Uploaded image for project: 'JBoss Web Server'
  1. JBoss Web Server
  2. JWS-153

Numerous inconsistencies and user experience issues with Solaris Apache HTTP Server .postinstall.httpd

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Critical Critical
    • JWS 3.0.1 CR1
    • JWS 3.0.1 DR1, JWS 3.0.1 DR2, JWS 3.0.1 ER1
    • httpd
    • None
    • Release Notes
    • Documented as Resolved Issue
    • Hide

      Try to install JWS 3 Apache HTTP Server on a Solaris box as an unprivileged user.

      Show
      Try to install JWS 3 Apache HTTP Server on a Solaris box as an unprivileged user.

      The Apache HTTP Server post install script on Solaris sparc/x86_64/i386 has the following issues:

      • It requires to be executed with root privileges, despite the fact it is definitely not necessary.
      • It does not offer any fall back if executed by an unprivileged user.
      • It never checks for postinstall.done file.
      • It has unnecessary differences with lib and lib64 on multiple places.
      • There is a typo in error messages.
      • Error messages and Warnings do not explain what's really happening.

      Suggested solution

      Please, take a look at this script I suggest as a drop in replacement: .postinstall.httpd (the i386 variant differs only on 1 line - lib / lib64). The previous commit contains the original script so as you can comfortably compare the update.

      Improvements

      • If the script is not executed with root privileges, it clearly explains what functionality will be skipped.
      • In case of this unprivileged execution, let's say under user "webusr", it creates and correctly symlinks directories in $INSTALLROOT/var/ instead of /var/.
      • It sets user and group to "webusr".
      • It replaces User apache and Group apache with "webusr" – i.e. with user who executed the post install script.
      • All messages clearly explains what's happening.
      • It skips script execution if "done" marker is found.

      Result

      • Apache HTTP Server starts out of box even if installed by an unprivileged user in a non-default location. The only things that need to be manually edited after post install in this case are:
        • port 80 to something higher that does not require rights elevation
        • port 443 to something higher that does not require rights elevation
        • fix bug in ssl.conf, where there is hardcoded: SSLSessionCache shmcb:/run/httpd/sslcache(512000) instead of using @installroot@ in ssl.conf.in.
      • If installed by root, it operates normally as it did before.

      Some outputs

      Unprivileged execution

      [hudson@dev32-02 etc]$ ./.postinstall.httpd 
      WARNING: This script should be run as superuser to create user `apache' and directories in `/var/'.
      WARNING: Using different root directory then `/opt/jws-3.0'
      WARNING: Not a superuser. User and group `apache' will not be created. User `hudson' used instead.
      WARNING: Not a superuser. Directories in `/var/' will not be created. Using `/tmp/deleteX/jws-3.0/var/' instead.
      Generating private RSA key ... OK
      Generating new dev32-02.mw.lab.eng.bos.redhat.com certificate ... OK
      Done.

      Unprivileged execution – second run.

      [hudson@dev32-02 etc]$ ./.postinstall.httpd 
      WARNING: This script should be run as superuser to create user `apache' and directories in `/var/'.
      WARNING: Using different root directory then `/opt/jws-3.0'
      Skipping post install. Package is already installed in : `/tmp/deleteX/jws-3.0'
      

      Privileged execution – Apache user already exists.

      [root@dev32-02 etc]# ./.postinstall.httpd 
      Apache group (id=48) already exists.
      Apache user  (id=48) already exists.
      Generating private RSA key ... OK
      Generating new dev32-02.mw.lab.eng.bos.redhat.com certificate ... OK
      Done.
      

      WDYT?

              rhn-engineering-jclere Jean-Frederic Clere
              mbabacek1@redhat.com Karm Karm
              Jean-Frederic Clere
              Karm Karm Karm Karm
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: