0.12_2
===>>> Creating a package for new version ap22-mod_xsendfile-0.12_2
===>>> Package saved to /usr/ports/packages/All
===>>> Re-installation of ap22-mod_xsendfile-0.12_2 complete
___________________________________________________
And there is a problem - syntax error, because module was disabled
(commented out on deinstall) and some directives remained in VirtualHost
definition - Apache will not start!
root@spare ~/# httpd -t
Syntax error on line 57 of
/usr/local/etc/apache22/vhosts/available/www.example.com.conf:
Invalid command 'XSendFile', perhaps misspelled or defined by a module
not included in the server configuration
___________________________________________________
Diff shows commented out line
root@spare ~/# diff -U 2 httpd.conf.orig /usr/local/etc/apache22/httpd.conf
--- httpd.conf.orig 2013-01-03 12:56:22.000000000 +0100
+++ /usr/local/etc/apache22/httpd.conf 2013-01-03 21:32:26.000000000 +0100
@@ -75,4 +75,5 @@
LoadModule rewrite_module libexec/apache22/mod_rewrite.so
LoadModule php5_module libexec/apache22/libphp5.so
+#LoadModule xsendfile_module libexec/apache22/mod_xsendfile.so
___________________________________________________
I think this behavior is wrong.
Why am I forced to manualy re-enable all 3rd party modules on each upgrade?
Modules should not disable something that is explicitly enabled by user
/ system administrator.
Miroslav Lachman
PS: I know about deinstall message "Don't forget to remove all
mod_xsendfile-related directives in your httpd.conf" but it can be
considered as maintainer's "joke" in case of module upgrade
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?50E5FCDA.80906>