Bug 1367188 - Satellite's httpd gets broken with every update of mod_ssl package
Summary: Satellite's httpd gets broken with every update of mod_ssl package
Keywords:
Status: CLOSED DUPLICATE of bug 1336365
Alias: None
Product: Red Hat Satellite
Classification: Red Hat
Component: Installer
Version: 6.2.0
Hardware: Unspecified
OS: Unspecified
medium
high
Target Milestone: Unspecified
Assignee: Chris Roberts
QA Contact: Lukas Pramuk
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-08-15 19:43 UTC by Lukas Pramuk
Modified: 2016-09-14 17:44 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-09-14 17:44:22 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)

Description Lukas Pramuk 2016-08-15 19:43:08 UTC
Description of problem:
Satellite's httpd gets broken with every update of mod_ssl package.
As new version of mod_ssl package is released then yum update command breaks Satellite's httpd.

mod_ssl provides config file /etc/httpd/conf.d/ssl.conf with conflicting directive 'Listen 443 https' that causes httpd to fail to start:

(98)Address already in use: AH00072: make_sock: could not bind to address [::]:443

Version-Release number of selected component (if applicable):
Satellite 6.2.1

How reproducible:
100%

Steps to Reproduce:
1. update mod_ssl rpm
2. httpd is no longer running
3. restrt of httpd fails
# systemctl restart  httpd.service
Job for httpd.service failed because the control process exited with error code. See "systemctl status httpd.service" and "journalctl -xe" for details.

Actual results:
with every mod_ssl update ssl.conf breaks httpd, as ssl.conf is not present so it gets deployed as ssl.conf

Expected results:
when crafting Satellite ssl config files the puppet should take into account also ssl.conf file and not to just delete it. With mod_ssl update it would then deploy ssl.conf as ssl.conf.rpmnew (and thus not breaking httpd)

Additional info:
commenting out 'Listen 443 https' in ssl.conf allows httpd to start again
(but other ssl directives here may overide Satellite's ones)

Comment 3 Lukas Pramuk 2016-08-16 12:15:51 UTC
Tested that with empty ssl.conf the Satellite survived mod_ssl update:

1. # cat <<< '' > /etc/httpd/conf.d/ssl.conf
2. # yum update
...

Updated:
  httpd.x86_64 0:2.4.6-45.el7          httpd-tools.x86_64 0:2.4.6-45.el7          mod_ssl.x86_64 1:2.4.6-45.el7         


3. httpd is still running

Comment 5 Lukas Pramuk 2016-08-16 15:53:40 UTC
Standalone Capsule 6.2 is also affected by this bug as ssl.conf is not present at capsule too.

# ll /etc/httpd/conf.d/ssl.conf
ls: cannot access /etc/httpd/conf.d/ssl.conf: No such file or directory

Comment 6 Chris Roberts 2016-09-14 17:44:22 UTC
Marking as a dup of 

1336365

which is in release pending for 6.2.2

*** This bug has been marked as a duplicate of bug 1336365 ***


Note You need to log in before you can comment on or make changes to this bug.