Univention Bugzilla – Full Text Bug Listing |
Summary: | (4.2) force_https makes apache redirect traffic for localhost | ||
---|---|---|---|
Product: | UCS | Reporter: | Daniel Tröder <troeder> |
Component: | Apache | Assignee: | Florian Best <best> |
Status: | CLOSED FIXED | QA Contact: | Daniel Tröder <troeder> |
Severity: | normal | ||
Priority: | P5 | CC: | best, gohmann, grandjean, schwardt, thomas.siedentopf |
Version: | UCS 4.2 | ||
Target Milestone: | UCS 4.2-0-errata | ||
Hardware: | Other | ||
OS: | Linux | ||
What kind of report is it?: | Bug Report | What type of bug is this?: | 5: Major Usability: Impairs usability in key scenarios |
Who will be affected by this bug?: | 2: Will only affect a few installed domains | How will those affected feel about the bug?: | 4: A User would return the product |
User Pain: | 0.229 | Enterprise Customer affected?: | |
School Customer affected?: | Yes | ISV affected?: | |
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | Bug group (optional): | ||
Max CVSS v3 score: | |||
Bug Depends on: | 43603 | ||
Bug Blocks: |
Description
Daniel Tröder
2017-05-18 08:54:54 CEST
univention-apache (9.0.5-10): r79441 | Bug #44628: make excludes for force_https configurable univention-apache.yaml: r79444 | YAML Bug #44628 * YAML: being forcing -> being forced * Apache doesn't start anymore: root@dc2000:~# ucr set apache2/force_https=true root@dc2000:~# ucr search force_https apache2/force_https/exclude/(request_uri|http_host|remote_addr|server_name)/.*: <empty> apache2/force_https/exclude/http_host/localhost: localhost apache2/force_https/exclude/request_uri/mod-status: /server-status apache2/force_https: true root@dc2000:~# systemctl restart apache2.service Job for apache2.service failed. See 'systemctl status apache2.service' and 'journalctl -xn' for details. root@dc2000:~# systemctl status apache2.service ● apache2.service - LSB: Apache2 web server Loaded: loaded (/etc/init.d/apache2) Active: failed (Result: exit-code) since So 2017-05-21 11:53:19 CEST; 4s ago Process: 17635 ExecStop=/etc/init.d/apache2 stop (code=exited, status=0/SUCCESS) Process: 17663 ExecStart=/etc/init.d/apache2 start (code=exited, status=1/FAILURE) Mai 21 11:53:19 dc2000 systemd[1]: Starting LSB: Apache2 web server... Mai 21 11:53:19 dc2000 apache2[17663]: Starting web server: apache2 failed! Mai 21 11:53:19 dc2000 apache2[17663]: The apache2 configtest failed. ... (warning). Mai 21 11:53:19 dc2000 apache2[17663]: Output of config test was: Mai 21 11:53:19 dc2000 apache2[17663]: AH00526: Syntax error on line 80 of /etc/apache2/mods-enabled/ssl.conf: Mai 21 11:53:19 dc2000 apache2[17663]: RewriteCond: bad flag delimiters Mai 21 11:53:19 dc2000 apache2[17663]: Action 'configtest' failed. Mai 21 11:53:19 dc2000 apache2[17663]: The Apache error log may have more information. Mai 21 11:53:19 dc2000 systemd[1]: apache2.service: control process exited, code=exited status=1 Mai 21 11:53:19 dc2000 systemd[1]: Failed to start LSB: Apache2 web server. Mai 21 11:53:19 dc2000 systemd[1]: Unit apache2.service entered failed state. root@dc2000:~# grep -n Rewrite /etc/apache2/mods-enabled/ssl.conf 78:RewriteEngine on 79:RewriteCond %{HTTPS} off 80:RewriteCond %{REQUEST_URI} != /server-status 81:RewriteCond %{HTTP_HOST} != localhost 82:RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R=301,L] univention-apache (9.0.5-11): r79505 | Bug #44628: fix syntax error OK: manual test r79522: updated advisory |