On Sat, Mar 27, 2010 at 05:41:03PM +0100, Maarten Litmaath wrote:
> Hi Valery,
>
> > We run with the latest:
> > httpd-2.0.52-41.sl4.7
> > mod_ssl-2.0.52-41.sl4.7
> > from SL48 errata repository.
>
> The CERN WMS production nodes still have older versions:
>
> httpd-2.0.52-38.ent.2
> mod_ssl-2.0.52-38.ent.2
About 2 years old if I am not mistaken....
# rpm -q httpd --changelog |grep 2.0.52-38.ent.2
* Tue Jan 08 2008 Joe Orton <[log in to unmask]> 2.0.52-38.ent.2
>
> However, the certification testbed WMS has these:
>
> httpd-2.0.52-41.ent.6
> mod_ssl-2.0.52-41.ent.6
These correspond to httpd-2.0.52-41.sl4.6 and mod_ssl-2.0.52-41.sl4.6,
which were the latest in SL4.x before the httpd updates issued on 25 Mar 2010.
> The WMProxy/httpd was restarted after the upgrade.
>
> > Does it mean gridsite-apache uncompatible with the latest
> > httpd/mod_ssl on SL4 now?
> >
> > Taking into account what is in:
> > http://kbase.redhat.com/faq/docs/DOC-20491
> > it could be the reason.
>
> The partial fix for that vulnerability should not have affected the WMS,
> but the segfault shows there is a bug or mismatch somewhere affecting
> your installation. Can you try the SLC versions mentioned above:
>
> http://linuxsoft.cern.ch/cern/slc4X/updates/i386/RPMS/
>
> I suppose a forced downgrade gets your WMS working again?
Yes, downgrading to httpd-2.0.52-41.sl4.6, httpd-suexec-2.0.52-41.sl4.6
and mod_ssl-2.0.52-41.sl4.6 gets the WMS working, but I think this
should be a temporary solution.
Cheers,
Kyr.
--
Kyriakos Ginis
Software Engineering Laboratory
National Technical University of Athens
|