- move the configuration of User, Group, and PidFile to /etc/apache2/envvars

- adjust init script, logrotate script, apache2ctl to use envvars
- make apache2ctl check the configuration syntax before restart, to match
  the behaviour documented in the man page.


git-svn-id: svn+ssh://svn.debian.org/svn/pkg-apache/trunk/apache2@544 01b336ce-410b-0410-9a02-a0e7f243c266

9 files changed, 140 insertions, 34 deletions

diff --git a/debian/NEWS b/debian/NEWS
index 437444a1..3245ff90 100644
--- a/debian/NEWS
+++ b/debian/NEWS
@@ -1,3 +1,13 @@
+apache2 (2.2.8-1) unstable; urgency=low
+
+  * The Apache User and Group and the PidFile path are now configured in
+    /etc/apache2/envvars, to make it easier to use them in scripts
+    (like the init and logrotate scripts, and apache2ctl).
+    If you changed these settings from their default values, you need to adjust
+    /etc/apache2/envvars.
+
+ -- Stefan Fritsch <sf@debian.org>  Tue, 15 Jan 2008 21:41:23 +0100
+
 apache2 (2.2.4-2) unstable; urgency=low
 
   * This version introduces some changes in the configuration layout and
diff --git a/debian/README.Debian b/debian/README.Debian
index afc2f505..52ab6337 100644
--- a/debian/README.Debian
+++ b/debian/README.Debian
@@ -28,6 +28,13 @@ apache2.conf
 
 	This is the main configuration file.
 
+envvars
+
+	This contains environment variables that may be used in the
+	configuration. Some settings, like user and pid file, need to
+	go in here so that other scripts can use them. It can also
+	be used to change some default settings used by apache2ctl.
+
 conf.d/
 
 	Files in this directory are included by this line in
diff --git a/debian/apache2.2-common.apache2.init b/debian/apache2.2-common.apache2.init
index 3c8b0a70..ccbbba82 100644
--- a/debian/apache2.2-common.apache2.init
+++ b/debian/apache2.2-common.apache2.init
@@ -66,32 +66,25 @@ pidof_apache() {
     # if pidof is null for some reasons the script exits automagically
     # classified as good/unknown feature
     PIDS=`pidof apache2` || true
-    
-    # let's try to find the pid file
-    # apache2 allows more than PidFile entry
-    # most simple way is to check all of them
-
-    PIDS2=""
 
-    for PFILE in `grep ^PidFile /etc/apache2/* -r | awk '{print $2}'`; do
-	[ -e $PFILE ] && PIDS2="$PIDS2 `cat $PFILE`"
-    done
+    PFILE=`. /etc/apache2/envvars ; echo $APACHE_PID_FILE`
+    if [ -z "$PFILE" ] ; then
+    	echo ERROR: APACHE_PID_FILE needs to be defined in /etc/apache2/envvars >&2
+	exit 2
+    fi
 
+    [ -e $PFILE ] && PIDS2=`cat $PFILE`
+    
     # if there is a pid we need to verify that belongs to apache2
     # for real
     for i in $PIDS; do
-	# may be it is not the right way to make second dimension
-	# for really huge setups with hundreds of apache processes
-	# and tons of garbage in /etc/apache2... or is it?
-	for j in $PIDS2; do
-    	    if [ "$i" = "$j" ]; then
-	      # in this case the pid stored in the
-	      # pidfile matches one of the pidof apache
-	      # so a simple kill will make it
-           	echo $i
-              return 0
-            fi
-        done
+    	if [ "$i" = "$PIDS2" ]; then
+            # in this case the pid stored in the
+            # pidfile matches one of the pidof apache
+            # so a simple kill will make it
+            echo $i
+            return 0
+        fi
     done
     return 1
 }
diff --git a/debian/apache2.2-common.install b/debian/apache2.2-common.install
index 511ddbbb..59ce91c1 100644
--- a/debian/apache2.2-common.install
+++ b/debian/apache2.2-common.install
@@ -5,7 +5,6 @@ usr/share/man/man8/suexec2.8
 usr/share/apache2/error
 usr/lib/apache2/modules
 usr/sbin/suexec usr/lib/apache2
-usr/sbin/envvars etc/apache2
 usr/sbin/envvars-std usr/share/apache2/build
 usr/sbin/httxt2dbm
 etc/apache2 usr/share/doc/apache2.2-common/examples
diff --git a/debian/changelog b/debian/changelog
index 29ecf490..f1326e7e 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -20,6 +20,13 @@ apache2 (2.2.8-1) UNRELEASED; urgency=low
     - Adds an "if" directive for mod_include to test whether an URL is
       accessible, and if so, conditionally display content.
     - Adds support for mod_ssl to the event MPM.
+  * Move the configuration of User, Group, and PidFile to
+    /etc/apache2/envvars. This makes it easier to use these settings in
+    scripts. /etc/apache2/envvars can now also be used to influence apache2ctl.
+    (Closes: #349709, #460105)
+  * Make apache2ctl check the configuration syntax before trying to restart
+    apache, to match the behaviour documented in the man page.
+    (Closes: #459236)
   * Convert docs to be directly viewable with a browser (and not use content
     negotiation).
   * Add doc-base entry for the documentation. (closes: #311269)
diff --git a/debian/config-dir/apache2.conf b/debian/config-dir/apache2.conf
index 7741c5a5..76c9928d 100644
--- a/debian/config-dir/apache2.conf
+++ b/debian/config-dir/apache2.conf
@@ -61,8 +61,9 @@ LockFile /var/lock/apache2/accept.lock
 #
 # PidFile: The file in which the server should record its process
 # identification number when it starts.
+# This needs to be set in /etc/apache2/envvars
 #
-PidFile /var/run/apache2.pid
+PidFile ${APACHE_PID_FILE}
 
 #
 # Timeout: The number of seconds before receives and sends time out.
@@ -122,8 +123,9 @@ KeepAliveTimeout 15
     MaxRequestsPerChild   0
 </IfModule>
 
-User www-data
-Group www-data
+# These need to be set in /etc/apache2/envvars
+User ${APACHE_RUN_USER}
+Group ${APACHE_RUN_GROUP}
 
 #
 # AccessFileName: The name of the file to look for in each directory
diff --git a/debian/config-dir/envvars b/debian/config-dir/envvars
new file mode 100644
index 00000000..44cf82cc
--- /dev/null
+++ b/debian/config-dir/envvars
@@ -0,0 +1,8 @@
+# envvars - default environment variables for apache2ctl
+
+# Since there is no sane way to get the parsed apache2 config in scripts, some
+# settings are defined via environment variables and then used in apache2ctl,
+# /etc/init.d/apache2, /etc/logrotate.d/apache2, etc.
+export APACHE_RUN_USER=www-data
+export APACHE_RUN_GROUP=www-data
+export APACHE_PID_FILE=/var/run/apache2.pid
diff --git a/debian/logrotate b/debian/logrotate
index d25c4cea..176550ab 100644
--- a/debian/logrotate
+++ b/debian/logrotate
@@ -8,7 +8,7 @@
 	create 640 root adm
 	sharedscripts
 	postrotate
-		if [ -f /var/run/apache2.pid ]; then
+		if [ -f "`. /etc/apache2/envvars ; echo ${APACHE_PID_FILE:-/var/run/apache2.pid}`" ]; then
 			/etc/init.d/apache2 reload > /dev/null
 		fi
 	endscript
diff --git a/debian/patches/050_enhance_apache2ctl.dpatch b/debian/patches/050_enhance_apache2ctl.dpatch
index 9579b66c..4eef7fe9 100755
--- a/debian/patches/050_enhance_apache2ctl.dpatch
+++ b/debian/patches/050_enhance_apache2ctl.dpatch
@@ -7,10 +7,71 @@
 ## DP: - add usage message
 
 @DPATCH@
-diff -urNad apache2-work~/support/apachectl.in apache2-work/support/apachectl.in
---- apache2-work~/support/apachectl.in	2007-07-09 19:01:22.000000000 +0200
-+++ apache2-work/support/apachectl.in	2007-07-09 19:03:01.000000000 +0200
-@@ -71,12 +71,23 @@
+diff -urNad trunk~/docs/man/apachectl.8 trunk/docs/man/apachectl.8
+--- trunk~/docs/man/apachectl.8	2008-01-16 21:24:42.000000000 +0100
++++ trunk/docs/man/apachectl.8	2008-01-16 21:41:00.108749456 +0100
+@@ -68,7 +68,7 @@
+ Stops the Apache httpd daemon\&. This is equivalent to apachectl -k stop\&.  
+ .TP
+ restart
+-Restarts the Apache httpd daemon\&. If the daemon is not running, it is started\&. This command automatically checks the configuration files as in configtest before initiating the restart to make sure the daemon doesn't die\&. This is equivalent to apachectl -k restart\&.  
++Restarts the Apache httpd daemon\&. If the daemon is not running, it is started\&. This command automatically checks the configuration files as in configtest before initiating the restart to catch the most obvious errors\&. However, it is still possible for the daemon to die because of problems with the configuration\&. This is equivalent to apachectl -k restart\&.  
+ .TP
+ fullstatus
+ Displays a full status report from mod_status\&. For this to work, you need to have mod_status enabled on your server and a text-based browser such as lynx available on your system\&. The URL used to access the status report can be set by editing the STATUSURL variable in the script\&.  
+@@ -77,7 +77,7 @@
+ Displays a brief status report\&. Similar to the fullstatus option, except that the list of requests currently being served is omitted\&.  
+ .TP
+ graceful
+-Gracefully restarts the Apache httpd daemon\&. If the daemon is not running, it is started\&. This differs from a normal restart in that currently open connections are not aborted\&. A side effect is that old log files will not be closed immediately\&. This means that if used in a log rotation script, a substantial delay may be necessary to ensure that the old log files are closed before processing them\&. This command automatically checks the configuration files as in configtest before initiating the restart to make sure Apache doesn't die\&. This is equivalent to apachectl -k graceful\&.  
++Gracefully restarts the Apache httpd daemon\&. If the daemon is not running, it is started\&. This differs from a normal restart in that currently open connections are not aborted\&. A side effect is that old log files will not be closed immediately\&. This means that if used in a log rotation script, a substantial delay may be necessary to ensure that the old log files are closed before processing them\&. This command automatically checks the configuration files as in configtest before initiating the restart to catch the most obvious errors\&. However, it is still possible for the daemon to die because of problems with the configuration\&. This is equivalent to apachectl -k graceful\&.  
+ .TP
+ graceful-stop
+ Gracefully stops the Apache httpd daemon\&. This differs from a normal stop in that currently open connections are not aborted\&. A side effect is that old log files will not be closed immediately\&. This is equivalent to apachectl -k graceful-stop\&.  
+diff -urNad trunk~/support/apachectl.in trunk/support/apachectl.in
+--- trunk~/support/apachectl.in	2008-01-16 21:40:59.644723012 +0100
++++ trunk/support/apachectl.in	2008-01-16 21:44:01.603092229 +0100
+@@ -40,28 +40,31 @@
+ # |||||||||||||||||||| START CONFIGURATION SECTION  ||||||||||||||||||||
+ # --------------------                              --------------------
+ # 
+-# the path to your httpd binary, including options if necessary
+-HTTPD='@exp_sbindir@/@progname@'
+-#
++# the path to the environment variable file
++test -z "$APACHE_ENVVARS" && APACHE_ENVVARS='/etc/apache2/envvars'
+ # pick up any necessary environment variables
+-if test -f @exp_sysconfdir@/envvars; then
+-  . @exp_sysconfdir@/envvars
++if test -f $APACHE_ENVVARS; then
++  . $APACHE_ENVVARS
+ fi
++# the following APACHE_* variables should be set in /etc/apache2/envvars
++#
++# the path to your httpd binary, including options if necessary
++HTTPD=${APACHE_HTTPD:-/usr/sbin/apache2}
+ #
+ # a command that outputs a formatted text version of the HTML at the
+ # url given on the command line.  Designed for lynx, however other
+ # programs may work.  
+-LYNX="@LYNX_PATH@ -dump"
++LYNX="${APACHE_LYNX:-@LYNX_PATH@ -dump}"
+ #
+ # the URL to your server's mod_status status page.  If you do not
+ # have one, then status and fullstatus will not work.
+-STATUSURL="http://localhost:@PORT@/server-status"
++STATUSURL="${APACHE_STATUSURL:-http://localhost:@PORT@/server-status}"
+ #
+ # Set this variable to a command that increases the maximum
+ # number of file descriptors allowed per child process. This is
+ # critical for configurations that use many file descriptors,
+ # such as mass vhosting, or a multithreaded server.
+-ULIMIT_MAX_FILES="@APACHECTL_ULIMIT@"
++ULIMIT_MAX_FILES="${APACHE_ULIMIT_MAX_FILES:-@APACHECTL_ULIMIT@}"
+ # --------------------                              --------------------
+ # ||||||||||||||||||||   END CONFIGURATION SECTION  ||||||||||||||||||||
+ 
+@@ -71,13 +74,32 @@
  fi
  
  ERROR=0
@@ -24,16 +85,35 @@ diff -urNad apache2-work~/support/apachectl.in apache2-work/support/apachectl.in
  
  case $ARGV in
 -start|stop|restart|graceful|graceful-stop)
+-    $HTTPD -k $ARGV
 +start)
 +    mkdir -p /var/run/apache2
-+    install -d -o www-data /var/lock/apache2
++    install -d -o ${APACHE2_RUN_USER:-www-data} /var/lock/apache2
 +    # ssl_scache shouldn't be here if we're just starting up.
 +    # (this is bad if there are several apache2 instances running)
 +    rm -f /var/run/apache2/*ssl_scache*
-+    $HTTPD -k $ARGV
++    $HTTPD ${APACHE_ARGUMENTS} -k $ARGV
++    ERROR=$?
++    ;;
++stop|graceful-stop)
++    $HTTPD ${APACHE_ARGUMENTS} -k $ARGV
 +    ERROR=$?
 +    ;;
-+stop|restart|graceful|graceful-stop)
-     $HTTPD -k $ARGV
++restart|graceful)
++    if $HTTPD ${APACHE_ARGUMENTS} -t 2> /dev/null ; then
++        $HTTPD ${APACHE_ARGUMENTS} -k $ARGV
++    else
++        $HTTPD ${APACHE_ARGUMENTS} -t
++    fi
+     ERROR=$?
+     ;;
+ startssl|sslstart|start-SSL)
+@@ -87,7 +109,7 @@
+     ERROR=2
+     ;;
+ configtest)
+-    $HTTPD -t
++    $HTTPD ${APACHE_ARGUMENTS} -t
      ERROR=$?
      ;;
+ status)