Apache cannot start

BerArt · Unread post by **BerArt** » Tue Apr 15, 2008 4:00 am

I run ASL -u and than ASL -f today and Apache would not start anymore:

Starting httpd: Syntax error on line 910 of /etc/httpd/modsecurity.d/10_asl_rules.conf:
Error creating rule: Could not open phrase file "/etc/httpd/modsecurity.d/sql.txt": No such file or directory
[FAILED]

This is what Plesk say's:

Unable to make action: Unable to manage service by websrvmng: websrvmng: Service /etc/init.d/httpd failed to start

0: /usr/local/psa/admin/plib/common_func.php3:158
psaerror(string 'Unable to make action: Unable to manage service by websrvmng: websrvmng: Service /etc/init.d/httpd failed to start')
1: /usr/local/psa/admin/htdocs/server/restart_services.php:28

How to solve this?

BerArt · Unread post by **BerArt** » Tue Apr 15, 2008 4:23 am

Is it notmal that if Apache is not running the modules ModSecurity and ModEvasive are on RED in the WebGUI??

Kalimari · Unread post by **Kalimari** » Tue Apr 15, 2008 4:29 am

I just ran asl -u and noticed the following:

Code: Select all

Checking for updates..
  ASL version is current:                                  [1.9.8]
  APPINV rules are current:                                [200709171131]
  CLAMAV rules are current:                                [200804071524]
  GRSEC rules are current:                                 [0]
  Updating MODSEC to 200804141855:                         [200804141855]
    Error: There is a problem with the apache config
  OSSEC rules are current:                                 [200709191233]

Error: There is a problem with the apache config - I wonder if this is related/similar to BerArt's problem? Apache/Sites are running OK, but think I'll avoid running asl -f for now...

BerArt · Unread post by **BerArt** » Tue Apr 15, 2008 4:33 am

I think it is related, must be! when I run ASL -f it it restarting Apache but this fails

and give the erro above. So now all sites are down on one server. I will NOT run ASL -f or ASL -u till this is solved on my other three servers

breun · Unread post by **breun** » Tue Apr 15, 2008 5:05 am

BerArt wrote:Is it notmal that if Apache is not running the modules ModSecurity and ModEvasive are on RED in the WebGUI??

I guess so, since mod_security and mod_evasive are Apache modules.

BerArt · Unread post by **BerArt** » Tue Apr 15, 2008 5:11 am

Ah, ok thx breun

Kalimari noticed this in the update chanel: (ASL via YUM)

`update asl 1.9.8-12 to channel [asl-2.0] in archive [atomicorp] - Update to manage updates for the new sql.txt config file used in mod_security.`

I hope that this will solve the problem, can Scott confirm this please?

breun · Unread post by **breun** » Tue Apr 15, 2008 5:14 am

Send an e-mail to support@atomicorp.com for ASL support and/or file a bug report in the bug tracker. Looks like the problem is that the sql.txt file is missing. Maybe touching it so it exists (though empty) is a temporary fix.

BerArt · Unread post by **BerArt** » Tue Apr 15, 2008 5:15 am

I already did before I opened this topic, thx anyway

BerArt · Unread post by **BerArt** » Tue Apr 15, 2008 5:18 am

I updated to 1.9.8-12 and Apache is running again, but I still received the same error when running asl -f ?? but I see the file sql.txt in the right folder now

pffff

Unread post by **scott** » Tue Apr 15, 2008 8:24 am

Yep the updates routine (which lives in the asl core utilities) had to be updated for something that the rules had a new dependency on (sql.txt). So that needed to be updated first, before the rule updates ran.

wizcom · Unread post by **wizcom** » Tue Apr 15, 2008 10:26 am

OK, Please realize I'm at least 2 levels below you guys in knowledge - was 4 or 5 before meeting Scott. I have the exact same issue and exact same error message. I did the ASL updates except for Tomcat. It's not installed. When you say the installer needs to be updated, how? Updater? Yum? Other? I'm not going to play and F$%$# it more than it already is.

Thanks as always.

Howard J. Brubaker

BerArt · Unread post by **BerArt** » Tue Apr 15, 2008 10:28 am

You have to update ASL via YUM then run ASL -u and ASL -f that fixed it for me

wizcom · Unread post by **wizcom** » Tue Apr 15, 2008 11:02 am

OK, did the yum update even tomcat. On ASL-u got

Updating CLAMAV to clamav: [FAILED]

ran ASL-F. Lots of fixed but only 2 fails

Stopping httpd: [FAILED]
Starting httpd: [FAILED]

Rebooted server. Saw Apache was still down, tried to restart got:

0: /usr/local/psa/admin/plib/common_func.php3:158
psaerror(string 'Unable to make action: Unable to manage service by websrvmng: websrvmng: Service /etc/init.d/httpd failed to start')
1: /usr/local/psa/admin/htdocs/server/restart_services.php:28

Thoughts?

Howard

Kalimari · Unread post by **Kalimari** » Tue Apr 15, 2008 1:40 pm

Umm... updated ASL via YUM then ran ASL -u (no `Error: There is a problem with the apache config` this time) then ran ASL -f and update fell over on line 910 of /etc/httpd/modsecurity.d/10_asl_rules.conf - the file sql.txt exists in same dir...

To fix it (and keep sites up!) I've commented out the troublesome rule (on lines 909+910) in 10_asl_rules.conf and reran asl -f then disabled ASL updates via cron.daily.

wizcom - if Apache is still down, do this to at least bring the web service back up.

UPDATE: Reran asl -u and then reran asl -f and it seems OK this time... So I suppose the order is to YUM update, asl -f then asl -u?

wizcom · Unread post by **wizcom** » Tue Apr 15, 2008 2:32 pm

Kalimari wrote

"etc/httpd/modsecurity.d/10_asl_rules.conf - the file sql.txt exists in same dir...

To fix it (and keep sites up!) I've commented out the troublesome rule (on lines 909+910) in 10_asl_rules.conf and reran asl -f then disabled ASL updates via cron.daily."

That would work fine but my 10_asl_rules.conf has only 888 lines. Can you give me some other idea on what the rule to comment out is?

Thanks

Howard