# Apache restarts but website is offline

## hajokries

Hi!

I have apache 2.0.58 running on an old gentoo kernel (2.4.29). I had to restart apache when I made little changes in the httpd.conf file. First I got the error message error while loading shared libraries: libexpat.so.0: cannot open shared object file: No such file or directory. I solved that by creating a symlink to libexpat.so. I know that this is not the perfect way to solve the problem but # revdep-rebuild --library libexpat.so.0 only yielded this message:

```

* Portage could not find any version of the following packages it could build:

 *  dev-libs/apr-util:0 net-analyzer/net-snmp:0 net-libs/gnutls:0 sys-devel/gettext:0 www-servers/apache:2

 *

 * (Perhaps they are masked, blocked, or removed from portage.)

 * Try to emerge them manually.

 *

 * Warning: Portage cannot rebuild any of the necessary packages.

```

After creating the symlink to libexpat.so, the apache2ctl commands worked. Then, after # apache2ctl restart, I didn't get an error message but the homepage was offline. I killed the apache2 process and started again but nothing changed.

I am anything else than a gentoo/linux expert. Can anybody help me?

Thx!

Hajo

----------

## mikegpitt

Apache does indeed depend on expat, and if you upgraded expat from the 1.x branch to the 2.x branch this would cause the breakage.  You probably had a delayed effect since apache was still using the old files until the process was quit (when you restarted the server).

Long story short, you should be able to get apache working again by re-emerging it (`emerge apache`).  You might also want to run an (`emerge -Du apache`), but I understand that if this is a production machine you might not want to go though a longer update process.

Revdep-rebuild should have found the breakages.  I would remove / change your symlink back to how it was, and then run this again:

```
revdep-rebuild -pi --library libexpat.so.0
```

The -i will ignore previous saved revdep-rebuilds, which might have been affecting your output (-p is pretend).  If that doesn't work you might just want to try a regular `revdep-rebuild -ip`.  The expat update will break a lot of packages so it is good to ensure everything is sane on your system in addition to apache.

----------

## hajokries

Okay.

When I try emerge, I get this:

```
root@xxx lib # emerge -p apache

These are the packages that would be merged, in order:

Calculating dependencies... done!

!!! All ebuilds that could satisfy "www-servers/apache" have been masked.

!!! One of the following masked packages is required to complete your request:

- www-servers/apache-2.2.13 (masked by: missing keyword)

- www-servers/apache-2.2.12 (masked by: missing keyword)

- www-servers/apache-2.2.11-r3 (masked by: missing keyword)

- www-servers/apache-2.2.11-r2 (masked by: missing keyword)
```

How can I re-emerge apache then? The problem is indeed that I can not apply too fundamental changes on the server because it is permanently needed and with all the outdated packages it would probably not even survive a restart. Not to have the homepage is bad enough...

The same with 

```
root@xxx lib # revdep-rebuild -pi
```

After tons of broken dependencies, he says:

```

 ...

 *   /usr/sbin/httxt2dbm -> www-servers/apache

 *   /usr/sbin/logresolve2 -> www-servers/apache

 *   /usr/sbin/rotatelogs2 -> www-servers/apache

 * Generated new 4_raw.rr and 4_owners.rr

 * Cleaning list of packages to rebuild

 * Generated new 4_pkgs.rr

 * Assigning packages to ebuilds

 * Generated new 4_ebuilds.rr

 * Evaluating package order

 *

 * Portage could not find any version of the following packages it could build:

 *  dev-libs/apr-util:0 net-analyzer/net-snmp:0 net-libs/gnutls:0 sys-devel/gettext:0 www-servers/apache:2

 *

 * (Perhaps they are masked, blocked, or removed from portage.)

 * Try to emerge them manually.

 *

 * Warning: Portage cannot rebuild any of the necessary packages.
```

Thank you for your help!

----------

## mikegpitt

I'm thinking that the missing keywords is due to a bad make.conf and/or an outdated sync and portage version.

Try this:

```
emerge --sync

emerge portage
```

Can you post your emerge --info output?

To fix the expat update there's not much that can be done except update all packages affected.  As you can see from your revdep-rebuild output that a variety of older packages (apr-util, net-snmp, gnutls, etc...) that were affected are no longer in portage and should be upgraded.

Revdep-rebuild should give a listing of all packages that it wants to emerge (including slot) in it's temporary output dir.  I *think* they are stored in /var/run/revdep-rebuild/4_ebuilds.rr, but I'm not 100% sure on the path.  If the package is no longer in portage I recommend installing the latest version.

----------

## elissoncosta

hajokries,

Remove the link created for the library expat.

Rebuid the package expat:

# emerge -v --oneshot dev-lib/expat

--

Elisson Costa

----------

## hajokries

That is the output of emerge --info:

```
root@xxx etc # emerge --info

Portage 2.1.6.13 (features/no-nptl, gcc-3.4.6, glibc-2.3.4.20040808-r1, 2.4.29 i686)

=================================================================

System uname: Linux-2.4.29-i686-Intel-R-_Xeon-TM-_CPU_2.00GHz-with-glibc2.0

Timestamp of tree: Thu, 17 Sep 2009 18:30:01 +0000

app-shells/bash:     3.2_p39

dev-java/java-config: 2.1.7

dev-lang/python:     2.4.3-r4, 2.5.4-r3

sys-apps/baselayout: 1.12.11.1

sys-apps/sandbox:    1.6-r2

sys-devel/autoconf:  2.13, 2.63

sys-devel/automake:  1.4_p6, 1.5, 1.6.3, 1.7.9, 1.8.5-r3, 1.9.6-r2, 1.10.2

sys-devel/binutils:  2.18-r3

sys-devel/gcc-config: 1.4.1

sys-devel/libtool:   1.4.3-r4, 1.5.26

virtual/os-headers:  2.4.19-r1, 2.4.22-r1

CBUILD="i686-pc-linux-gnu"

CFLAGS="-march=pentium4 -O2 -pipe"

CHOST="i686-pc-linux-gnu"

CONFIG_PROTECT="/etc"

CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo"

CXXFLAGS=""

DISTDIR="/usr/portage/distfiles"

FEATURES="distlocks fixpackages parallel-fetch protect-owned sandbox sfperms strict unmerge-orphans userfetch"

GENTOO_MIRRORS="ftp://sunsite.cnlab-switch.ch/mirror/gentoo http://gentoo.oregonstate.edu/ http://www.ibiblio.org/pub/Linux/distributions/gentoo"

LDFLAGS=""

MAKEOPTS="-j3"

PKGDIR="/usr/portage/packages"

PORTAGE_CONFIGROOT="/"

PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"

PORTAGE_TMPDIR="/var/tmp"

PORTDIR="/usr/portage"

SYNC="rsync://rsync.gentoo.org/gentoo-portage"

USE="apache2 cups gd gdbm gif imlib jpeg ldap libwww maildir mmx mpm-prefork mysql ncurses pam pdflib perl png python samba slp sse ssl tcpd tiff vhosts wmf x86 zlib"

Unset:  ACCEPT_KEYWORDS, CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LANG, LC_ALL, LINGUAS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, PORTDIR_OVERLAY

```

Do I have the emerge problems because I have the no NPTL profile?

Neither can I emerge portage. emerge -p portage results in:

```
root@xxx ~ # emerge -p portage

These are the packages that would be merged, in order:

Calculating dependencies... done!

!!! All ebuilds that could satisfy "sys-apps/portage" have been masked.

!!! One of the following masked packages is required to complete your request:

- sys-apps/portage-2.2_rc40 (masked by: package.mask, missing keyword)

/usr/portage/profiles/package.mask:

# Zac Medico <zmedico@gentoo.org> (05 Jan 2009)

# Portage 2.2 is masked due to known bugs in the

# package sets and preserve-libs features.

- sys-apps/portage-2.2_rc39 (masked by: package.mask, missing keyword)

- sys-apps/portage-2.2_rc33 (masked by: package.mask, missing keyword)

- sys-apps/portage-2.1.6.13 (masked by: missing keyword)

- sys-apps/portage-2.1.6.7 (masked by: missing keyword)

- sys-apps/portage-2.1.4.5 (masked by: missing keyword)

```

Can I change the profile without emerging portage before?

Sorry for my ignorance, thanks again for your help!   :Wink: 

----------

## mikegpitt

I think you might be missing your make.profile symlink:

```
/etc/make.profile -> ../usr/portage/profiles/default/linux/x86/10.0/desktop
```

The no-nptl profile doesn't exist anymore... your choices are 2008.0 or 10.0 (the latest).

I also see you are running ancient gcc and glibc versions.  Updating anything is going to be a nightmare with such old tools.

I would create the make.profile symlink and see if you can emerge apache.  There is also the question if you will be able to update at all.  I've seen a few threads recently with people updating from very old versions and running into problems with older portage version not being able to recognize some of the new enhancements to ebuilds, eclasses, etc.

I would also be concerned as to the state of security in your machine.  You might want to run a `glsa-check --list affected` and see what packages have security issues.  Glsa-check is from the gentoolkit package.

----------

## mikegpitt

Also... one more thing.  What version of expat is currently installed on your system?  You might just be better off installing an older version and forgetting about all these updates, since they might snowball very quickly and turn into a much larger project than you are after.

If you are on the 2.x branch, try to backtrack to a 1.x version and see if that fixes things.  Do you remember why/when you updated expat?

----------

## hajokries

If have no clue how to retrieve the version of expat but locate expat yields this:

```

...

/var/db/pkg/dev-libs/expat-2.0.1-r1

/var/db/pkg/dev-libs/expat-2.0.1-r1/PF

/var/db/pkg/dev-libs/expat-2.0.1-r1/USE

/var/db/pkg/dev-libs/expat-2.0.1-r1/EAPI

...

```

...so I guess it is 2.0.1-r1

I have no idea why expat was installed and when. I became admin of this system a couple of months ago whithout ever having typed a Linux commandline...

I will try to switch to the 2008.0 profile. Do you think there is a risk that the system crashes when I do that?

----------

## mikegpitt

 *hajokries wrote:*   

> I have no idea why expat was installed and when. I became admin of this system a couple of months ago whithout ever having typed a Linux commandline...
> 
> 

 

If you type in emerge -pv expat it will tell you the current version installed.  You can also find some extra info by searching though your /var/log/emerge.log.  I'm assuming expat was updated as a dependency due to another package being updated, but revdep-rebuild wasn't run after.

 *hajokries wrote:*   

> I will try to switch to the 2008.0 profile. Do you think there is a risk that the system crashes when I do that?

 

Changing to a new profile only tells portage to use a new directory for it's profile.  Old profiles are purged from portage about once every two years (with many warnings in the meantime that you are using a deprecated profile).

In this case I think it's a very good idea to drop back down to an older expat version... unfortunately they appear to have been removed from portage.

I have attached an ebuild here however, which can be used (if you don't know how to put the ebuild into a custom portage overlay let me know):

expat-1.95.8.ebuild

```
# Copyright 1999-2007 Gentoo Foundation

# Distributed under the terms of the GNU General Public License v2

# $Header: /var/cvsroot/gentoo-x86/dev-libs/expat/expat-1.95.8.ebuild,v 1.21 2007/02/11 14:28:12 grobian Exp $

inherit libtool multilib

DESCRIPTION="XML parsing libraries"

HOMEPAGE="http://expat.sourceforge.net/"

SRC_URI="mirror://sourceforge/expat/${P}.tar.gz"

LICENSE="as-is"

SLOT="0"

KEYWORDS="alpha amd64 arm hppa ia64 m68k mips ppc ppc64 s390 sh sparc x86"

IUSE="test"

DEPEND="test? ( >=dev-libs/check-0.8 )"

RDEPEND=""

src_unpack() {

    unpack ${A}

    cd "${S}"

    elibtoolize

}

src_test() {

    if ! use test && [[ -z $(best_version dev-libs/check) ]] ; then

        ewarn "You dont have USE=test and dev-libs/check is not installed."

        ewarn "src_test will be skipped."

        return 0

    fi

    make check || die "make check failed"

}

src_install() {

    einstall man1dir="${D}/usr/share/man/man1" || die "einstall failed"

    dosed /usr/$(get_libdir)/libexpat.la #81568

    dodoc Changes README

    dohtml doc/*

}

```

BTW - In general it might be a good idea to consider rebuilding your server at some point.  You will likely face a number of challenges when future modifications need to be made.

----------

## hajokries

OK. That looks promising, with the 2008.0 profile at least something works again:

emerge apache:

```
root@xxx dev-libs # emerge -uDp apache

These are the packages that would be merged, in order:

Calculating dependencies... done!

[ebuild     U ] dev-libs/expat-2.0.1-r2 [2.0.1-r1]

[ebuild     U ] sys-devel/gnuconfig-20090203 [20080928]

[ebuild     U ] app-shells/bash-4.0_p28 [3.2_p39] USE="net%*"

[ebuild     U ] net-misc/rsync-3.0.6 [3.0.5]

[ebuild     U ] sys-devel/autoconf-2.63-r1 [2.63]

[ebuild     U ] sys-devel/libtool-2.2.6a [1.5.26] USE="-test%"

[ebuild     U ] sys-libs/readline-6.0_p3 [5.2_p13]

[ebuild     U ] dev-libs/apr-1.3.8 [1.3.5] USE="-older-kernels-compatibility%"

[ebuild     U ] dev-libs/apr-util-1.3.9 [1.3.7]

[ebuild  N    ] app-admin/apache-tools-2.2.11  USE="ssl"

[ebuild     U ] www-servers/apache-2.2.11-r2 [2.0.58-r2] USE="-sni% -static% -suexec%" APACHE2_MODULES="actions%* alias%* auth_basic%* authn_alias%* authn_anon%* authn_dbm%* authn_default%* authn_file%* authz_dbm%* authz_default%* authz_groupfile%* authz_host%* authz_owner%* authz_user%* autoindex%* cache%* dav%* dav_fs%* dav_lock%* deflate%* dir%* disk_cache%* env%* expires%* ext_filter%* file_cache%* filter%* headers%* include%* info%* log_config%* logio%* mem_cache%* mime%* mime_magic%* negotiation%* rewrite%* setenvif%* speling%* status%* unique_id%* userdir%* usertrack%* vhost_alias%* -asis% -auth_digest% -authn_dbd% -cern_meta% -charset_lite% -dbd% -dumpio% -ident% -imagemap% -log_forensic% -proxy% -proxy_ajp% -proxy_balancer% -proxy_connect% -proxy_ftp% -proxy_http% -substitute% -version%" APACHE2_MPMS="-event% -itk% -peruser% -prefork% -worker%"

[blocks b     ] <www-servers/apache-2.2.4 ("<www-servers/apache-2.2.4" is blocking app-admin/apache-tools-2.2.11)

[ebuild     U ] sys-apps/coreutils-7.4 [7.1]

[ebuild     U ] app-admin/eselect-1.1.3 [1.1.1]

[ebuild     U ] app-admin/eselect-python-20090824 [20090606]

[ebuild  NS   ] dev-lang/python-2.6.2-r1 [2.4.3-r4, 2.5.4-r3] USE="gdbm ncurses readline ssl threads xml -berkdb -build -doc -examples -ipv6 -sqlite -tk -ucs2 -wininst"

[ebuild     U ] dev-libs/libxml2-2.7.3-r2 [2.7.3]

[ebuild     U ] sys-apps/file-5.03 [4.23]

[ebuild     U ] app-admin/python-updater-0.7 [0.5]
```

but

```
root@xxx # revdep-rebuild -i --library=libexpat.so.0
```

still did not solve the problem.

----------

## mikegpitt

You will actually need to emerge apache... you added the -p flag which is pretend.

Do this:

```
emerge apache

or

emerge -Du apache
```

Revdep-rebuild is still probably failing since it wants to rebuild old ebuilds that are no longer in portage.

----------

## hajokries

OK, I tried to emerge apache and followed the ugrading handbook (http://www.gentoo.org/proj/en/apache/doc/upgrading.xml), but now I get this error:

```

* Selected default MPM: prefork

 *

 * Module 'deflate' depends on 'filter'

 *

 * ERROR: www-servers/apache-2.2.11-r2 failed.

 * Call stack:

 *               ebuild.sh, line   49:  Called pkg_setup

 *               ebuild.sh, line 1273:  Called apache-2_pkg_setup

 *         apache-2.eclass, line  378:  Called setup_modules

 *         apache-2.eclass, line  295:  Called check_module_depends

 *         apache-2.eclass, line  203:  Called die

 * The specific snippet of code:

 *              die "invalid use flag combination"

 *  The die message:

 *   invalid use flag combination

```

----------

## mikegpitt

It looks like deflate is selected but not filter in your APACHE2_MODULES var.  Personally I leave that var as default and both are selected.  Do you have a conflicting var set in your /etc/make.conf?

----------

## hajokries

You are perfectly right, the filter module was missing in make.conf. I added it and emerge apache worked.

When I type apache2ctl restart now, I get this error message:

```
root@xxx conf # apache2ctl restart

 * Apache2 has detected a syntax error in your configuration files:

cannot set up thread-local storage: kernel too old for thread-local storage support
```

I hope there is a solution other than updating the kernel...

----------

## mikegpitt

 *hajokries wrote:*   

> You are perfectly right, the filter module was missing in make.conf. I added it and emerge apache worked.
> 
> When I type apache2ctl restart now, I get this error message:
> 
> ```
> ...

 This one I'm not sure about... you might need to update to a new kernel.  There are still a few 2.4 kernel sources in the vanilla-sources ebuild if you prefer it over a 2.6 kernel.

Another option is that you might want to try to disable thread support in apache with USE="-thread".

Also, try starting apache like this:

```
/etc/init.d/apache restart
```

----------

## hajokries

OK, I tried USE="-threads" emerge apache but the result is the same. Maybe I can downgrade again to an older version of apache.

----------

## mikegpitt

 *hajokries wrote:*   

> OK, I tried USE="-threads" emerge apache but the result is the same. Maybe I can downgrade again to an older version of apache.

 Hmm... maybe downgrading is your best option.  It looks like you are updating from version 2.0.58-r2, which is no longer in portage.  In fact no 2.0 version is in portage anymore.  I actually have the old ebuild still if you need it...  I would post immediately, but it's about 450 lines.

One concern about downgrading back to the old version is the potential security risks associated.

----------

## hajokries

A kernel update frightens me a bit. When apache doesn't restart (and we also have a problem with NFS), why should the rest of the software work fine? I can not do that at the moment.

I would really prefer the downgrade. Could you post an ebuild for the apache 2.0.x? How do I then get the ebuild into portage?

Thx.

----------

## mikegpitt

The ebuild is below, to make it work do this:

Add this line to your /etc/make.conf

```
PORTDIR_OVERLAY="/usr/local/portage"
```

Then copy the ebuild to this location (creating directories as needed):

```
cp apache-2.0.58-r2.ebuild  /usr/local/portage/www-servers/apache/apache-2.0.58-r2.ebuild

cd /usr/local/portage/www-servers/apache/

ebuild apache-2.0.58-r2.ebuild digest

```

Then you can emerge the older version:

```
emerge =apache-2.0.58-r2
```

I'm not sure if this ebuild needs extra patches... I can try and dig those up if you run into problems emerging.

apache-2.0.58-r2.ebuild:

```

# Copyright 1999-2007 Gentoo Foundation

# Distributed under the terms of the GNU General Public License v2

# $Header: /var/cvsroot/gentoo-x86/net-www/apache/apache-2.0.58-r2.ebuild,v 1.8 2007/01/28 20:00:32 chtekk Exp $

inherit eutils flag-o-matic gnuconfig multilib

# latest gentoo apache files

GENTOO_PATCHNAME="gentoo-apache-${PVR}"

GENTOO_PATCHSTAMP="20060726"

GENTOO_DEVSPACE="vericgar"

GENTOO_PATCHDIR="${WORKDIR}/${GENTOO_PATCHNAME}"

DESCRIPTION="The Apache Web Server"

HOMEPAGE="http://httpd.apache.org/"

SRC_URI="mirror://apache/httpd/httpd-${PV}.tar.bz2

    http://dev.gentoo.org/~${GENTOO_DEVSPACE}/dist/apache/${GENTOO_PATCHNAME}-${GENTOO_PATCHSTAMP}.tar.bz2"

LICENSE="Apache-2.0"

SLOT="2"

KEYWORDS="alpha amd64 arm hppa ia64 mips ppc ppc64 s390 sh sparc x86 ~x86-fbsd"

IUSE="apache2 debug doc ldap mpm-itk mpm-leader mpm-peruser mpm-prefork mpm-threadpool mpm-worker ssl static-modules threads selinux"

RDEPEND="dev-lang/perl

    =dev-libs/apr-0*

    =dev-libs/apr-util-0*

    dev-libs/expat

    app-misc/mime-types

    sys-libs/zlib

    mpm-itk? ( sys-libs/libcap )

    ssl? ( dev-libs/openssl )

    selinux? ( sec-policy/selinux-apache )

    !mips? ( ldap? ( =net-nds/openldap-2* ) )"

DEPEND="${RDEPEND}

    >=sys-devel/autoconf-2.59-r4"

S="${WORKDIR}/httpd-${PV}"

big_fat_warnings() {

    if use ldap && ! built_with_use 'dev-libs/apr-util' ldap; then

        eerror "dev-libs/apr-util is missing LDAP support. For apache to have"

        eerror "ldap support, apr-util must be built with the ldap USE-flag"

        eerror "enabled."

        die "ldap USE-flag enabled while not supported in apr-util"

    fi

    if use mpm-peruser || use mpm-itk; then

        ewarn "-BIG- -FAT- -WARNING-"

        ewarn

        ewarn "The peruser (USE=mpm-peruser) and itk (USE=mpm-itk) MPMs are considered"

        ewarn "highly experimental and are not (yet) supported, nor are they recommended"

        ewarn "for production use. You have been warned!"

        ewarn

        ewarn "Continuing in 5 seconds ..."

        sleep 5

    fi

}

pkg_setup() {

    big_fat_warnings

    select_mpms

    # setup apache user and group

    enewgroup apache 81

    enewuser apache 81 -1 /var/www apache

}

src_unpack() {

    unpack ${A} || die

    cd ${S} || die

    # Use correct multilib libdir in gentoo patches

    sed -i -e "s:/usr/lib:/usr/$(get_libdir):g" \

        ${GENTOO_PATCHDIR}/{conf/httpd.conf,init/*,patches/config.layout} \

        || die "sed failed"

    EPATCH_SUFFIX="patch"

    epatch ${GENTOO_PATCHDIR}/patches/[0-9]* || die "internal ebuild error"

    # avoid utf-8 charset problems

    export LC_CTYPE=C

    # setup the filesystem layout config

    cat ${GENTOO_PATCHDIR}/patches/config.layout >> config.layout

    sed -i -e 's:version:${PF}:g' config.layout

    # peruser need to build conf

    WANT_AUTOCONF=2.5 ./buildconf || die "buildconf failed"

}

src_compile() {

    # bug 128505

    filter-ldflags -Wl,--as-needed --as-needed

    # actually we do not provide a very dynamic way of those vars

    # however, you may predefine them in shell before emerging

    # to override the official default locations

    # standard location for Gentoo Linux

    USERDIR="${USERDIR:-public_html}"

    einfo "USERDIR is set to: ${USERDIR}"

    select_mpms

    # Detect mips and uclibc systems properly

    gnuconfig_update

    local modtype

    if useq static-modules; then

        modtype="static"

    else

        modtype="shared"

    fi

    select_modules_config || die "determining modules"

    local myconf

    useq ldap && myconf="${myconf} --enable-auth-ldap=${modtype} --enable-ldap=${modtype}"

    useq ssl && myconf="${myconf} --with-ssl=/usr  --enable-ssl=${modtype}"

    useq ssl || myconf="${myconf} --disable-ssl"

    # Fix for bug #24215 - robbat2@gentoo.org, 30 Oct 2003

    # We pre-load the cache with the correct answer!  This avoids

    # it violating the sandbox.  This may have to be changed for

    # non-Linux systems or if sem_open changes on Linux.  This

    # hack is built around documentation in /usr/include/semaphore.h

    # and the glibc (pthread) source

    echo 'ac_cv_func_sem_open=${ac_cv_func_sem_open=no}' >> ${S}/config.cache

# no more USE=no-suexec because of bug 148082

# see the 2.2 ebuilds for how this can be done cleanly with a working system

# "out of the box"

#   if useq no-suexec; then

#       myconf="${myconf} --disable-suexec"

#   else

        myconf="${myconf}

                --with-suexec-safepath="/usr/local/bin:/usr/bin:/bin" \

                --with-suexec-logfile=/var/log/apache2/suexec_log \

                --with-suexec-bin=/usr/sbin/suexec2 \

                --with-suexec-userdir=${USERDIR} \

                --with-suexec-caller=apache \

                --with-suexec-docroot=/var/www \

                --with-suexec-uidmin=1000 \

                --with-suexec-gidmin=100 \

                --with-suexec-umask=077 \

                --enable-suexec=shared"

#   fi

    # common confopts

    myconf="${myconf} \

            --with-apr=/usr \

            --with-apr-util=/usr \

            --cache-file=${S}/config.cache \

            --with-perl=/usr/bin/perl \

            --with-expat=/usr \

            --with-z=/usr \

            --with-port=80 \

            --enable-layout=Gentoo \

            --with-program-name=apache2 \

            --with-devrandom=/dev/urandom \

            --host=${CHOST} ${MY_BUILTINS}"

    # debugging support

    if useq debug ; then

        myconf="${myconf} --enable-maintainer-mode"

    fi

    ./configure --with-mpm=${mpm} ${myconf} ${EXTRA_ECONF} || die "bad ./configure please submit bug report to bugs.gentoo.org. Include your config.layout and config.log"

    # we don't want to try and recompile the ssl_expr_parse.c file, because

    # the lex source is broken

    touch modules/ssl/ssl_expr_scan.c

    # as decided on IRC-AGENDA-10.2004, we use httpd.conf as standard config file name

    sed -i -e 's:apache2\.conf:httpd.conf:' include/ap_config_auto.h

    emake || die "problem compiling apache2"

    # build ssl version of apache bench (ab-ssl)

    if useq ssl; then

        cd support

        rm -f ab .libs/ab ab.lo ab.o

        make ab CFLAGS="${CFLAGS} -DUSE_SSL -lcrypto -lssl -I/usr/include/openssl -L/usr/$(get_libdir)" || die

        mv ab ab-ssl

        rm -f ab.lo ab.o

        make ab || die

    fi

}

src_install () {

    # general install

    make DESTDIR=${D} install || die

    dodoc ABOUT_APACHE CHANGES INSTALL LAYOUT LICENSE README* ${GENTOO_PATCHDIR}/docs/robots.txt

    # protect the suexec binary

#   if ! useq no-suexec; then

        fowners root:apache /usr/sbin/suexec

        fperms 4710 /usr/sbin/suexec

#   fi

    # apxs needs this to pickup the right lib for install

    dosym /usr/$(get_libdir) /usr/$(get_libdir)/apache2/lib

    dosym /var/log/apache2 /usr/$(get_libdir)/apache2/logs

    dosym /etc/apache2 /usr/$(get_libdir)/apache2/conf

    # Credits to advx.org people for these scripts. Heck, thanks for

    # the nice layout and everything else ;-)

    exeinto /usr/sbin

    for i in apache2logserverstatus apache2splitlogfile; do

        doexe ${GENTOO_PATCHDIR}/scripts/${i}

    done

    # gentestcrt.sh only if USE=ssl

    useq ssl && doexe ${GENTOO_PATCHDIR}/scripts/gentestcrt.sh

    # some more scripts

    for i in split-logfile list_hooks.pl logresolve.pl log_server_status; do

        doexe ${S}/support/${i}

    done

    # the ssl version of apache bench

    useq ssl && doexe support/ab-ssl

    # install mpm bins

    doexe ${S}/apache2

    # modules.d config file snippets

    insinto /etc/apache2/modules.d

    doins ${GENTOO_PATCHDIR}/conf/modules.d/45_mod_dav.conf

    useq ldap && doins ${GENTOO_PATCHDIR}/conf/modules.d/46_mod_ldap.conf

    if useq ssl; then

        doins ${GENTOO_PATCHDIR}/conf/modules.d/40_mod_ssl.conf

        doins ${GENTOO_PATCHDIR}/conf/modules.d/41_mod_ssl.default-vhost.conf

    fi

    # drop in a convenient link to the manual

    if useq doc; then

        insinto /etc/apache2/modules.d

        doins ${GENTOO_PATCHDIR}/conf/modules.d/00_apache_manual.conf

        sed -i -e "s:2.0.49:${PVR}:" ${D}/etc/apache2/modules.d/00_apache_manual.conf

    else

        rm -rf ${D}/usr/share/doc/${PF}/manual

    fi

    # SLOT=2

    cd ${D}

    for i in htdigest htpasswd logresolve apxs ab rotatelogs dbmmanage checkgid split-logfile; do

        mv -v usr/sbin/${i} usr/sbin/${i}2

    done

    mv -v usr/sbin/apachectl usr/sbin/apache2ctl

    mv -v usr/sbin/list_hooks.pl usr/sbin/list_hooks2.pl

    mv -v usr/sbin/logresolve.pl usr/sbin/logresolve2.pl

    useq ssl && mv -v usr/sbin/ab-ssl usr/sbin/ab2-ssl

#   useq no-suexec || 

    mv -v usr/sbin/suexec usr/sbin/suexec2

    # do the man pages

    for i in htdigest.1 htpasswd.1 dbmmanage.1; do

        mv -v usr/share/man/man1/${i} usr/share/man/man1/${i/./2.}

    done

    for i in ab.8 apxs.8 logresolve.8 rotatelogs.8; do

        mv -v usr/share/man/man8/${i} usr/share/man/man8/${i/./2.}

    done

    #useq no-suexec || 

    mv -v usr/share/man/man8/suexec.8 usr/share/man/man8/suexec2.8

    mv -v usr/share/man/man8/apachectl.8 usr/share/man/man8/apache2ctl.8

    mv -v usr/share/man/man8/httpd.8 usr/share/man/man8/apache2.8

    # tidy up

    mv usr/sbin/envvars* usr/$(get_libdir)/apache2/build

    dodoc etc/apache2/*-std.conf

    rm -f etc/apache2/*.conf

    rm -f etc/apache2/mime.types

    rm -rf var/run var/log

    # the default webroot gets stored in /usr/share/doc

    einfo "Installing default webroot to /usr/share/doc/${PF}"

    mv ${D}/var/www/localhost ${D}/usr/share/doc/${PF}/webroot

    # config files

    newconfd ${GENTOO_PATCHDIR}/init/apache2.confd apache2

    newinitd ${GENTOO_PATCHDIR}/init/apache2.initd apache2

    insinto /etc/logrotate.d

    newins ${GENTOO_PATCHDIR}/scripts/apache2-logrotate apache2

    insinto /etc/apache2

    doins ${GENTOO_PATCHDIR}/conf/apache2-builtin-mods

    doins ${GENTOO_PATCHDIR}/conf/httpd.conf

    insinto /etc/apache2/vhosts.d

    doins ${GENTOO_PATCHDIR}/conf/vhosts.d/00_default_vhost.conf

    keepdir /etc/apache2/vhosts.d

    keepdir /etc/apache2/modules.d

    # fix bug 92348

    fperms 755 /usr/sbin/apache2logserverstatus

    fperms 755 /usr/sbin/apache2splitlogfile

    # empty dirs

    for i in /var/lib/dav /var/log/apache2 /var/cache/apache2; do

        keepdir ${i}

        fowners apache:apache ${i}

        fperms 755 ${i}

    done

    # We'll be needing /etc/apache2/ssl if USE=ssl

    useq ssl && keepdir /etc/apache2/ssl

}

pkg_postinst() {

    # Automatically generate test ceritificates if ssl USE flag is being set

    if useq ssl -a !-e ${ROOT}/etc/apache2/ssl/server.crt; then

        cd ${ROOT}/etc/apache2/ssl

        einfo

        einfo "Generating self-signed test certificate in /etc/apache2/ssl..."

        yes "" 2>/dev/null | \

            ${ROOT}/usr/sbin/gentestcrt.sh >/dev/null 2>&1 || \

            die "gentestcrt.sh failed"

        einfo

    fi

    # we do this here because the default webroot is a copy of the files

    # that exist elsewhere and we don't want them managed/removed by portage

    # when apache is upgraded.

    if [ -e "${ROOT}/var/www/localhost" ]; then

        einfo "The default webroot has not been installed into"

        einfo "${ROOT}/var/www/localhost because the directory already exists"

        einfo "and we do not want to overwrite any files you have put there."

        einfo

        einfo "If you would like to install the latest webroot, please run"

        einfo "emerge --config =${PF}"

    else

        einfo "Installing default webroot to ${ROOT}/var/www/localhost"

        mkdir -p ${ROOT}/var/www/localhost

        cp -r ${ROOT}/usr/share/doc/${PF}/webroot/* ${ROOT}/var/www/localhost

        chown -R apache: ${ROOT}/var/www/localhost

    fi

    # Check for dual/upgrade install

    if has_version '=net-www/apache-1*' || ! use apache2 ; then

        ewarn

        ewarn "Please add the 'apache2' flag to your USE variable and (re)install"

        ewarn "any additional DSO modules you may wish to use with Apache-2.x."

        ewarn "Addon modules are configured in /etc/apache2/modules.d/"

        ewarn

    fi

    # Check for obsolete symlinks

    local list=""

    for i in lib logs modules extramodules; do

        local d="/etc/apache2/${i}"

        [ -s "${d}" ] && list="${list} ${d}"

    done

    [ -n "${list}" ] && einfo "You should delete these old symlinks: ${list}"

    if has_version '<net-www/apache-2.0.54-r30' && has_version '>=net-www/apache-2.0.0' ; then

        einfo "Configuration locations have changed, you will need to migrate"

        einfo "your configuration from /etc/apache2/conf/apache2.conf and"

        einfo "/etc/apache2/conf/commonapache2.conf to /etc/apache2/httpd.conf."

        einfo

        einfo "Apache now checks for the old configuration and refuses to start"

        einfo "if it exists. You must remove the old configuration first"

        einfo

        einfo "You should also at this time rebuild all your modules"

        einfo

        einfo "For more information, see"

        einfo "    http://www.gentoo.org/doc/en/apache-upgrading.xml"

        einfo

    fi

    big_fat_warnings

}

pkg_config() {

    einfo "Installing default webroot to ${ROOT}/var/www/localhost"

    mkdir -p ${ROOT}/var/www/localhost

    cp -r ${ROOT}/usr/share/doc/${PF}/webroot/* ${ROOT}/var/www/localhost

    chown -R apache: ${ROOT}/var/www/localhost

}

mpm_die() {

    eerror "You attempted to specify the MPM $1, but MPM $2 was already specified."

    eerror "The apache ebuilds no longer support multiple MPM installations.  Please choose"

    eerror "one MPM and reinstall."

    die "More than one MPM was specified."

}

select_mpms() {

    mpm=""

    for trympm in prefork worker peruser threadpool leader itk; do

        if useq mpm-${trympm}; then

            if [ "x${mpm}" = "x" ]; then

                mpm=${trympm}

            else

                mpm_die ${trympm} ${mpm}

            fi

        fi

    done

    if [ "x${mpm}" = "x" ]; then

        if useq threads; then

            einfo "Threads specified without a mpm-specification, using mpm-worker."

            mpm="worker"

        else

            einfo "No MPM style was specified, defaulting to mpm-prefork."

            mpm="prefork"

        fi

    fi

}

parse_modules_config() {

    local name=""

    local disable=""

    [ -f ${1} ] || return 1

    for i in `cat $1 | sed "s/^#.*//"`; do

        if [ $i == "-" ]; then

            disable="true"

        elif [ -z "$name" ] && [ ! -z "`echo $i | grep "mod_"`" ]; then

            name=`echo $i | sed "s/mod_//"`

        elif [ "$disable" ] && ( [ $i == "static" ] || [ $i == "shared" ] ); then

            MY_BUILTINS="${MY_BUILTINS} --disable-$name"

            name="" ; disable=""

        elif [ $i == "static" ] || useq static-modules; then

            MY_BUILTINS="${MY_BUILTINS} --enable-$name=yes"

            name="" ; disable=""

        elif [ $i == "shared" ]; then

            MY_BUILTINS="${MY_BUILTINS} --enable-$name=shared"

            name="" ; disable=""

        fi

    done

    einfo "${1} options:\n${MY_BUILTINS}"

}

select_modules_config() {

    parse_modules_config /etc/apache2/apache2-builtin-mods || \

    parse_modules_config ${GENTOO_PATCHDIR}/conf/apache2-builtin-mods || \

    return 1

}

# vim:ts=4

```

----------

## Mousee

Just FYI, and this is something I recently discovered too, instead of copy/pasting the entire ebuild here you could just link to the CVS source. It's really quite useful for digging up old ebuilds no longer in portage.  :Very Happy: 

And saves everyone some scrolling time heh

----------

## mikegpitt

 *Mousee wrote:*   

> Just FYI, and this is something I recently discovered too, instead of copy/pasting the entire ebuild here you could just link to the CVS source. It's really quite useful for digging up old ebuilds no longer in portage. 
> 
> And saves everyone some scrolling time heh

 Nice!  I didn't know that was there.  It looks like a great resource for archived ebuilds.  A few times in the past I wanted to refer to an ebuild no longer in portage and that I didn't have a copy of.

----------

## hajokries

OK. That's done. I emerged apache-2.0.58-r2 and expat-1.95.8. 

It is kind of funny. With expat-2.x, apache was missing libexpat.so.0, now it is missing libexpat.so.1:

```
root@xxx lib # apache2ctl -v

/usr/sbin/apache2: error while loading shared libraries: libexpat.so.1: cannot open shared object file: No such file or directory

```

And

```

root@xxx lib # revdep-rebuild -p --library libexpat.so.1
```

only proposes to emerge the new packages that won't work with the old kernel. Maybe I can find an apache version that works with the old kernel AND with the new expat.

----------

## mikegpitt

What order did you emerge those packages in?  You will need to emerge expat-1.x then apache2.0.x, or else apache will be built against expat-2.x...

----------

## hajokries

 *Quote:*   

> What order did you emerge those packages in?

 

In the wrong order. That was stupid. The libexpat problem could be solved by first emerging the old expat-1.95.8, then installing apache-2.0.58-r2. 

Then I got a new error message on starting apache:

Cannot load /usr/lib/apache2/modules/libphp5.so into server: libltdl.so.3: cannot open shared object file: No such file or directory

That could be solved by emerging libtool and php. Now, apache starts:

```
root@xxx # /etc/init.d/apache2 start

 * Starting apache2 ...                                                              [ ok ]
```

But the homepage stays offline. I don't get that. Two days ago, apache was running with the same version and the same httpd.conf. When I try to access the homepage in a browser, I do not get the error screen, but he tries to load something. Apache seems to run but it doesn't do its job.

----------

## mikegpitt

 *hajokries wrote:*   

> But the homepage stays offline. I don't get that. Two days ago, apache was running with the same version and the same httpd.conf. When I try to access the homepage in a browser, I do not get the error screen, but he tries to load something. Apache seems to run but it doesn't do its job.

 It looks like we are making some good progress   :Smile: 

Does any page load?  How about just a simple index.html that says "Hello world"?

If the hello world does load, what language is your webpage written in?

----------

## hajokries

When I put an index.html into the DocumentRoot specified in httpd.conf only containing hello world, still nothing loads.

But anyway, the good old index.html I am missing so much has this doctype:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" 

Can it be outdated etc config files that cause the problem? In etc-update, I see a lot related to apache2:

```
 2) /etc/apache2/vhosts.d/00_default_vhost.conf (1)

 3) /etc/apache2/modules.d/40_mod_ssl.conf (1)

 4) /etc/apache2/modules.d/45_mod_dav.conf (1)

 5) /etc/apache2/modules.d/46_mod_ldap.conf (1)

 6) /etc/DIR_COLORS (1)

 7) /etc/analog/analog.cfg (1)

 8) /etc/conf.d/apache2 (1)

 9) /etc/init.d/apache2 (1)

10) /etc/conf.d/apache2 (1)
```

Thanks so far, I have hope again!   :Wink: 

----------

## hajokries

Something else:

I find it strange that apache2 doesn't have the PID specified in /var/run/apache2.pid.

I get this for example:

```
root@xxx # lsof -i :80

COMMAND   PID USER   FD   TYPE     DEVICE SIZE NODE NAME

apache2 17438 root    3u  IPv4 1275195916       TCP *:www (LISTEN)

```

But in  /var/run/apache2.pid,it is written 7093.

So when I restart apache2, I always have to kill the process "by hand".

----------

## Mousee

 *hajokries wrote:*   

> Something else:
> 
> I find it strange that apache2 doesn't have the PID specified in /var/run/apache2.pid.
> 
> I get this for example:
> ...

 

Being that you haven't updated your init.d or conf.d scripts at the very least, I'd say it's not that strange.

I'd suggest backing up all of those config files (besides the init scripts) and go through them with dispatch-config to see what changes are going to be made and decide on which changes of your own you want to keep, and which ones should be updated. That's how I do it on my system anyways.

----------

## mikegpitt

Mousee's advice is good... use dispatch-conf or etc-update to ensure your configs are in order.

Can you telnet to port 80 on the target machine?  Try this:

```
telnet machine 80

GET / HTTP/1.0
```

That should pull down the HTML of your index.html webpage.  If it doesn't there might be an issue with the connection to the server vs the server serving up webpages.

----------

## hajokries

My problems were "solved" by a 4 hours power failure. Now the server is completely down and I have a good excuse to finally upgrade the kernel. If you have any advice for upgrading the kernel of a system that doesn't boot any more I am very grateful...   :Wink: 

Otherwise I would consider this thread as closed because my problems have nothing to do anymore with networking and security.

Thx anyways!

----------

