When I attempt to upgrade Apache...
cd /etc/yum.repos.d && wget https://repo.codeit.guru/codeit.el7.repo
yum install -y epel-release
yum upgrade httpd
...the output says "Package(s) httpd available, but not installed."
Actually, the above commands worked fine on my staging server, and I got the desired upgrade. But then when I tried the same steps on my production server, I see "Package(s) httpd available, but not installed."
Variations of this issue appear elsewhere on stackoverflow and other forums, but it appears the proper solution changes frequently, and it is difficult to rely on past answers that in many cases appear to reference defunct mirrors.
It's not clear where Apache was sourced from, but the recommended practice is to use Red Hat Software Collections for RHEL 7 (Application Streams for RHEL 8). See the list here. If your Apache was installed from Software Collections, then you'd want to update via that process.
Software Collections are part of the subscription and are fully supported by Red Hat.
Related
I've been to the Releases site for mod_auth_openidc and brought down the rpm. And attempting to install requires cjose but attempting to find and install that poses a problem as it seems to incorrectly test the version of jansson (e.g., 2.10 is though to be less than 2.3). Most of the documentation I find is years old. Trying to use yum brings in a very outdated version of the mod_auth_openidc (1.8.8) that fails to allow apache httpd to load if you have an OIDCDirectURL coded.
I'm trying to configure Apache HTTPD to call out to an OAUTH2 Server I've created but I can't get the old mod to work and I'd love to know where I can get the piece parts to allow the latest version to install. There are some old downloads on the Releases site if you page back to 2.0 but the libcjose0 is not an rpm.
Do I need to retrieve the dependencies from their github and build them? If someone has done this already and posted the assets I'm happy to retrieve them. I'm surprised RHEL 7 repos don't have the latest (or newer) versions of the mod_auth_openidc.
The version issue reported when trying to install cjose is a red herring. Based on this site I found I needed to install jansson-devel to get past the errant warning about versions.
Going here allowed me to retrieve a fairly recent version of cjose-0.5.1-1.el7.centos.x86_64.rpm which installed without complaints once jansson-devel was installed.
I was then able to install mod_auth_openidc-2.4.9-1.el7.x86_64.rpm from the github repo releases
I am now able to start apache httpd with the OIDCRedirectURI entry in httpd.conf
I have a CentOS 7 installation running httpd-2.4.35 and openssl-1.0.2k, but due to vulnerability findings, I need to update OpenSSL to at lease 1.0.2s, preferably u. Unfortunately, I cannot find RPM for these packages, which would make it a lot simpler.
I have tried to upgrade the using the tarball provided by OpenSSL but, although the installation works, httpd still uses Openssl-1.0.2k. It seems that I am not doing all the actions that the RPM installation is doing. Does anyone know if I can find this newer OpenSSL1.0.2 RPM packages somewhere or how to force httpd (installed via RPM) to use another version of OpenSSL?
Thanks!
If you are using OpenSSL 1.0.2k from the RPM package provided by CentOS 7, you are going to receive OpenSSL security updates via yum update until June 2024. Red Hat with RHEL 7, upstream of CentOS 7, is backporting security fixes. This means that there is no rebase to a new version such as 1.0.2s, but 1.0.2k will get a patch added resolving the security flaw. A recently active Red Hat community discussion is covering almost the same topic and referring to the same explanation.
Unfortunately you are not referring to a specific security flaw to provide a specific example. If you would like to know which RPM package fixes CVE-2020-1971, you can visit https://access.redhat.com/security/cve/cve-2020-1971 and figure out there, that errata RHSA-2020:5566 contains the fix, thus RPM package "openssl-1.0.2k-21.el7_9". And if you are e.g. on "openssl-1.0.2k-19.el7" (which can be figured out using e.g. rpm -q openssl), this indeed means you should apply updates using yum update.
How to upgrade apache2.4.9 to latest stable version apache2.4.25?
Ubuntu 12.04 is a Long Term Support release. This means that the version of Apache included with it will continue to receive security updates into 2017. So while you might not have the most recent version installed, security patches are backported to your version. So you shouldn't necessarily be concerned that you don't have the latest.
When making upgrades to a major piece of software like Apache, you risk making your system unstable. One of the main reasons for using a distribution's package management system rather than installing the latest upstream software is that you get a set of packages that have been tested together. If you update one outside of the package management system, you may introduce incompatibilities. This can particularly be a problem if you rely on non-default Apache modules.
If you really need a more recent version of Apache, I'd suggest upgrading to Ubuntu 14.04. If you don't want to do that, you can still get a more recent version by enabling this PPA:
sudo add-apt-repository ppa:ondrej/apache2
sudo apt-get update
sudo apt-get dist-upgrade
Make sure you upgrade your configuration files as well, see [https://httpd.apache.org/docs/trunk/upgrading.html]
I searched the web and found that many people have issues with php7 on Ubuntu 16.04 but I have a slightly different experience.
Problem in short: I upgraded from 12.04 to (first to 14.04) 16.04 and now everything works except Apache2 with PHP7.
The problem: When I create php file like
Hello
<?
echo " World!";
?>
and access it through the browser, the browser renders the "Hello" but not the "World". So basically Apache knows that it's a php file (otherwise the file would be downloaded instead of shown) but doesnt interpret it.
Oh and it doesn't show the php code either (this is what's different in my problem compared to other asked questions).
I had PHP7 installed from a different ppa (ondrej) before but that also didn't work. I completely removed all the packages and PPAs from my sources and now I have only my Ubuntu sources left, I also completely purged all php and apache related packages, including any config under /etc/apache2 and /etc/php. This includes:
php*
php7.0*
libapache2-mod-php7.0
libapache2-mod-php
apache2*
I even removed the apt cache with apt-get clean and apt-get autoclean.
After I purged everything I reinstalled apache and php via
apt install apache2 libapache2-mod-php7.0 php7.0
I checked the mods enabled, php7.0 is enabled, restarted apache, even restarted the whole machine just to be sure but I can't get it to work.
Please don't tell me to reinstall Ubuntu because I want to understand what the problem is instead of just taking the easy way out, also everything else runs fine and I really, really don't want to reinstall all other software again since this is my development machine.
Is there any config file I have overlooked? I mean I completely purged the packages and the configs. /etc/apache2 and /etc/php were properly deleted after the purge.
Oh and also strange: Since the Update I cannot access files without the file extension. Before http://localhost/info would bring me to http://localhost/info.php automatically. Any hints?
I've been trying to set Vagrant up for local development on my machine. I see from Apache's official website that 2.4.7 is the current stable version. And I had no issues installing it on my VPS. But with Vagrant it's a different story. I'm trying with both Base64 and Base32 boxes. This is the command i'm running:
sudo apt-get install -y apache2
It should install apache 2.4.x. But it doesn't. Sometimes it installs version 2.2, sometimes 2.4. This is driving me nuts, since the whole idea of using Vagrant is to have the same Virtual machine replicated everywhere. Any ideas?
Because the Debian based distro (possibly Ubuntu) you're using is still using 2.2.x. Switching to 2.4.x from 2.2.x means all the 3rd party modules they ship have to be upgraded (or at least rebuilt) so they probably haven't made the switch yet.