Re: WWW Form Bug Report: "srm.conf-dist has invalid Meta* lines" on Linux (fwd)

[Randy Terbush <ra...@zyzzyva.com>]

> 
> On a similar note - would anyone mind if, similar to our virtualhost 
> documentroot quandry, our default for unrecognized config file directives 
> was a warning to stdout and not a process abort?
> 
> 	Brian

I think that if stuff like this was logged to syslog() and allowed
the server startup to continue while disabling the effected VHost,
it would be a Good Thing.

Don't mis-interpret my advocation for syslog() lately.
I agree that it is probably not the best alternative for logging
in general, but since it should be well established (active) when
the server is restarting/starting, we have a better chance of 
catching this rather than dribbling out to stderr.

Re: WWW Form Bug Report: "srm.conf-dist has invalid Meta* lines" on Linux (fwd)

[Alexei Kosut <ak...@organic.com>]

On Thu, 13 Jun 1996, Michael Douglass wrote:

> "Warning: srm.conf not found"
> 
> As an experienced operator of web servers, I would know this is a problem;
> but an inexperienced person (which there are alot of) would shrug his
> shoulders, yell to his buddies that it's running...  And he wouldn't
> realize until later that the srm.conf had some very important things in
> it that he had to have...

I agree. As well, the spelling issue *can* be deadly if unrecognized
directives are considered nonfatal. Options isn't a good one... what if
you mispell deny, and you end up letting everyone access your server?

My vote goes to rst's approach:

1) If you get an error in a <Directory> or <Location>, give a warning
on startup, then deny access to those files (like we do for .htaccess
files now).

2) If you get an error in a <VirtualHost>, give a warning on startup, then
deny access to that virtualhost entirely.

3) Any other error, kill the server.

This seems to me the best solution. It's completely safe, and it gives you
the ability to let owners of VirtualHosts have their own config files and
access to a setuid script to restart the server, and you can be confident
that they can't kill the whole thing by putting in a bad directive.

And it'd be a simple patch, too. Add an "invalid" member to server_rec and
core_dir_config, modify virtualhost_section(), dirsection() and
urlsection() to set it, then add checks to process_request_internal(),
directory_walk() and location_walk() that return SERVER_ERROR if it's
true.

For 1.2 perhaps. Let's get 1.1.0 released as soon as possible.

-- Alexei Kosut <ak...@organic.com> 
   http://www.nueva.pvt.k12.ca.us/~akosut/

Re: WWW Form Bug Report: "srm.conf-dist has invalid Meta* lines" on Linux (fwd)

[Michael Douglass <mi...@texas.net>]

> On a similar note - would anyone mind if, similar to our virtualhost
> documentroot quandry, our default for unrecognized config file directives
> was a warning to stdout and not a process abort?
>
> 	Brian

"Warning: srm.conf not found"

As an experienced operator of web servers, I would know this is a problem;
but an inexperienced person (which there are alot of) would shrug his
shoulders, yell to his buddies that it's running...  And he wouldn't
realize until later that the srm.conf had some very important things in
it that he had to have...

I wouldn't suggest it.  I know that when my web server doesn't start, there
is a reason for it.

Just looking out for the newbies...  (we were all one once!)

Michael Douglass
Texas Networking, Inc.


  "To be a saint is to be an exception; to be a true man is the rule.
   Err, fail, sin if you must, but be upright.  To sin as little as
   possible is the law for men; to sin not at all is a dream for angels."

              - Victor Hugo, "Les Miserables"