# webapp-config and awstats 6.5

## cmmalone

In upgrading awstats to 6.5 today using webapp-config (and presumably the right way I guess - this is my first upgrade with webapp-config), it spewed some stuff I didn't understand. I did:

 *Quote:*   

> 
> 
> % webapp-config -U -h [my vhost] -d [my awstats dir] awstats 6.5
> 
>  * Upgrading awstats-6.4 to awstats-6.5
> ...

 

But then I see a lot of:

 *Quote:*   

> 
> 
>  * Unable to find contents entry for "cgi-bin/lib/browsers.pm"
> 
> ^o^ hiding cgi-bin/lib/._cfg0000_browsers.pm
> ...

 

Then it says: 

 *Quote:*   

> 
> 
> * One or more files have been config protected
> 
>  * To complete your install, you need to run this command:
> ...

 

So I ran that command and got:

 *Quote:*   

> 
> 
> Scanning Configuration files...
> 
> Exiting: Nothing left to do; exiting. :)
> ...

 

which to me says it did nothing.

Then, after that, it tries to remove 6.4:

 *Quote:*   

> 
> 
>  * Removing old version awstats-6.4
> 
> --- !empty dir js
> ...

 

which looks like it recommending deleting my entire site's cgi-bin for example. And the short paths at the top I have absolutely no idea what it is referring to.

And to make matters worse, when it recommends apache config to me, it's still 6.4!

I ignored the stuff I didn't understand about removing files and hand upgraded my apache configuration to point at 6.5 instead of what webapp-config recommended. I also "emerge -C =awstats-6.4" to get rid of the old install. My awstats looks ok and is 6.5 when I access it. But I have a log of ._cfg0000_* files related to awstats lying around under my /var/www/[my vhost]/cgi-bin.

I'm worried I either have some of 6.4 lying around leftover or my install of 6.5 isn't complete. Any help would be appreciated. 

Thanks.

- Chad

----------

## m27315

Here's my 2-cents:

Your /var/www/hostname/cgi-bin install is incomplete.  If awstats was forced to rely on those, it would not be able to work.  Too many files have been hidden as .cfg0000* files.

Regarding the "short dirs" (js, icon/*, css/ clsses), these are all installed under your "-d [my awstats dir]" directory.  There you should find either empty dirs, or dirs with more .cfg0000* files.

The reason awstats is still functioning is because you patched the /etc/apache/conf/awtstas.conf file.  This file points all cgi calls to the root install:

```
Alias /awstats/classes "/usr/share/webapps/awstats/6.5/htdocs/classes/"

Alias /awstats/css "/usr/share/webapps/awstats/6.5/htdocs/css/"

Alias /awstats/icons "/usr/share/webapps/awstats/6.5/htdocs/icon/"

ScriptAlias /awstats/ "/usr/share/webapps/awstats/6.5/hostroot/cgi-bin/"

ScriptAlias /awstats "/usr/share/webapps/awstats/6.5/hostroot/cgi-bin/awstats.pl"

ScriptAlias /awstats.pl "/usr/share/webapps/awstats/6.5/hostroot/cgi-bin/awstats.pl"

<Directory "/usr/share/webapps/awstats/6.5/htdocs">

    Options None

    AllowOverride None

    <IfModule mod_access.c>

        Order allow,deny

        Allow from all

    </IfModule>

</Directory>

<Directory "/usr/share/webapps/awstats/6.5/hostroot/cgi-bin">

    Options ExecCGI

    AllowOverride None

    <IfModule mod_access.c>

        Order allow,deny

        Allow from all

    </IfModule>

</Directory>

```

Consequently, your host specific install of cgi-bin, jss, classes, icons, etc, is not even referenced, much less needed.  To test this, just try moving your cgi-bin to cgi-bin.bk, and see what happens.  Does it still work?  See, it's not being used.

Bottom line:  If your setup relied on the host install, you'd be in trouble.  Unless you change your apache config to reference your host install, you should be fine.

If you'd like the files to be cleaned up anyway, try this:

```
webapp-config -C -h hostname -d myawstatsdir awstats 6.5

webapp-config -I -h hostname -d myawstatsdir awstats 6.5
```

This will wipe the directories clean and then reinstalled the new version.  As long as you had not modded any code, this should work fine.

HTH

----------

## cmmalone

Then why does webapp-config's postinst for awstats ask me to change my apache configuration! It seems to me that the entire point of webapp-config is to copy webapps from /usr/share/webapp to the virtual host's web root while the entire point of the output of webapp-config's postinst for awstats is to make apache point directly into /usr/share/webapp for awstats and make it secure if you bother to read the commented out stuff and make it work for you.

If I manually upkeep my apache configuration, I should never have to use webapp-config at all, should I? Or alternately, I should be able to just use webapp-config and not have to mess with my apache configuration at all, assuming I move my auth stuff to webroot-specific directories for each virtual host I install to with webapp-config. 

Right now, webapp-config seems to want me to do both, which is confusing. I can understand why webapp-config gets a bad rep and people get hacked on old version of awstats!

----------

## m27315

I believe you are correct.  If you manually maintain your apache config file, and if you ensure that it always points to the latest version, I do not think you will find any benefit in using webapp-config for awstats.  In fact, I would wipe out the host specific install of awstats (cgi-bin, jss, classes, icons, etc.), just to eliminate an unused access point, which might become a vulnerability in the future in some unforeseen way.

```
webapp-config -C -h hostname -d myawstatsdir awstats 6.5
```

Maybe a veteran could shed some light on how webapp-config might be useful to install/maintain awstats?

----------

## ohyeah1942

i would like to know that also.

----------

