Date: Wed, 27 Jul 2011 01:50:35 -0700 From: Jo Rhett <jrhett@netconsonance.com> To: "Philip M. Gollucci" <pgollucci@p6m7g8.com> Cc: freebsd-apache@freebsd.org Subject: Re: problems with db185 authentication for apr 1.4.5 and apache 2.2.19 ? Message-ID: <BEA8B970-6C8F-4699-B857-910CAE2D60BF@netconsonance.com> In-Reply-To: <B4CA9D00-9EDD-4632-8A7F-3E0C45A89088@netconsonance.com> References: <B11948A9-A085-4D97-B8E8-700D7169E7C7@netconsonance.com> <4E2F3B16.7060204@p6m7g8.com> <FD27D76B-04E5-4D61-98D1-2B76BB02C50C@netconsonance.com> <B4CA9D00-9EDD-4632-8A7F-3E0C45A89088@netconsonance.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Okay, by compiling apr with BDB support (db48 since that's what I have = installed) I got that .so file to exist, but apr can't read the file. = It would appear that the root of this problem is that I can compile = apache with db185 support, but there's no way I have found to compile = apr with support for db185? 54579 initial thread NAMI "/path/to/passwd.dat" 54579 initial thread STRU struct stat {dev=3D94, ino=3D14790906, = mode=3D-rw-r----- , nlink=3D1, uid=3D1001, gid=3D80, rdev=3D59123456, = atime=3D1311756287, stime=3D117346 0427, ctime=3D1173460427, birthtime=3D1173460427, size=3D16384, = blksize=3D16384, blocks=3D32, flags=3D0x0 } 54579 initial thread RET stat 0 54579 initial thread CALL open(0x884b1100,O_RDONLY,<unused>0) 54579 initial thread NAMI "/path/to/passwd.dat" 54579 initial thread RET open 13/0xd 54579 initial thread CALL fcntl(0xd,F_GETFD,0) 54579 initial thread RET fcntl 0 54579 initial thread CALL fcntl(0xd,F_SETFD,FD_CLOEXEC) 54579 initial thread RET fcntl 0 54579 initial thread CALL read(0xd,0xbfbfe484,0x200) 54579 initial thread GIO fd 13 read 512 bytes 54579 initial thread RET read 512/0x200 54579 initial thread CALL write(0x2,0xbfbfda50,0x5b) 54579 initial thread GIO fd 2 wrote 91 bytes "__db_meta_setup: /path/to/passwd.dat: unexpected file type or = format" 54579 initial thread RET write 91/0x5b 54579 initial thread CALL write(0x2,0x883847f3,0x1) 54579 initial thread GIO fd 2 wrote 1 byte 54579 initial thread RET write 1 54579 initial thread CALL close(0xd) 54579 initial thread RET close 0 54579 initial thread CALL gettimeofday(0xbfbfa7c4,0) 54579 initial thread RET gettimeofday 0 54579 initial thread CALL write(0x6,0xbfbfc81c,0xbe) 54579 initial thread GIO fd 6 wrote 190 bytes "[Wed Jul 27 01:44:49 2011] [error] [client 99.124.207.89] = (120022)APR does not understand this error code: could not open dbm = (type DB) auth file: /path/to/passwd.dat " On Jul 27, 2011, at 1:31 AM, Jo Rhett wrote: > More interesting. I explicitly set AuthDBMType to DB and that problem = disappeared, but the error remained. Looking at kdump this seems to be = the problem: >=20 > 3928 httpd NAMI "/usr/local/lib/apr-util-1/apr_dbm_db-1.so" > "[Wed Jul 27 01:06:25 2011] [error] [client 99.124.207.89] = (20019)DSO load failed: could not open dbm (type DB) auth file: = /path/to/passwd.dat >=20 > # ls -la /usr/local/lib/apr* > -rw-r--r-- 1 root wheel 7164 Jul 26 02:36 /usr/local/lib/apr.exp > -rw-r--r-- 1 root wheel 4412 Jul 26 02:36 = /usr/local/lib/aprutil.exp >=20 > This doesn't seem to be a problem of reading the file so much as = trying to load a DS0 that doesn't exist? >=20 > I've rebuilt apr1 a few times now, and those files simply aren't = installed. >=20 > On Jul 27, 2011, at 12:31 AM, Jo Rhett wrote: >> On Jul 26, 2011, at 3:09 PM, Philip M. Gollucci wrote: >>> run httpd -X >>> and then use ktrace -i / kdump >>> then grep for NAMI and the name of your file >>=20 >> Okay, well this makes sense at least - it's looking for a .dir file = which of course doesn't exist. What I don't understand here is that I = don't have gdbm or sdbm enabled. In fact, I don't even have them = compiled on the platform. >>=20 >> # kdump |grep /passwd >> 724 httpd NAMI "/path/to/passwd.dat.dir" >>=20 >> And more to the point, I explicitly told apache not to use anything = except BDB 185. You can see this in the configure line built by the = port: >>=20 >> $ head -10 /usr/ports/www/apache22/work/httpd-2.2.19/config.log >> This file contains any messages produced by compilers while >> running configure, to aid debugging if configure makes a mistake. >>=20 >> It was created by configure, which was >> generated by GNU Autoconf 2.68. Invocation command line was >>=20 >> $ ./configure --prefix=3D/usr/local --enable-layout=3DFreeBSD = --with-perl=3D/usr/local/bin/perl5.14.1 --with-port=3D80 = --with-expat=3D/usr/local --with-iconv=3D/usr/local --enable-http = --with-pcre=3D/usr/local --with-apr=3D/usr/local/bin/apr-1-config = --with-apr-util=3D/usr/local/bin/apu-1-config --disable-authn-file = --disable-authn-default --disable-authz-host --disable-authz-groupfile = --disable-authz-user --disable-authz-default --disable-auth-basic = --disable-charset-lite --disable-include --disable-log-config = --disable-env --disable-setenvif --disable-mime --disable-status = --disable-autoindex --disable-asis --disable-cgid --disable-cgi = --disable-negotiation --disable-dir --disable-imagemap --disable-actions = --disable-userdir --disable-alias --disable-filter --disable-substitute = --disable-proxy --disable-proxy-connect --disable-proxy-ftp = --disable-proxy-http --disable-proxy-ajp --disable-proxy-balancer = --disable-proxy-scgi --disable-reqtimeout --enable-so = --enable-mods-shared=3Dauth_basic auth_digest authn_file authn_dbm = authn_anon authn_default authn_alias authz_host authz_groupfile = authz_user authz_dbm authz_owner authz_default cache disk_cache = file_cache dav dav_fs actions alias asis autoindex cern_meta cgi = charset_lite deflate dir dumpio env expires headers imagemap include = info log_config logio mime mime_magic negotiation rewrite setenvif = speling status unique_id userdir usertrack vhost_alias filter version = reqtimeout ssl --with-dbm=3Ddb185 --with-berkeley-db=3D/usr = --with-ssl=3D/usr --enable-v4-mapped --with-devrandom --with-mpm=3Dprefork= --prefix=3D/usr/local --mandir=3D/usr/local/man = --infodir=3D/usr/local/info/ --build=3Di386-portbld-freebsd8.2 >>=20 >>=20 >>> On 07/26/11 09:35, Jo Rhett wrote: >>>> I have a 6.3 system which I just upgraded to 8.2, and obviously = recompiled all ports from scratch. I cleared out the ports DB entirely, = cleared out /usr/local entirely except for etc/config files. Every = other port on the system recompiled fine, except for apache. It works = for everything except reading authentication files. I'd deeply = appreciate any assistance you can give to solving this. >>>>=20 >>>> For some reason I can't figure out, BDB authentication using the = built-in db 1.85 no longer works. >>>>=20 >>>> dbmmanage /path/to/file view/adduser/delete/etc works fine >>>> file /path/to/file >>>> /path/to/file: Berkeley DB 1.85 (Hash, version 2, native = byte-order) >>>>=20 >>>> Accessing from the web server always returns a 500 error with the = following in the error log: >>>> (2)No such file or directory: could not open dbm (type default) = auth file: /path/to/passwd.dat >>>>=20 >>>> I've recompiled apr and apache with a variety of different options, = and nothing works. apr without any databases doesn't work. apr with BDB = doesn't work, etc. My options for apache have remained the same: >>>> APACHE_PORT=3Dwww/apache22 >>>> WITH_DBM=3Dbdb >>>> WITH_BDB_BASE=3Dyes >>>> =09 >>>> apr1$ make showconfig >>>> =3D=3D=3D> The following configuration options are available for = apr-ipv6-devrandom-db48-1.4.5.1.3.12: >>>> THREADS=3Don "Enable Threads in apr" >>>> IPV6=3Don "Enable IPV6 Support in apr" >>>> BDB=3Doff "Enable Berkley BDB support in apr-util" >>>> GDBM=3Doff "Enable GNU dbm support in apr-util" >>>> LDAP=3Doff "Enable LDAP support in apr-util" >>>> MYSQL=3Doff "Enable MySQL suport in apr-util" >>>> NDBM=3Doff "Enable NDBM support in apr-util" >>>> PGSQL=3Doff "Enable Postgresql suport in apr-util" >>>> SQLITE=3Doff "Enable SQLite3 support in apr-util" >>>> DEVRANDOM=3Don "Use /dev/random or compatible in apr" >>>> =3D=3D=3D> Use 'make config' to modify these settings >>>>=20 >>>> apache22$ make showconfig >>>> =3D=3D=3D> The following configuration options are available for = apache-2.2.19: >>>> THREADS=3Doff "Enable threads support in APR" >>>> MYSQL=3Doff "Enable MySQL support for apr-dbd" >>>> PGSQL=3Doff "Enable PostgreSQL support for apr-dbd" >>>> SQLITE=3Doff "Enable SQLite support for apr-dbd" >>>> IPV6=3Don "Enable IPv6 support" >>>> BDB=3Don "Enable BerkeleyDB dbm" >>>> AUTH_BASIC=3Don "Enable mod_auth_basic" >>>> AUTH_DIGEST=3Don "Enable mod_auth_digest" >>>> AUTHN_FILE=3Don "Enable mod_authn_file" >>>> AUTHN_DBD=3Doff "Enable mod_authn_dbd" >>>> AUTHN_DBM=3Don "Enable mod_authn_dbm" >>>> AUTHN_ANON=3Don "Enable mod_authn_anon" >>>> AUTHN_DEFAULT=3Don "Enable mod_authn_default" >>>> AUTHN_ALIAS=3Don "Enable mod_authn_alias" >>>> AUTHZ_HOST=3Don "Enable mod_authz_host" >>>> AUTHZ_GROUPFILE=3Don "Enable mod_authz_groupfile" >>>> AUTHZ_USER=3Don "Enable mod_authz_user" >>>> AUTHZ_DBM=3Don "Enable mod_authz_dbm" >>>> AUTHZ_OWNER=3Don "Enable mod_authz_owner" >>>> AUTHZ_DEFAULT=3Don "Enable mod_authz_default" >>>> CACHE=3Don "Enable mod_cache" >>>> DISK_CACHE=3Don "Enable mod_disk_cache" >>>> FILE_CACHE=3Don "Enable mod_file_cache" >>>> MEM_CACHE=3Doff "Enable mod_mem_cache" >>>> DAV=3Don "Enable mod_dav" >>>> DAV_FS=3Don "Enable mod_dav_fs" >>>> BUCKETEER=3Doff "Enable mod_bucketeer" >>>> CASE_FILTER=3Doff "Enable mod_case_filter" >>>> CASE_FILTER_IN=3Doff "Enable mod_case_filter_in" >>>> EXT_FILTER=3Doff "Enable mod_ext_filter" >>>> LOG_FORENSIC=3Doff "Enable mod_log_forensic" >>>> OPTIONAL_HOOK_EXPORT=3Doff "Enable mod_optional_hook_export" >>>> OPTIONAL_HOOK_IMPORT=3Doff "Enable mod_optional_hook_import" >>>> OPTIONAL_FN_IMPORT=3Doff "Enable mod_optional_fn_import" >>>> OPTIONAL_FN_EXPORT=3Doff "Enable mod_optional_fn_export" >>>> LDAP=3Doff "Enable mod_ldap" >>>> AUTHNZ_LDAP=3Doff "Enable mod_authnz_ldap" >>>> ACTIONS=3Don "Enable mod_actions" >>>> ALIAS=3Don "Enable mod_alias" >>>> ASIS=3Don "Enable mod_asis" >>>> AUTOINDEX=3Don "Enable mod_autoindex" >>>> CERN_META=3Don "Enable mod_cern_meta" >>>> CGI=3Don "Enable mod_cgi" >>>> CHARSET_LITE=3Don "Enable mod_charset_lite" >>>> DBD=3Doff "Enable mod_dbd" >>>> DEFLATE=3Don "Enable mod_deflate" >>>> DIR=3Don "Enable mod_dir" >>>> DUMPIO=3Don "Enable mod_dumpio" >>>> ENV=3Don "Enable mod_env" >>>> EXPIRES=3Don "Enable mod_expires" >>>> HEADERS=3Don "Enable mod_headers" >>>> IMAGEMAP=3Don "Enable mod_imagemap" >>>> INCLUDE=3Don "Enable mod_include" >>>> INFO=3Don "Enable mod_info" >>>> LOG_CONFIG=3Don "Enable mod_log_config" >>>> LOGIO=3Don "Enable mod_logio" >>>> MIME=3Don "Enable mod_mime" >>>> MIME_MAGIC=3Don "Enable mod_mime_magic" >>>> NEGOTIATION=3Don "Enable mod_negotiation" >>>> REWRITE=3Don "Enable mod_rewrite" >>>> SETENVIF=3Don "Enable mod_setenvif" >>>> SPELING=3Don "Enable mod_speling" >>>> STATUS=3Don "Enable mod_status" >>>> UNIQUE_ID=3Don "Enable mod_unique_id" >>>> USERDIR=3Don "Enable mod_userdir" >>>> USERTRACK=3Don "Enable mod_usertrack" >>>> VHOST_ALIAS=3Don "Enable mod_vhost_alias" >>>> FILTER=3Don "Enable mod_filter" >>>> SUBSTITUTE=3Doff "Enable mod_substitute" >>>> VERSION=3Don "Enable mod_version" >>>> PROXY=3Doff "Enable mod_proxy" >>>> PROXY_CONNECT=3Doff "Enable mod_proxy_connect" >>>> PATCH_PROXY_CONNECT=3Doff "Patch proxy_connect SSL support" >>>> PROXY_FTP=3Doff "Enable mod_proxy_ftp" >>>> PROXY_HTTP=3Doff "Enable mod_proxy_http" >>>> PROXY_AJP=3Doff "Enable mod_proxy_ajp" >>>> PROXY_BALANCER=3Doff "Enable mod_proxy_balancer" >>>> PROXY_SCGI=3Doff "Enable mod_proxy_scgi" >>>> SSL=3Don "Enable mod_ssl" >>>> SUEXEC=3Doff "Enable mod_suexec" >>>> SUEXEC_RSRCLIMIT=3Doff "SuEXEC rlimits based on login class" >>>> REQTIMEOUT=3Don "Enable mod_reqtimeout" >>>> CGID=3Doff "Enable mod_cgid" >>>> =3D=3D=3D> Use 'make config' to modify these settings >>>>=20 >>>>=20 >>>> As said above, I appreciate any assistance you can give. >>>>=20 >>>=20 >>>=20 >>> --=20 >>> = ------------------------------------------------------------------------ >>> 1024D/DB9B8C1C B90B FBC3 A3A1 C71A 8E70 3F8C 75B8 8FFB DB9B 8C1C >>> Philip M. Gollucci (pgollucci@p6m7g8.com) c: 703.336.9354 >>> VP Infrastructure, Apache Software Foundation >>> Committer, FreeBSD Foundation >>> Consultant, P6M7G8 Inc. >>> Sr. System Admin, Ridecharge Inc. >>>=20 >>> Work like you don't need the money, >>> love like you'll never get hurt, >>> and dance like nobody's watching. >>=20 >> --=20 >> Jo Rhett >> Net Consonance : consonant endings by net philanthropy, open source = and other randomness >>=20 >=20 > --=20 > Jo Rhett > Net Consonance : consonant endings by net philanthropy, open source = and other randomness >=20 > _______________________________________________ > freebsd-apache@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-apache > To unsubscribe, send any mail to = "freebsd-apache-unsubscribe@freebsd.org" --=20 Jo Rhett Net Consonance : consonant endings by net philanthropy, open source and = other randomness
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?BEA8B970-6C8F-4699-B857-910CAE2D60BF>