--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: /etc/apache-ssl/httpd.conf is modified without questions on upgrade
- From: Bjørn Mork <bjorn@mork.no>
- Date: Tue, 25 Jan 2005 09:45:05 +0100
- Message-id: <200501250845.j0P8j5Md019109@canardo.mork.no>
Package: apache-ssl
Version: 1.3.33-3
Severity: important
When I just upgraded apache-ssl, the postinst script did these modifications
without asking me:
canardo:/etc/apache-ssl# cvs diff -u httpd.conf
Index: httpd.conf
===================================================================
RCS file: /usr/local/cvsroot/canardo_etc/apache-ssl/httpd.conf,v
retrieving revision 1.16
diff -u -r1.16 httpd.conf
--- httpd.conf 5 Jan 2005 14:29:46 -0000 1.16
+++ httpd.conf 25 Jan 2005 08:21:01 -0000
@@ -37,7 +37,7 @@
### Section 2: 'Main' server configuration
BindAddress www.mork.no
-Port 80
+Port 443
Listen www.mork.no:443
Listen www.mork.no:80
User www-data
@@ -417,3 +417,9 @@
Include /etc/cacti/apache.conf
</VirtualHost>
+
+# Automatically added by the post-installation script
+# as part of the transition to a config directory layout
+# similar to apache2, and that will help users to migrate
+# from apache to apache2 or revert back easily
+Include /etc/apache-ssl/conf.d
This is quite serious, since changing the bind port changes the configuration
in a way which cannot be done safely. How would you know what the admins
intentions are?
Luckily, I also had a virtual server running on port 443, so I noticed an
uexpected error caused by the above change.
Bjørn
-- System Information:
Debian Release: 3.1
APT prefers testing
APT policy: (650, 'testing'), (600, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.8-2-686
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)
Versions of packages apache-ssl depends on:
ii apache-common 1.3.33-3 support files for all Apache webse
ii debconf 1.4.30.11 Debian configuration management sy
ii dpkg 1.10.26 Package maintenance system for Deb
ii libc6 2.3.2.ds1-20 GNU C Library: Shared libraries an
ii libdb4.2 4.2.52-17 Berkeley v4.2 Database Libraries [
ii libexpat1 1.95.8-1 XML parsing C library - runtime li
ii libmagic1 4.12-1 File type determination library us
ii libssl0.9.7 0.9.7e-2 SSL shared libraries
ii logrotate 3.7-2 Log rotation utility
ii mime-support 3.28-1 MIME files 'mime.types' & 'mailcap
ii openssl 0.9.7e-2 Secure Socket Layer (SSL) binary a
ii perl 5.8.4-5 Larry Wall's Practical Extraction
ii ssl-cert 1.0-11 Simple debconf wrapper for openssl
-- debconf information:
apache-ssl/server-name: www.mork.no
apache-ssl/server-admin: webmaster@mork.no
* apache-ssl/enable-suexec: true
apache-ssl/init: true
apache-ssl/document-root: /home/www/mork.no
--- End Message ---