Package: apache2-bin
Version: 2.4.46-2
Severity: important
On my machine, /usr/sbin/apache2 fails to start with the following message:
[Thu Dec 24 15:38:01.052051 2020] [:crit] [pid 15725] (38)Function not implemented: AH00141: Could not initialize random number generator
This happens very early, before reading conffiles or parsing command-line
arguments.
The error comes from line 5674 here:
https://svn.apache.org/viewvc/httpd/httpd/trunk/server/core.c?revision=1884431&view=markup#l5674and is due to a failure in apr_generate_random_bytes().
You can see that the associated call/failure is happening inside APR here, on
line 216:
https://svn.apache.org/viewvc/apr/apr/trunk/misc/unix/rand.c?revision=1832691&view=markup#l216The issue is that if the library is configured (at build time) to
USE_GETRANDOM, then it assumes that the getrandom() call will be available and
if it fails it becomes a fatal error. On my system, I don't have getrandom()
because I'm running an ancient kernel, but others could (more legitimately)
have the option disabled on a recent custom-built kernel.
I think the correct fix is to not use that build-time option, and go back to
using DEV_RANDOM or whatever was being used previously. Alternatively, at
least document that a kernel with getrandom() support is required to use
apache2.
I'm not sure exactly when the packaging on this changed, but I know it was
broken in 2.4.46-1 and I *think* it worked in 2.4.43-1, although I can't get a
copy of that to double-check anymore.
-- Package-specific info:
-- System Information:
Debian Release: bullseye/sid
APT prefers testing
APT policy: (501, 'testing'), (100, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.14.15 (SMP w/4 CPU threads)
Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages apache2-bin depends on:
ii libapr1 1.7.0-4
ii libaprutil1 1.6.1-5
ii libaprutil1-dbd-sqlite3 1.6.1-5
ii libaprutil1-ldap 1.6.1-5
ii libbrotli1 1.0.9-2+b2
ii libc6 2.31-5
ii libcrypt1 1:4.4.17-1
ii libcurl4 7.72.0-1
ii libjansson4 2.13.1-1
ii libldap-2.4-2 2.4.56+dfsg-1
ii liblua5.2-0 5.2.4-1.1+b3
ii libnghttp2-14 1.42.0-1
ii libpcre3 2:8.39-13
ii libssl1.1 1.1.1h-1
ii libxml2 2.9.10+dfsg-6.3+b1
ii perl 5.32.0-6
ii zlib1g 1:1.2.11.dfsg-2
apache2-bin recommends no packages.
Versions of packages apache2-bin suggests:
ii apache2-doc 2.4.46-2
pn apache2-suexec-pristine | apache2-suexec-custom <none>
ii links [www-browser] 2.21-1
ii lynx [www-browser] 2.9.0dev.6-1
ii w3m [www-browser] 0.5.3-38+b1
Versions of packages apache2 depends on:
ii apache2-data 2.4.46-2
ii apache2-utils 2.4.46-2
ii dpkg 1.20.5
ii init-system-helpers 1.60
ii lsb-base 11.1.0
ii mime-support 3.66
ii perl 5.32.0-6
ii procps 2:3.3.16-5
Versions of packages apache2 recommends:
ii ssl-cert 1.0.40
Versions of packages apache2 suggests:
ii apache2-doc 2.4.46-2
pn apache2-suexec-pristine | apache2-suexec-custom <none>
ii links [www-browser] 2.21-1
ii lynx [www-browser] 2.9.0dev.6-1
ii w3m [www-browser] 0.5.3-38+b1
Versions of packages apache2-bin is related to:
ii apache2 2.4.46-2
ii apache2-bin 2.4.46-2
-- no debconf information