[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#292122: /etc/apache-ssl/httpd.conf is modified without questions on upgrade

Package: apache-ssl
Version: 1.3.33-3
Severity: important

When I just upgraded apache-ssl, the postinst script did these modifications
without asking me: 

canardo:/etc/apache-ssl# cvs diff -u httpd.conf 
Index: httpd.conf
RCS file: /usr/local/cvsroot/canardo_etc/apache-ssl/httpd.conf,v
retrieving revision 1.16
diff -u -r1.16 httpd.conf
--- httpd.conf  5 Jan 2005 14:29:46 -0000       1.16
+++ httpd.conf  25 Jan 2005 08:21:01 -0000
@@ -37,7 +37,7 @@
 ### Section 2: 'Main' server configuration
 BindAddress www.mork.no
-Port 80
+Port 443
 Listen www.mork.no:443
 Listen www.mork.no:80
 User www-data
@@ -417,3 +417,9 @@
 Include /etc/cacti/apache.conf
+# Automatically added by the post-installation script
+# as part of the transition to a config directory layout
+# similar to apache2, and that will help users to migrate
+# from apache to apache2 or revert back easily
+Include /etc/apache-ssl/conf.d

This is quite serious, since changing the bind port changes the configuration
in a way which cannot be done safely.  How would you know what the admins 
intentions are? 

Luckily, I also had a virtual server running on port 443, so I noticed an
uexpected error caused by the above change.


-- System Information:
Debian Release: 3.1
  APT prefers testing
  APT policy: (650, 'testing'), (600, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.8-2-686
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)

Versions of packages apache-ssl depends on:
ii  apache-common               1.3.33-3     support files for all Apache webse
ii  debconf               Debian configuration management sy
ii  dpkg                        1.10.26      Package maintenance system for Deb
ii  libc6                       2.3.2.ds1-20 GNU C Library: Shared libraries an
ii  libdb4.2                    4.2.52-17    Berkeley v4.2 Database Libraries [
ii  libexpat1                   1.95.8-1     XML parsing C library - runtime li
ii  libmagic1                   4.12-1       File type determination library us
ii  libssl0.9.7                 0.9.7e-2     SSL shared libraries
ii  logrotate                   3.7-2        Log rotation utility
ii  mime-support                3.28-1       MIME files 'mime.types' & 'mailcap
ii  openssl                     0.9.7e-2     Secure Socket Layer (SSL) binary a
ii  perl                        5.8.4-5      Larry Wall's Practical Extraction 
ii  ssl-cert                    1.0-11       Simple debconf wrapper for openssl

-- debconf information:
  apache-ssl/server-name: www.mork.no
  apache-ssl/server-admin: webmaster@mork.no
* apache-ssl/enable-suexec: true
  apache-ssl/init: true
  apache-ssl/document-root: /home/www/mork.no

Reply to: