# How can I stay with Apache 1 in -u world?

## whit

When I do an "emerge -up world" it wants to upgrade to Apache 2 despite my USE including "-apache2". 

How do I effectively tell portage that I want to stay with the Apache 1 series? Apache 2 has a far worse record of recent security problems, may not be ready for prime time with PHP yet due to threading issues in libraries PHP uses, and isn't any faster except on Windows systems. Plus I have a lot of custom configuration in Apache 1 and I'm not interested in translating it into Apache 2's way of doing things, for such dubious gain.

Rant aside, does Gentoo continue to support Apache 1? If not, this is a serious shortcoming. If so, how do I tell it to leave 2 alone?

Thanks!

----------

## chris4linux

just remove the apache-line in

```

/var/cache/edb/world

```

and you will ever have apache1 when you try to update the world...

- Chris

----------

## whit

 *chris4linux wrote:*   

> just remove the apache-line in
> 
> ```
> 
> /var/cache/edb/world
> ...

 

Thanks, but....

What I'm hoping for is continued Gentoo support of Apache 1, and a way to select this through a USE flag. Apache 1 has not been discontinued by the Apache Foundation. It's still current software, still supported. Apache 2 is really a different program, built from a different code base. It will be some time before Apache 2 is the universal choice for production sites - at least a year or two is my guess.

So is Gentoo dropping Apache 1 support, or is it there but the USE flags for it just aren't implemented yet, or they're there but I don't know them?

----------

## SecMon

Does this mean that gentoo will no longer maintain apache 1.3.XX.

I thought that the whole point was that they could be maintained 

as two trees. Apache 2.0.XX is not ready for the real world yet.

Removing that line from the world file also removes further updates

on the 1.3.XX, I think something else is in order... Like making them

two different trees completely. Like they used to be.

-- Keath

----------

## xneilj

The PHP support for Apache2 is still classed as experimental and PHP explicitly warn you NOT to use Apache2 + PHP in a production environment...

Neil.

----------

## chris4linux

 *xneilj wrote:*   

> The PHP support for Apache2 is still classed as experimental and PHP explicitly warn you NOT to use Apache2 + PHP in a production environment...

 

I don't think so...the php/mysql support for apache2 is quite good and I have no errors or problems when I compare the apache 1.x and 2.x ...

- Chris

----------

## xneilj

 *Quote:*   

>  Do not use Apache 2.0 and PHP in a production environment neither on Unix nor on Windows.

 

That's from http://www.php.net/manual/en/install.apache2.php

Neil.

----------

## d0ct0rvenkman

 *whit wrote:*   

> When I do an "emerge -up world" it wants to upgrade to Apache 2 despite my USE including "-apache2". 
> 
> How do I effectively tell portage that I want to stay with the Apache 1 series? Apache 2 has a far worse record of recent security problems, may not be ready for prime time with PHP yet due to threading issues in libraries PHP uses, and isn't any faster except on Windows systems. Plus I have a lot of custom configuration in Apache 1 and I'm not interested in translating it into Apache 2's way of doing things, for such dubious gain.
> 
> Rant aside, does Gentoo continue to support Apache 1? If not, this is a serious shortcoming. If so, how do I tell it to leave 2 alone?
> ...

 

I'm definitely interested in NOT upgrading to apache2 as well... does anyone know how to tell portage not to upgrade to the 2.x series, and stay with 1.x? I've poked around the fourms a bit, and haven't found anything definitive...

----------

## chris4linux

and why are there modules to add them to apache2?   :Rolling Eyes:   :Confused:   :Confused: 

hmm...should I get back to apache1? or not? i don't know   :Crying or Very sad: 

- Chris

----------

## SecMon

Ok, so who do we need to contact with the gentoo group to get the 

problem solved. I bet it was just a mistake and he/she never meant 

to make apache 1.3.XX go into the weeds.

The other question is, or was, it a portage problem from the maintainer

side of the world that merged the 2.0.XX and 1.3.XX.

For all worried about it, just hang and let them fix the mess.

BTW, it looks like mysql is in the same boat... It jumped from 3.X.X to

4.X.X a the same time....

-- KeathLast edited by SecMon on Mon Jul 14, 2003 6:56 pm; edited 2 times in total

----------

## karl420

I dunno, but I'm having the same problem, so we should get this resolved. I don't want apache2 even installed on my system  :Wink: 

Karl

----------

## d0ct0rvenkman

 *SecMon wrote:*   

> Ok, so who do we need to contact with the gentoo group to get the 
> 
> problem solved. I bet it was just a mistake and he/she never meant 
> 
> to make apache 1.3.XX go into the weeds.
> ...

 

Yah... I'm not touching it until I see some sort of resolution... I'd also prefer not to upgrade to mysql 4, but that's not as big of an issue...

----------

## SecMon

FROM the irc #gentoo

*** bigwalls (~unknown@XXX>XXX>XXX) has joined #gentoo

 [bigwalls] qiuck question for the group, are you aware of the apache and mysql ver bumps

 <Narada> Yes.

 [bigwalls] and what is the time line to fixing it

 * bigwalls will post it to the forum (tpoic )

 <antifa> bigwalls, it's not getting fixed, apache2 and mysql4 are stable now

 [bigwalls] your kidding

 <antifa> bigwalls, you can emerge the older versions if you want, they are still in portage

 [bigwalls] antifa* is there a USE that should be in place to alow us to maintain using mysql 3  / apache 1

 <antifa> bigwalls, just don't type emerge world and walk away and you should be fine  :Smile: 

-- Keath  - getting worried

We need to contact the maintainers... who is it and what email to send

----------

## d0ct0rvenkman

 *SecMon wrote:*   

> FROM the irc #gentoo
> 
> *** bigwalls (~unknown@XXX>XXX>XXX) has joined #gentoo
> 
>  [bigwalls] qiuck question for the group, are you aware of the apache and mysql ver bumps
> ...

 

Wow, that's quite rediculous... there definitely needs to be some sort of use flag to keep apache2 off my system... I don't feel like messing with any configs...  :Wink: 

----------

## paranode

Go to /var/cache/edb/world, find the line that says net-www/apache and change it to <net-www/apache-2.0.  I think that will keep you upgraded to any Apache 1.x update with emerge world -U.

----------

## bsolar

About the apache2 and mysql4 bumps there have been  discussions about it in gentoo-dev and gentoo-user.

You can check the gentoo-user thread or the gentoo-dev one.

----------

## SecMon

Ok, so somebody is under the opinion that apache 1 and 2 is the same 

product, I would disagree with this on a few points. But, that is not for

here. 

When we picked an apache to build we picked apache 1.3.XX not apache

2.0.XX. It was not a very bright move to decide that we should all just

upgrade. We could have picked apache 2.0.XX when we did our builds. 

This is paramount to a kernel release; you dont just install 2.4.x over a 

2.0.x system and just think its going to just be ok.

The issue here is that there are four places where Gentoo communicates

with its users. This is a major problem to announce major changes like 

this. At least it should have been in the newsletter (The one place that all 

three groups should be reading).

They really messed up on this one.

-- Keath

----------

## paranode

 *SecMon wrote:*   

> The issue here is that there are four places where Gentoo communicates
> 
> with its users. This is a major problem to announce major changes like 
> 
> this. At least it should have been in the newsletter (The one place that all 
> ...

 

It is in the newsletter.  They didn't post it on the main site today though for some reason.  http://www.gentoo.org/news/en/gwn/20030714-newsletter.xml

----------

## d0ct0rvenkman

Yah, there's an answer linked in that newsletter... if you create the file '/etc/portage/profiles/package.mask' and put the following line in it, you should be all set...

   >=net-www/apache-2.0 

I guess it keeps any version of apache greater or equal to 2.0 masked, and therefore, it won't upgrade automatically. I just tried it, and it's wanting to upgrade me to 1.3.27-r3 instead of 2.0.whatever, so I guess it worked...  :Smile: 

It should also work for mysql for those who are interested...

   >=dev-db/mysql-4.0

Seems like a bit of a hack, but it seems to work... If anybody has anything nicer (like a use flag), be sure to post it here...  :Smile: 

----------

## bLanark

I too was worried. I use mod_perl, and my clients are still on 1.3.27. So I was disturbed when I noticed 2.0 was out. I haven't checked the status of mod_perl on 2.0, but there are differences, even if it is now "supported".

When you upgrade, 1.3.27 is still installed. AND there is a seperate script in /etc/init/d for apache and apache2. You may *install* apache2 by accident, but 1.3.27 is still installed, and 1.3.27 is still running. Apache2 will not be run unless you add apache2 to a runlevel or run "/etc/init.2/apache2 start" yourself. There is no real need to mask apache2 except to save time and bandwidth. 

Also, there's a seperate /etc/apache2 dir for all the apache2 stuff. The configurations don't share anything. 

Apart from making apache2 a seperate package, this is a pretty seamless transition. A lot of the comments from others look like FUD, before people checked out the details. Personally, all my probs were caused by not restarting mysql on my server (I don't do reboots) when it went to 4.0. 

The only issue for me is: will there be updates to 1.3.x, especially security ones? 

bL

----------

## SecMon

With all of this why could it not have been apache and apache2.

Or everyone that has apache gets moved to apache1. I think this

is a major issue, as what happens here will reflect to how people 

feel about this dist.

It really was not thought out very well.

As for the mention in the newsletter, it should have been higher up in the

newsletter. As the "Featured Developer of the Week" is much less 

important then a major change in the system as a whole. Easy fix is move

"Heard in the Community" up one section, so it's more pronounced.

-- Keath --- getting more worried about my choice of dists

----------

## CDLM

 *bLanark wrote:*   

> 
> 
> The only issue for me is: will there be updates to 1.3.x, especially security ones? 
> 
> bL

 

looks like they still are doing updates - apache1.3.27-r4 is an upgrade for me from 1.3.27-r3 and i installed only a week ago...

- Dave -

----------

## bsolar

 *CDLM wrote:*   

> looks like they still are doing updates - apache1.3.27-r4 is an upgrade for me from 1.3.27-r3 and i installed only a week ago...
> 
> 

 

According to the Apache Foundaton only security updates will be released for Apache 1.3:

 *http://httpd.apache.org/download.cgi wrote:*   

> The Apache 1.3 series is being actively maintained, but not actively developed. Releases will be made to address security issues, or after a comfortable number of bug fixes have been made. New features will more than likely not be added to 1.3 in preference to 2.0.
> 
> Use the Apache 1.3.27 version if you need to use third party modules that are not yet available as an Apache 2.0 module. Apache 1.3 is not compatibile with Apache 2.0 modules.

 

IMO the fact that Gentoo is providing Apache2 as default is the right thing to do and  after all if you want/need Apache 1.3 it's (and it will be) still available.

If there is a problem probably it's that Portage wants to install apache2 if you have apache1. A better way to address this might be interesting.

----------

## brownowl

 *Quote:*   

> If there is a problem probably it's that Portage wants to install apache2 if you have apache1. A better way to address this might be interesting.

 

I think "essential" is a better way to put it. I have many commercial servers running Gentoo Linux, and this is a major problem that needs to be addressed ASAP. Hacking workarounds aren't good enough, it needs to be a supported route.

Cheers, Laurie.

----------

## brownowl

 *Quote:*   

> Yah, there's an answer linked in that newsletter... if you create the file '/etc/portage/profiles/package.mask' and put the following line in it, you should be all set... 

 

Are you sure you don't mean '/usr/portage/profiles/package.mask'? [which already exists]

I have no such directory as /etc/portage on any of my machines.

Cheers, Laurie.

----------

## nikai

 *brownowl wrote:*   

>  *Quote:*   if you create the file '/etc/portage/profiles/package.mask' and put the following line in it, you should be all set...  
> 
> Are you sure you don't mean '/usr/portage/profiles/package.mask'?

 

Yes. Just create '/etc/portage/profiles/package.mask' with the above line(s).

Another way to block with rsync-excludes I described here: https://forums.gentoo.org/viewtopic.php?t=67665&highlight=

----------

## huffd

 *brownowl wrote:*   

>  *Quote:*   If there is a problem probably it's that Portage wants to install apache2 if you have apache1. A better way to address this might be interesting. 
> 
> I think "essential" is a better way to put it. I have many commercial servers running Gentoo Linux, and this is a major problem that needs to be addressed ASAP. Hacking workarounds aren't good enough, it needs to be a supported route.
> 
> Cheers, Laurie.

 

I concur, the sun don't shine where their head was on this one. Shows a great deal of lack of maturity on Gentoo's part. 

They (Gentoo) have to start looking at the big (corporate) picture if they are going to be considered for replacements of RPM (branded) distros.

----------

## Petyr

I think the last post goes a little far, however to a point I agree. Getting users to seriously consider Apache 2.0 is probably a very good thing in the long run, but there does need to be a support path to stay with Apache 1.3.x

This caused a small amount of panic for me as PHP still doesn't think Apache 2.0 + PHP is ready for production use. The corporate client trying to use Gentoo is well adviced to make that packages.mask file in order to protect themselves while Apache 2.0 and all the necessary module issues get cleaned up.

In support of this move I will say that for testing purposes this will end up helping both the Apache Foundation and The PHP Group immensily. I'm sure the number of bug reports they get (as well as flame mail) is going to sky rocket considering the user base that Gentoo has.

Ideally, an IT department would have the ability to do some testing of Apache 2.0 et al. on another system internally and can evaluate it's performance in comparision to their current systems. I suppose I should get off my lazy arse and do such a thing here at my work.

While I'm personally against a move to Apache 2.0 at the moment, I have yet to have Gentoo truly lead me astray. After I do some testing on my own, I will probably end up going with Apache 2.0, because big picture wise, that is where things are going to be moving.

Petyr Rahl

----------

## n0n

Whoa, everyone's up in arms.  This isn't a big deal.  Apache 1 remains installed, that's why they're in different SLOTs.  As someone else pointed out, you've still got Apache 1 installed and running, completely separated out.  Apache 2 will only start up if you don't want it to.

And if you want to save yourself the extra CPU cycles, you can always use the fix that was suggested in the newsletter.

In other words, there's nothing to see here, move along...

----------

## whit

 *n0n wrote:*   

> Whoa, everyone's up in arms.  This isn't a big deal.  Apache 1 remains installed...

 

Yeah, but then -u world shouldn't be considering Apache 2 an upgrade to Apache 1. That's sort of like considering vi an upgrade to pico - except in a universe where vi's only current advantage is running better on Windows.

I really want to thank y'all for follow up on this, btw. As for the news that new features won't be going into Apache 1, that's fine by me. It's a mature product. 

Gentoo is in many ways brilliant, aside from this sort of "upgrade" problem and the craziness of some of the "dependencies" (like Squirrel Mail - which runs as part of a Web server - having in its dependency list X - which there's no reason to run on a server at all - just because some user may be running a Web server on their local machine just to read their mail, and might be bothered if their browser doesn't have the very latest X behind it? Pretty remote!). 

For those who are tempted to just trust in Gentoology here, keep in mind that the problem with Apache 2 from PHP's perspective is that it depends on its modules all being thread safe, but PHP can be compiled to include libraries which are _not_ (and Gentoo's PHP compiles in a _very_ wide assortment of libraries). This means that what you'll be seeing, if you use PHP, may be very unpredictable and hard-to-trace crashes. If you're lucky, maybe none at all. But those of us used to leaving Apache servers running for many months without reboot will get very upset if it crashes at all - since Apache 1/PHP just _doesn't_.

----------

## nikai

 *whit wrote:*   

> Yeah, but then -u world shouldn't be considering Apache 2 an upgrade to Apache 1.

 

No, portage is'nt considering this an upgrade, but you are.

And I guess I'm starting to understand why.

What portage is trying to tell you, is that there is a new major version of a package, ready to fill an empty slot. That's it. No upgrade.

However, "emerge -pu world" gives you a "U" for that, which appears to confuse a lot of people, who think this would be an upgrade.

IMHO in such a situation (offer to fill an empty slot) it would be clearer to display a "N". Or would that confuse people just the same?   :Wink: 

----------

## Petyr

I think that would confuse me just as much initially.

Personally, if I knew I had apache installed and then I see apache coming up marked as N, there'd be a very loud "WTF!??" that would echo through my office. Perhaps if it's marked an NU, that would be better, since it imples that it's a new package, but an upgrade (*sorta*) to an existing package on the system already.

Petyr

----------

## vericgar

From reading through this thread it seems the issue is more that portage is wanting to upgrade users to a new SLOT. IMO, portage should take into account the SLOT more then it does now, perhaps automaticly including it in the world file what SLOT of an app you are using, and then when you do the emerge -pu world it would only show the upgrades in that SLOT instead of what's it's doing now. 

It seems what most users expect is that different slots should be treated as if they are different packages and different upgrade paths.

----------

## Dr_Stein

You have to create it...

BUT... there's an update to portage.

It now takes that file and hard links it to /etc/portage/package.mask

That particular workaround worked great for me on my machines.  :Smile: 

----------

## dma

I personally think that having it designated as "net-www/apache2" would be the most transparent and user-friendly manner of doing it.  

But then someone would have the bright idea of a "virtual/apache" pointed to one or the other...

----------

## fusion

yes they need to have a net-www/apache and a net-www/apache2 cause in my opinon it is not ideal to have both installed unless your going to be testing apache2

I am still looking a the reason behind this move.  It does not make much sense.  I have faith that they will fix this very soon and if they don't I just request that you release a statment as to way you did this.

----------

## dma

 *brownowl wrote:*   

>  *Quote:*   Yah, there's an answer linked in that newsletter... if you create the file '/etc/portage/profiles/package.mask' and put the following line in it, you should be all set...  
> 
> Are you sure you don't mean '/usr/portage/profiles/package.mask'? [which already exists]
> 
> I have no such directory as /etc/portage on any of my machines.
> ...

 

Just create it.

From the portage source:

```
pkgmasklines=grabfile(settings["PORTDIR"]+"/profiles/package.mask")

pkgmasklines+=grabfile("/etc/portage/package.mask")

pkgunmasklines=grabfile("/etc/portage/package.unmask");
```

This means that it gets both the entries in /usr/portage/profiles/package.mask AND /etc/portage/package.mask.

Trust me.  It will work.  Just be sure to upgrade to the latest portage.

----------

## n0n

 *dma wrote:*   

> I personally think that having it designated as "net-www/apache2" would be the most transparent and user-friendly manner of doing it.

 

I imagine this will never occur in Gentoo, and I agree with the decision wholeheartedly.  See http://www.gentoo.org/doc/en/portage-manual.xml, specifically:

 *Quote:*   

> Most distributions and ports systems tend to have a "freetype" package for freetype 1.x and "freetype2" for 2.x. We consider this approach a sign of a fundamentally broken package management system. We simply assigned the SLOT number 1 to the first and number 2 to the second. With this information Portage can track both versions and upgrade both versions if updates to the respective upstream branches are made.

 

If you think that the current method of using SLOTs for situations like this is wrong, then you're just been tainted by your experiences with other, lesser distros...

----------

## Petyr

So, one question would be, what happens when I say 

emerge unmerge apache

Which does portage decide to remove? My other question is while portage can track packages in various slots, how can we mange them, without having to reference the ebuild file directly.

Petyr

----------

## n0n

 *Petyr wrote:*   

> So, one question would be, what happens when I say 
> 
> emerge unmerge apache
> 
> Which does portage decide to remove? My other question is while portage can track packages in various slots, how can we mange them, without having to reference the ebuild file directly.

 

I believe that this is all directly in the docs, but "emerge unmerge apache" would remove any installed version.  'emerge unmerge ">=apache-2"' would unmerge apache2.  'emerge unmerge "<apache-2"' would unmerge apache 1.  etc...

----------

## Petyr

'scuse me, I'm going to go hide now for being a 'tard and not reading the documents like I shoulda done...

Petyr

----------

## whit

 *nikai wrote:*   

> What portage is trying to tell you, is that there is a new major version of a package, ready to fill an empty slot.

 

I'm all happy with portage telling me about as much as it wants. What I'm not yet happy about is portage setting up a situation where when I'm trying fairly effortlessly keep my system up to date (which is the common use for "emerge -u world") it's trying to tell my machine to go ahead and install a major new slot of something where as far as I'm concerned the old slot is the only one desired. What we need is one version of "emerge -u world" that does not bother with new slots, except for perhaps an information message, and another that goes ahead and fills the new slots for anything where an older slot is filled. Perhaps a secondary flag could be added to tell it which new slot behavior to follow?

What I want is a least-effort command to keep my current software up to date. Apache 2 is not part of my current software. I'm perfectly happy if I have to take extra steps to get it; I'm still disgruntled that I have to take extra steps not to get it - and have to take those same extra steps with every other package that can go in multiple slots over time. For a machine where "emerge -u world" is done every day, it's not too much perhaps to read the list and make sure nothing extraneous (and possibly dangerous, possibly involving security risks or system destabilization and not just the wasted disk space and compilation cycles) is included; but for servers that only get world upgrades every few months, the list is awkwardly long, and depending on the operator to not just scan it but go and hand configure files in order to avoid new slot items like this makes for more inconvenience, imho, than requiring the extra effort only if the new slot stuff is specifically wanted. 

The best of both worlds would be to simply have it be a switch one way or the other, like "emerge -u world" for no new slot stuff, and "emerge -uu world" for the ultra update where the kitchen sink is tossed in, the download circuits overloaded, and the hard drive filled to capacity.

----------

## infirit

I injected the apache2 into portage, so far no problems here (yet)   :Very Happy: 

----------

## whit

 *d0ct0rvenkman wrote:*   

> Yah, there's an answer linked in that newsletter... if you create the file '/etc/portage/profiles/package.mask' and put the following line in it, you should be all set...
> 
>    >=net-www/apache-2.0 
> 
> 

 

/etc/portage/profiles # more package.mask

>=net-www/apache-2.0

So there's the file as you suggest, then:

# emerge -up apache

These are the packages that I would merge, in order:

Calculating dependencies ...done!

[ebuild    U ] net-www/apache-2.0.47 [1.3.27-r3] 

Great! Perhaps something else is too old for this to work? My portage is the current version, so WTF? Excuse my language.

Ahah! It's /etc/portage/package.mask - the profiles subdir was spurious.

----------

## d0ct0rvenkman

 *brownowl wrote:*   

>  *Quote:*   Yah, there's an answer linked in that newsletter... if you create the file '/etc/portage/profiles/package.mask' and put the following line in it, you should be all set...  
> 
> Are you sure you don't mean '/usr/portage/profiles/package.mask'? [which already exists]
> 
> I have no such directory as /etc/portage on any of my machines.
> ...

 

I had to create the folder/file, it wasn't there by default.

----------

## Black

No one seems to have mentionned it, but if I understand the docs correctly, putting "<net-www/apache-2" in the world file should do the trick, no?

----------

## mmealman

 *brownowl wrote:*   

> 
> 
> Are you sure you don't mean '/usr/portage/profiles/package.mask'? [which already exists]
> 
> I have no such directory as /etc/portage on any of my machines.
> ...

 

The problem with /usr/portage/profiles/package.mask is that Gentoo blows away any changes you make in it when you run an emerge sync.

/etc/portage/package.mask is a way for you to add your own changes. I think portage should ship with a blank one so this functionality is a little more obvious.

----------

