RE: HTTPD asking for password after power failure

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Maybe check out how https://software.opensuse.org/package/haveged is configured if installed on your system

 

Also http://www.onkarjoshi.com/blog/191/device-dev-random-vs-urandom/

 

From: Nick Williams [mailto:nicholas@xxxxxxxxxxxxxxxxxxxx]
Sent: Saturday, July 30, 2016 6:05 AM
To: users@xxxxxxxxxxxxxxxx
Subject: Re: HTTPD asking for password after power failure

 

It took me a while to get back to this (it’s not a mission-critical server, but I have hit a point where I really do need to get it working again).

 

`apachectl restart` hung for many, many minutes without any input, and I eventually quit it. I ran it again with `strace -Ff apachectl restart`. Towards the end it had read all of the vhost config files and opened up the request and error logs configured in them, and it read the media types config file:

 

[pid 22537] read(35, "# This file maps Internet media "..., 4096) = 4096

 

But after that is where things got weird:

 

[pid 22537] mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f73aff27000
[pid 22537] open("/dev/random", O_RDONLY|O_CLOEXEC) = 35
[pid 22537] read(35, " p$\242\33\241", 1024) = 6
[pid 22537] read(35, "\205\31\345\274A\336", 1018) = 6
[pid 22537] read(35, "\335\16\7\370\343\311", 1012) = 6
[pid 22537] read(35, "\265\362\20}F\234", 1006) = 6
[pid 22537] read(35, "\223}\\\0+\242", 1000) = 6
[pid 22537] read(35, 

 

Each `read` line there took about a full minute. It’s spending FOREVER reading from /dev/random. That led me to try to read from /dev/random, and it is only generating a byte every few seconds. I don’t know why, but /dev/random appears to be borked on this machine.

 

I changed ssl-global.conf to use /dev/urandom instead of /dev/random, and it started right up in a matter of seconds.

 

I know this is now off-topic, but does anyone know why /dev/random would suddenly be gathering almost no entropy? I have never had this problem on this system before.

 

Thanks,

 

Nick

 

On Jul 16, 2016, at 9:56 PM, Frank Gingras <thumbs@xxxxxxxxxx> wrote:

 

Try to use apachectl restart instead to bypass your init scripts. The latter are likely to hide actual errors that would appear on STDERR.

 

If apachectl restart still gives you that error, perhaps your distro mangled it as well. Then, I would use strace with httpd -X to get the complete picture.

 

On Sat, Jul 16, 2016 at 6:47 AM, Nicholas Williams <nicholas@xxxxxxxxxxxxxxxxxxxx> wrote:

I have a server running OpenSUSE 42.1 with stock Apache HTTPD 2 installed from the package manager. It has been running without issue for well over a year. We've restarted the service and the server since then without issue. The service always starts  on its own when the server boots.

Last night we had a power failure. The sever came up fine. All services, including MySQL, started fine. No obvious issues appear anywhere. But HTTPD didn't start automatically. So I logged in to the server to investigate and try to start it.

`service apache2 status` said FAILED with no details. `/var/log/apache2/error_log` showed nothing since the day before the power failure.

`service apache2 start` hung for about 2 minutes, and then said FAILED with no details. `/var/log/apache2/error_log` still showed nothing since the day before the power failure. There was nothing in the system log since my log-in to the server.

So I tried `strace -Ff service apache2 start`. The only thing I see suspicious is it calls open on `/run/systemd/ask-password-block`. It appears it times out after never receiving a password. But I have no idea why it would do that. None of my SSL certificates have passphrases, and I've always been able to start HTTPD without a password.

I'm at a loss here. Any suggestions?

Thanks,

Nick
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx

 

 


[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux