[Bug 1170586] Re: [SRU] Naxsi package lacking Stub Status
s novotny
sarah.novotny at gmail.com
Sun Feb 2 13:31:56 UTC 2014
Hi Robie and Thomas,
the team says that we also build our .deb packages with the 'stub
status' module enabled. we don't expect any issues with regressions
after enabling the module for ubuntu.
--
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1170586
Title:
[SRU] Naxsi package lacking Stub Status
Status in “nginx” package in Ubuntu:
Fix Released
Status in “nginx” source package in Precise:
Triaged
Bug description:
[Impact]
nginx-naxsi is missing the stub_status module, which in some
deployments is necessary for production environments. This module is
also listed in the nginx-naxsi description, however it is not enabled
as would be expected, since the module is listed in the description
for the nginx-naxsi package.
---
[Test Case]
Create a site configuration file for nginx in /etc/nginx/sites-enabled
containing the following:
server {
listen 127.0.0.1;
server_name localhost;
location / {
try_files $uri $uri/ =403;
}
location /nginx_status {
stub_status on;
access_log off;
allow 127.0.0.1;
deny all;
}
}
After creating this configuration file, restart the nginx process or issue the reload command using one of the following commands (you do NOT need to do both, only one of them):
$ sudo service nginx restart
$ sudo service nginx reload
With the version in Ubuntu now, before this SRU, you should see something like so for an error stating that it failed the configuration test:
$ sudo service nginx restart
Restarting nginx: nginx: [emerg] unknown directive "stub_status" in /etc/nginx/sites-enabled/localhost:10
nginx: configuration file /etc/nginx/nginx.conf test failed
With the version created by including the attached debdiff, you will
be able to start nginx with the same configuration file and not run
into any errors.
When navigating to http://localhost/nginx_status with this debdiff,
you will also see something like this, which is expected output:
Active connections: 2
server accepts handled requests
2 2 1
Reading: 1 Writing: 1 Waiting: 0
---
[Regression Potential]
There is no new code introduced here, only one module that should've
been enabled, but was not being enabled in the package. There is
almost no regression potential by enabling this module.
---
[Original Bug Description]
Hi,
The nginx-naxsi package provided in Ubuntu 12.04 LTS lacks the Stub
Status module which somehow mandatory in production environment. Plus,
if Ubuntu follows Debian philosophy regarding those packages, it is
supposed to be shipped with in Debian: http://wiki.debian.org/Nginx.
Current nginx -V: # nginx -V
nginx version: nginx/1.1.19
TLS SNI support enabled
configure arguments: --prefix=/etc/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-client-body-temp-path=/var/lib/nginx/body --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-log-path=/var/log/nginx/access.log --http-proxy-temp-path=/var/lib/nginx/proxy --http-scgi-temp-path=/var/lib/nginx/scgi --http-uwsgi-temp-path=/var/lib/nginx/uwsgi --lock-path=/var/lock/nginx.lock --pid-path=/var/run/nginx.pid --with-http_ssl_module --without-mail_pop3_module --without-mail_smtp_module --without-mail_imap_module --without-http_uwsgi_module --without-http_scgi_module --with-ipv6 --add-module=/build/buildd/nginx-1.1.19/debian/modules/nginx-upstream-fair --add-module=/build/buildd/nginx-1.1.19/debian/modules/nginx-cache-purge --add-module=/build/buildd/nginx-1.1.19/debian/modules/naxsi/naxsi_src
Regards,
P. Schweitzer
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/1170586/+subscriptions
More information about the Ubuntu-sponsors
mailing list