Date: Wed, 27 Jul 2011 01:31:21 -0700 From: Jo Rhett <jrhett@netconsonance.com> To: "Philip M. Gollucci" <pgollucci@p6m7g8.com> Cc: freebsd-apache@freebsd.org Subject: Re: problems with db185 authentication for apr 1.4.5 and apache 2.2.19 ? Message-ID: <B4CA9D00-9EDD-4632-8A7F-3E0C45A89088@netconsonance.com> In-Reply-To: <FD27D76B-04E5-4D61-98D1-2B76BB02C50C@netconsonance.com> References: <B11948A9-A085-4D97-B8E8-700D7169E7C7@netconsonance.com> <4E2F3B16.7060204@p6m7g8.com> <FD27D76B-04E5-4D61-98D1-2B76BB02C50C@netconsonance.com>
next in thread | previous in thread | raw e-mail | index | archive | help
More interesting. I explicitly set AuthDBMType to DB and that problem =
disappeared, but the error remained. Looking at kdump this seems to be =
the problem:
3928 httpd NAMI "/usr/local/lib/apr-util-1/apr_dbm_db-1.so"
"[Wed Jul 27 01:06:25 2011] [error] [client 99.124.207.89] =
(20019)DSO load failed: could not open dbm (type DB) auth file: =
/path/to/passwd.dat
# ls -la /usr/local/lib/apr*
-rw-r--r-- 1 root wheel 7164 Jul 26 02:36 /usr/local/lib/apr.exp
-rw-r--r-- 1 root wheel 4412 Jul 26 02:36 /usr/local/lib/aprutil.exp
This doesn't seem to be a problem of reading the file so much as trying =
to load a DS0 that doesn't exist?
I've rebuilt apr1 a few times now, and those files simply aren't =
installed.
On Jul 27, 2011, at 12:31 AM, Jo Rhett wrote:
> On Jul 26, 2011, at 3:09 PM, Philip M. Gollucci wrote:
>> run httpd -X
>> and then use ktrace -i / kdump
>> then grep for NAMI and the name of your file
>=20
> Okay, well this makes sense at least - it's looking for a .dir file =
which of course doesn't exist. What I don't understand here is that I =
don't have gdbm or sdbm enabled. In fact, I don't even have them =
compiled on the platform.
>=20
> # kdump |grep /passwd
> 724 httpd NAMI "/path/to/passwd.dat.dir"
>=20
> And more to the point, I explicitly told apache not to use anything =
except BDB 185. You can see this in the configure line built by the =
port:
>=20
> $ head -10 /usr/ports/www/apache22/work/httpd-2.2.19/config.log
> This file contains any messages produced by compilers while
> running configure, to aid debugging if configure makes a mistake.
>=20
> It was created by configure, which was
> generated by GNU Autoconf 2.68. Invocation command line was
>=20
> $ ./configure --prefix=3D/usr/local --enable-layout=3DFreeBSD =
--with-perl=3D/usr/local/bin/perl5.14.1 --with-port=3D80 =
--with-expat=3D/usr/local --with-iconv=3D/usr/local --enable-http =
--with-pcre=3D/usr/local --with-apr=3D/usr/local/bin/apr-1-config =
--with-apr-util=3D/usr/local/bin/apu-1-config --disable-authn-file =
--disable-authn-default --disable-authz-host --disable-authz-groupfile =
--disable-authz-user --disable-authz-default --disable-auth-basic =
--disable-charset-lite --disable-include --disable-log-config =
--disable-env --disable-setenvif --disable-mime --disable-status =
--disable-autoindex --disable-asis --disable-cgid --disable-cgi =
--disable-negotiation --disable-dir --disable-imagemap --disable-actions =
--disable-userdir --disable-alias --disable-filter --disable-substitute =
--disable-proxy --disable-proxy-connect --disable-proxy-ftp =
--disable-proxy-http --disable-proxy-ajp --disable-proxy-balancer =
--disable-proxy-scgi --disable-reqtimeout --enable-so =
--enable-mods-shared=3Dauth_basic auth_digest authn_file authn_dbm =
authn_anon authn_default authn_alias authz_host authz_groupfile =
authz_user authz_dbm authz_owner authz_default cache disk_cache =
file_cache dav dav_fs actions alias asis autoindex cern_meta cgi =
charset_lite deflate dir dumpio env expires headers imagemap include =
info log_config logio mime mime_magic negotiation rewrite setenvif =
speling status unique_id userdir usertrack vhost_alias filter version =
reqtimeout ssl --with-dbm=3Ddb185 --with-berkeley-db=3D/usr =
--with-ssl=3D/usr --enable-v4-mapped --with-devrandom --with-mpm=3Dprefork=
--prefix=3D/usr/local --mandir=3D/usr/local/man =
--infodir=3D/usr/local/info/ --build=3Di386-portbld-freebsd8.2
>=20
>=20
>> On 07/26/11 09:35, Jo Rhett wrote:
>>> I have a 6.3 system which I just upgraded to 8.2, and obviously =
recompiled all ports from scratch. I cleared out the ports DB entirely, =
cleared out /usr/local entirely except for etc/config files. Every =
other port on the system recompiled fine, except for apache. It works =
for everything except reading authentication files. I'd deeply =
appreciate any assistance you can give to solving this.
>>>=20
>>> For some reason I can't figure out, BDB authentication using the =
built-in db 1.85 no longer works.
>>>=20
>>> dbmmanage /path/to/file view/adduser/delete/etc works fine
>>> file /path/to/file
>>> /path/to/file: Berkeley DB 1.85 (Hash, version 2, native =
byte-order)
>>>=20
>>> Accessing from the web server always returns a 500 error with the =
following in the error log:
>>> (2)No such file or directory: could not open dbm (type default) =
auth file: /path/to/passwd.dat
>>>=20
>>> I've recompiled apr and apache with a variety of different options, =
and nothing works. apr without any databases doesn't work. apr with BDB =
doesn't work, etc. My options for apache have remained the same:
>>> APACHE_PORT=3Dwww/apache22
>>> WITH_DBM=3Dbdb
>>> WITH_BDB_BASE=3Dyes
>>> =09
>>> apr1$ make showconfig
>>> =3D=3D=3D> The following configuration options are available for =
apr-ipv6-devrandom-db48-1.4.5.1.3.12:
>>> THREADS=3Don "Enable Threads in apr"
>>> IPV6=3Don "Enable IPV6 Support in apr"
>>> BDB=3Doff "Enable Berkley BDB support in apr-util"
>>> GDBM=3Doff "Enable GNU dbm support in apr-util"
>>> LDAP=3Doff "Enable LDAP support in apr-util"
>>> MYSQL=3Doff "Enable MySQL suport in apr-util"
>>> NDBM=3Doff "Enable NDBM support in apr-util"
>>> PGSQL=3Doff "Enable Postgresql suport in apr-util"
>>> SQLITE=3Doff "Enable SQLite3 support in apr-util"
>>> DEVRANDOM=3Don "Use /dev/random or compatible in apr"
>>> =3D=3D=3D> Use 'make config' to modify these settings
>>>=20
>>> apache22$ make showconfig
>>> =3D=3D=3D> The following configuration options are available for =
apache-2.2.19:
>>> THREADS=3Doff "Enable threads support in APR"
>>> MYSQL=3Doff "Enable MySQL support for apr-dbd"
>>> PGSQL=3Doff "Enable PostgreSQL support for apr-dbd"
>>> SQLITE=3Doff "Enable SQLite support for apr-dbd"
>>> IPV6=3Don "Enable IPv6 support"
>>> BDB=3Don "Enable BerkeleyDB dbm"
>>> AUTH_BASIC=3Don "Enable mod_auth_basic"
>>> AUTH_DIGEST=3Don "Enable mod_auth_digest"
>>> AUTHN_FILE=3Don "Enable mod_authn_file"
>>> AUTHN_DBD=3Doff "Enable mod_authn_dbd"
>>> AUTHN_DBM=3Don "Enable mod_authn_dbm"
>>> AUTHN_ANON=3Don "Enable mod_authn_anon"
>>> AUTHN_DEFAULT=3Don "Enable mod_authn_default"
>>> AUTHN_ALIAS=3Don "Enable mod_authn_alias"
>>> AUTHZ_HOST=3Don "Enable mod_authz_host"
>>> AUTHZ_GROUPFILE=3Don "Enable mod_authz_groupfile"
>>> AUTHZ_USER=3Don "Enable mod_authz_user"
>>> AUTHZ_DBM=3Don "Enable mod_authz_dbm"
>>> AUTHZ_OWNER=3Don "Enable mod_authz_owner"
>>> AUTHZ_DEFAULT=3Don "Enable mod_authz_default"
>>> CACHE=3Don "Enable mod_cache"
>>> DISK_CACHE=3Don "Enable mod_disk_cache"
>>> FILE_CACHE=3Don "Enable mod_file_cache"
>>> MEM_CACHE=3Doff "Enable mod_mem_cache"
>>> DAV=3Don "Enable mod_dav"
>>> DAV_FS=3Don "Enable mod_dav_fs"
>>> BUCKETEER=3Doff "Enable mod_bucketeer"
>>> CASE_FILTER=3Doff "Enable mod_case_filter"
>>> CASE_FILTER_IN=3Doff "Enable mod_case_filter_in"
>>> EXT_FILTER=3Doff "Enable mod_ext_filter"
>>> LOG_FORENSIC=3Doff "Enable mod_log_forensic"
>>> OPTIONAL_HOOK_EXPORT=3Doff "Enable mod_optional_hook_export"
>>> OPTIONAL_HOOK_IMPORT=3Doff "Enable mod_optional_hook_import"
>>> OPTIONAL_FN_IMPORT=3Doff "Enable mod_optional_fn_import"
>>> OPTIONAL_FN_EXPORT=3Doff "Enable mod_optional_fn_export"
>>> LDAP=3Doff "Enable mod_ldap"
>>> AUTHNZ_LDAP=3Doff "Enable mod_authnz_ldap"
>>> ACTIONS=3Don "Enable mod_actions"
>>> ALIAS=3Don "Enable mod_alias"
>>> ASIS=3Don "Enable mod_asis"
>>> AUTOINDEX=3Don "Enable mod_autoindex"
>>> CERN_META=3Don "Enable mod_cern_meta"
>>> CGI=3Don "Enable mod_cgi"
>>> CHARSET_LITE=3Don "Enable mod_charset_lite"
>>> DBD=3Doff "Enable mod_dbd"
>>> DEFLATE=3Don "Enable mod_deflate"
>>> DIR=3Don "Enable mod_dir"
>>> DUMPIO=3Don "Enable mod_dumpio"
>>> ENV=3Don "Enable mod_env"
>>> EXPIRES=3Don "Enable mod_expires"
>>> HEADERS=3Don "Enable mod_headers"
>>> IMAGEMAP=3Don "Enable mod_imagemap"
>>> INCLUDE=3Don "Enable mod_include"
>>> INFO=3Don "Enable mod_info"
>>> LOG_CONFIG=3Don "Enable mod_log_config"
>>> LOGIO=3Don "Enable mod_logio"
>>> MIME=3Don "Enable mod_mime"
>>> MIME_MAGIC=3Don "Enable mod_mime_magic"
>>> NEGOTIATION=3Don "Enable mod_negotiation"
>>> REWRITE=3Don "Enable mod_rewrite"
>>> SETENVIF=3Don "Enable mod_setenvif"
>>> SPELING=3Don "Enable mod_speling"
>>> STATUS=3Don "Enable mod_status"
>>> UNIQUE_ID=3Don "Enable mod_unique_id"
>>> USERDIR=3Don "Enable mod_userdir"
>>> USERTRACK=3Don "Enable mod_usertrack"
>>> VHOST_ALIAS=3Don "Enable mod_vhost_alias"
>>> FILTER=3Don "Enable mod_filter"
>>> SUBSTITUTE=3Doff "Enable mod_substitute"
>>> VERSION=3Don "Enable mod_version"
>>> PROXY=3Doff "Enable mod_proxy"
>>> PROXY_CONNECT=3Doff "Enable mod_proxy_connect"
>>> PATCH_PROXY_CONNECT=3Doff "Patch proxy_connect SSL support"
>>> PROXY_FTP=3Doff "Enable mod_proxy_ftp"
>>> PROXY_HTTP=3Doff "Enable mod_proxy_http"
>>> PROXY_AJP=3Doff "Enable mod_proxy_ajp"
>>> PROXY_BALANCER=3Doff "Enable mod_proxy_balancer"
>>> PROXY_SCGI=3Doff "Enable mod_proxy_scgi"
>>> SSL=3Don "Enable mod_ssl"
>>> SUEXEC=3Doff "Enable mod_suexec"
>>> SUEXEC_RSRCLIMIT=3Doff "SuEXEC rlimits based on login class"
>>> REQTIMEOUT=3Don "Enable mod_reqtimeout"
>>> CGID=3Doff "Enable mod_cgid"
>>> =3D=3D=3D> Use 'make config' to modify these settings
>>>=20
>>>=20
>>> As said above, I appreciate any assistance you can give.
>>>=20
>>=20
>>=20
>> --=20
>> =
------------------------------------------------------------------------
>> 1024D/DB9B8C1C B90B FBC3 A3A1 C71A 8E70 3F8C 75B8 8FFB DB9B 8C1C
>> Philip M. Gollucci (pgollucci@p6m7g8.com) c: 703.336.9354
>> VP Infrastructure, Apache Software Foundation
>> Committer, FreeBSD Foundation
>> Consultant, P6M7G8 Inc.
>> Sr. System Admin, Ridecharge Inc.
>>=20
>> Work like you don't need the money,
>> love like you'll never get hurt,
>> and dance like nobody's watching.
>=20
> --=20
> Jo Rhett
> Net Consonance : consonant endings by net philanthropy, open source =
and other randomness
>=20
--=20
Jo Rhett
Net Consonance : consonant endings by net philanthropy, open source and =
other randomness
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?B4CA9D00-9EDD-4632-8A7F-3E0C45A89088>