On Thu, May 21, 2015 at 10:51 AM, Root, Paul T <Paul.Root at centurylink.com> wrote:
So really dumb question here. Did you restart apache after removing 4.3.17 and installing 4.3.20?
Yep, few times.
*From:* Xymon [mailto:xymon-bounces at xymon.com] *On Behalf Of *Asif Iqbal *Sent:* Thursday, May 21, 2015 9:47 AM *To:* J.C. Cleaver *Cc:* Xymon Mailing List; Cortes, Manny *Subject:* Re: [Xymon] Need help with upgrade from 4.3.17 to 4.3.20
On Wed, May 20, 2015 at 10:36 PM, J.C. Cleaver <cleaver at terabithia.org> wrote:
On Wed, May 20, 2015 8:10 am, Asif Iqbal wrote:
On Tue, May 19, 2015 at 6:39 PM, J.C. Cleaver <cleaver at terabithia.org> wrote:
On Tue, May 19, 2015 12:04 pm, Asif Iqbal wrote:
On Tue, May 19, 2015 at 2:06 PM, J.C. Cleaver <cleaver at terabithia.org
wrote:
Hmm. So far, the only way I've been able to reproduce this is by replacing the ScriptAlias directives with mere Alias's in the xymon.conf apache config.
I am using the config, as is, that came as xymon-apache.conf with the source 4.3.20
Has there been any change in the path you've used for the CGI directory since the previous version, or is there any chance that another Alias line
xymon and xymon-client debian version 4.3.17 has been removed, so no more xymon in /usr/lib/xymon
On Tue, May 19, 2015 10:37 am, Cortes, Manny wrote:
Having the same problem after installing 4.3.20 on both Ubuntu server 14.04 and 15.04.
Thanks,
Can you send a copy of the previous and current xymon.conf configs?
Here is the current config
/etc/apache2/sites-enabled$ egrep -v "^$|^#" xymon-apache.conf
Alias /xymon/ "/var/lib/xymon/server/www/" <Directory "/var/lib/xymon/server/www"> Options Indexes FollowSymLinks Includes MultiViews <IfModule mod_authz_core.c> # Apache 2.4+ Require all granted </IfModule> <IfModule !mod_authz_core.c> Order deny,allow Allow from all </IfModule> </Directory> ScriptAlias /xymon-cgi/ "/var/lib/xymon/cgi-bin/" <Directory "/var/lib/xymon/cgi-bin"> AllowOverride None Options ExecCGI FollowSymLinks Includes <IfModule mod_authz_core.c> # Apache 2.4+ Require all granted </IfModule> <IfModule !mod_authz_core.c> Order deny,allow Allow from all </IfModule> </Directory> ScriptAlias /xymon-seccgi/ "/var/lib/xymon/cgi-secure/" <Directory "/var/lib/xymon/cgi-secure"> AllowOverride None Options ExecCGI FollowSymLinks Includes <IfModule mod_authz_core.c> # Apache 2.4+ Require all granted </IfModule> <IfModule !mod_authz_core.c> Order deny,allow Allow from all </IfModule> # Password file where users with access to these scripts are kept. # Create it with "htpasswd -c /var/lib/xymon/server/etc/xymonpasswd USERNAME" # Add more users / change passwords with "htpasswd /var/lib/xymon/server/etc/xymonpasswd USERNAME" # # You can also use a group file to restrict admin access to members of a # group, instead of anyone who is logged in. In that case you must setup # the "xymongroups" file, and change the "Require" settings to require # a specific group membership. See the Apache docs for more details. AuthUserFile /var/lib/xymon/server/etc/xymonpasswd AuthGroupFile /var/lib/xymon/server/etc/xymongroups AuthType Basic AuthName "Xymon Administration" # "valid-user" restricts access to anyone who is logged in. Require valid-user # "group admins" restricts access to users who have logged in, AND # are members of the "admins" group in xymongroups. # Require group admins </Directory> RewriteEngine On RewriteRule ^/xymon/bb.html /xymon/xymon.html [R=permanent,L] RewriteRule ^/xymon/bb2.html /xymon/nongreen.html [R=permanent,L] RewriteRule ^/xymon/bbnk.html /xymon/critical.html [R=permanent,L] RewriteRule ^/xymon-cgi/bb-hist.sh /xymon-cgi/history.sh [R=permanent,L] RewriteRule ^/xymon-cgi/bb-eventlog.sh /xymon-cgi/eventlog.sh [R=permanent,L] RewriteRule ^/xymon-cgi/bb-rep.sh /xymon-cgi/report.sh [R=permanent,L] RewriteRule ^/xymon-cgi/bb-replog.sh /xymon-cgi/reportlog.sh [R=permanent,L] RewriteRule ^/xymon-cgi/bb-snapshot.sh /xymon-cgi/snapshot.sh [R=permanent,L] RewriteRule ^/xymon-cgi/bb-findhost.sh /xymon-cgi/findhost.sh [R=permanent,L] RewriteRule ^/xymon-cgi/bb-csvinfo.sh /xymon-cgi/csvinfo.sh [R=permanent,L] RewriteRule ^/xymon-cgi/hobbitcolumn.sh /xymon-cgi/columndoc.sh [R=permanent,L] RewriteRule ^/xymon-cgi/bb-datepage.sh /xymon-cgi/datepage.sh [R=permanent,L] RewriteRule ^/xymon-cgi/hobbitgraph.sh /xymon-cgi/showgraph.sh [R=permanent,L] RewriteRule ^/xymon-cgi/bb-hostsvc.sh /xymon-cgi/svcstatus.sh [R=permanent,L] RewriteRule ^/xymon-cgi/bb-histlog.sh /xymon-cgi/historylog.sh [R=permanent,L] RewriteRule ^/xymon-cgi/hobbit-confreport.sh /xymon-cgi/confreport.sh [R=permanent,L] RewriteRule ^/xymon-cgi/hobbit-confreport-critical.sh /xymon-cgi/confreport-critical.sh [R=permanent,L] RewriteRule ^/xymon-cgi/hobbit-nkview.sh /xymon-cgi/criticalview.sh [R=permanent,L] RewriteRule ^/xymon-cgi/hobbit-certreport.sh /xymon-cgi/certreport.sh [R=permanent,L] RewriteRule ^/xymon-cgi/hobbit-nongreen.sh /xymon-cgi/nongreen.sh [R=permanent,L] RewriteRule ^/xymon-cgi/hobbit-hostgraphs.sh /xymon-cgi/hostgraphs.sh [R=permanent,L] RewriteRule ^/xymon-cgi/hobbit-ghosts.sh /xymon-cgi/ghostlist.sh [R=permanent,L] RewriteRule ^/xymon-cgi/hobbit-notifylog.sh /xymon-cgi/notifications.sh [R=permanent,L] RewriteRule ^/xymon-cgi/hobbit-hostlist.sh /xymon-cgi/hostlist.sh [R=permanent,L] RewriteRule ^/xymon-cgi/hobbit-perfdata.sh /xymon-cgi/perfdata.sh [R=permanent,L] RewriteRule ^/xymon-cgi/hobbit-topchanges.sh /xymon-cgi/topchanges.sh [R=permanent,L] RewriteRule ^/xymon-seccgi/bb-ack.sh /xymon-seccgi/acknowledge.sh [R=permanent,L] RewriteRule ^/xymon-seccgi/hobbit-enadis.sh /xymon-seccgi/enadis.sh [R=permanent,L] RewriteRule ^/xymon-seccgi/hobbit-nkedit.sh /xymon-seccgi/criticaleditor.sh [R=permanent,L] RewriteRule ^/xymon-seccgi/hobbit-ackinfo.sh /xymon-seccgi/ackinfo.sh [R=permanent,L] RewriteRule ^/xymon-seccgi/hobbit-useradm.sh /xymon-seccgi/useradm.sh [R=permanent,L]
I do not have any old config as I removed the old install
I'm really not sure what to make of this. Everything in the apache config looks to be correct; I can't see at all why apache would fail to execute the CGI vs simply sending you the file.
Can you try two experiments?
First, replace one of the .sh files with a symlink (instead of a hard link) to the cgiwrap binary. I'd like to see if we can rule out the hardlink itself being the problem.
I did that and still seeing the same garbage when click a column
/var/lib/xymon/cgi-bin$ ls -al svcstatus.sh
lrwxrwxrwx 1 root root 21 May 21 10:29 svcstatus.sh -> ../server/bin/cgiwrap
So that did not make any difference
Second, can you compare to the xymon-apache.conf with the xymon-apache-secure.conf.DIST file in the build directory to see if there were any unexpected changes?
I see the two files look identical. The conf file was not under build dir.
$ diff -u /etc/apache2/sites-enabled/xymon-apache.conf xymon-4.3.20/xymond/etcfiles/xymon-apache-secure.DIST
--- /etc/apache2/sites-enabled/xymon-apache.conf 2015-05-21 10:25:08.174803811 -0400
+++ xymon-4.3.20/xymond/etcfiles/xymon-apache-secure.DIST 2015-03-13 02:15:38.000000000 -0400
@@ -2,17 +2,17 @@
#
# Add this to your Apache configuration, it makes
# the Xymon webpages and cgi-scripts available in the
-# "/xymon" and "/xymon-cgi" URLs.
+# "@XYMONHOSTURL@" and "@XYMONCGIURL@" URLs.
# NB: The "Alias" line below must NOT be used if you have
# the Xymon webfiles as the root URL. In that case,
# you should instead set this:
#
-# DocumentRoot /var/lib/xymon/server/www
+# DocumentRoot @INSTALLWWWDIR@
-Alias /xymon/ "/var/lib/xymon/server/www/"
-<Directory "/var/lib/xymon/server/www">
+Alias @XYMONHOSTURL@/ "@INSTALLWWWDIR@/"
+<Directory "@INSTALLWWWDIR@">
Options Indexes FollowSymLinks Includes MultiViews
<IfModule mod_authz_core.c>
# Apache 2.4+
@@ -24,9 +24,8 @@
</IfModule>
</Directory>
-ScriptAlias /xymon-cgi/ "/var/lib/xymon/cgi-bin/"
-<Directory "/var/lib/xymon/cgi-bin">
-SetHandler cgi-script
+ScriptAlias @XYMONCGIURL@/ "@CGIDIR@/"
+<Directory "@CGIDIR@">
AllowOverride None
Options ExecCGI FollowSymLinks Includes
<IfModule mod_authz_core.c>
@@ -39,9 +38,8 @@
</IfModule>
</Directory>
-ScriptAlias /xymon-seccgi/ "/var/lib/xymon/cgi-secure/"
-<Directory "/var/lib/xymon/cgi-secure">
-SetHandler cgi-script
+ScriptAlias @SECUREXYMONCGIURL@/ "@SECURECGIDIR@/"
+<Directory "@SECURECGIDIR@">
AllowOverride None
Options ExecCGI FollowSymLinks Includes
<IfModule mod_authz_core.c>
@@ -54,16 +52,16 @@
</IfModule>
# Password file where users with access to these scripts are kept.
- # Create it with "htpasswd -c /var/lib/xymon/server/etc/xymonpasswd USERNAME"
- # Add more users / change passwords with "htpasswd /var/lib/xymon/server/etc/xymonpasswd USERNAME"
+ # Create it with "htpasswd -c @INSTALLETCDIR@/xymonpasswd USERNAME"
+ # Add more users / change passwords with "htpasswd @INSTALLETCDIR@/xymonpasswd USERNAME"
#
# You can also use a group file to restrict admin access to members of a
# group, instead of anyone who is logged in. In that case you must setup
# the "xymongroups" file, and change the "Require" settings to require
# a specific group membership. See the Apache docs for more details.
- AuthUserFile /var/lib/xymon/server/etc/xymonpasswd
- AuthGroupFile /var/lib/xymon/server/etc/xymongroups
+ AuthUserFile @INSTALLETCDIR@/xymonpasswd
+ AuthGroupFile @INSTALLETCDIR@/xymongroups
AuthType Basic
AuthName "Xymon Administration"
@@ -79,37 +77,37 @@
# Rewrite-rules for migrating from the URL's used in Hobbit
RewriteEngine On
-RewriteRule ^/xymon/bb.html /xymon/xymon.html [R=permanent,L]
-RewriteRule ^/xymon/bb2.html /xymon/nongreen.html [R=permanent,L]
-RewriteRule ^/xymon/bbnk.html /xymon/critical.html [R=permanent,L]
-
-RewriteRule ^/xymon-cgi/bb-hist.sh /xymon-cgi/history.sh [R=permanent,L]
-RewriteRule ^/xymon-cgi/bb-eventlog.sh /xymon-cgi/eventlog.sh [R=permanent,L]
-RewriteRule ^/xymon-cgi/bb-rep.sh /xymon-cgi/report.sh [R=permanent,L]
-RewriteRule ^/xymon-cgi/bb-replog.sh /xymon-cgi/reportlog.sh [R=permanent,L]
-RewriteRule ^/xymon-cgi/bb-snapshot.sh /xymon-cgi/snapshot.sh [R=permanent,L]
-RewriteRule ^/xymon-cgi/bb-findhost.sh /xymon-cgi/findhost.sh [R=permanent,L]
-RewriteRule ^/xymon-cgi/bb-csvinfo.sh /xymon-cgi/csvinfo.sh [R=permanent,L]
-RewriteRule ^/xymon-cgi/hobbitcolumn.sh /xymon-cgi/columndoc.sh [R=permanent,L]
-RewriteRule ^/xymon-cgi/bb-datepage.sh /xymon-cgi/datepage.sh [R=permanent,L]
-RewriteRule ^/xymon-cgi/hobbitgraph.sh /xymon-cgi/showgraph.sh [R=permanent,L]
-RewriteRule ^/xymon-cgi/bb-hostsvc.sh /xymon-cgi/svcstatus.sh [R=permanent,L]
-RewriteRule ^/xymon-cgi/bb-histlog.sh /xymon-cgi/historylog.sh [R=permanent,L]
-RewriteRule ^/xymon-cgi/hobbit-confreport.sh /xymon-cgi/confreport.sh [R=permanent,L]
-RewriteRule ^/xymon-cgi/hobbit-confreport-critical.sh /xymon-cgi/confreport-critical.sh [R=permanent,L]
-RewriteRule ^/xymon-cgi/hobbit-nkview.sh /xymon-cgi/criticalview.sh [R=permanent,L]
-RewriteRule ^/xymon-cgi/hobbit-certreport.sh /xymon-cgi/certreport.sh [R=permanent,L]
-RewriteRule ^/xymon-cgi/hobbit-nongreen.sh /xymon-cgi/nongreen.sh [R=permanent,L]
-RewriteRule ^/xymon-cgi/hobbit-hostgraphs.sh /xymon-cgi/hostgraphs.sh [R=permanent,L]
-RewriteRule ^/xymon-cgi/hobbit-ghosts.sh /xymon-cgi/ghostlist.sh [R=permanent,L]
-RewriteRule ^/xymon-cgi/hobbit-notifylog.sh /xymon-cgi/notifications.sh [R=permanent,L]
-RewriteRule ^/xymon-cgi/hobbit-hostlist.sh /xymon-cgi/hostlist.sh [R=permanent,L]
-RewriteRule ^/xymon-cgi/hobbit-perfdata.sh /xymon-cgi/perfdata.sh [R=permanent,L]
-RewriteRule ^/xymon-cgi/hobbit-topchanges.sh /xymon-cgi/topchanges.sh [R=permanent,L]
-
-RewriteRule ^/xymon-seccgi/bb-ack.sh /xymon-seccgi/acknowledge.sh [R=permanent,L]
-RewriteRule ^/xymon-seccgi/hobbit-enadis.sh /xymon-seccgi/enadis.sh [R=permanent,L]
-RewriteRule ^/xymon-seccgi/hobbit-nkedit.sh /xymon-seccgi/criticaleditor.sh [R=permanent,L]
-RewriteRule ^/xymon-seccgi/hobbit-ackinfo.sh /xymon-seccgi/ackinfo.sh [R=permanent,L]
-RewriteRule ^/xymon-seccgi/hobbit-useradm.sh /xymon-seccgi/useradm.sh [R=permanent,L]
+RewriteRule ^@XYMONHOSTURL@/bb.html @XYMONHOSTURL@/xymon.html [R=permanent,L]
+RewriteRule ^@XYMONHOSTURL@/bb2.html @XYMONHOSTURL@/nongreen.html [R=permanent,L]
+RewriteRule ^@XYMONHOSTURL@/bbnk.html @XYMONHOSTURL@/critical.html [R=permanent,L]
+
+RewriteRule ^@XYMONCGIURL@/bb-hist.sh @XYMONCGIURL@/history.sh [R=permanent,L]
+RewriteRule ^@XYMONCGIURL@/bb-eventlog.sh @XYMONCGIURL@/eventlog.sh [R=permanent,L]
+RewriteRule ^@XYMONCGIURL@/bb-rep.sh @XYMONCGIURL@/report.sh [R=permanent,L]
+RewriteRule ^@XYMONCGIURL@/bb-replog.sh @XYMONCGIURL@/reportlog.sh [R=permanent,L]
+RewriteRule ^@XYMONCGIURL@/bb-snapshot.sh @XYMONCGIURL@/snapshot.sh [R=permanent,L]
+RewriteRule ^@XYMONCGIURL@/bb-findhost.sh @XYMONCGIURL@/findhost.sh [R=permanent,L]
+RewriteRule ^@XYMONCGIURL@/bb-csvinfo.sh @XYMONCGIURL@/csvinfo.sh [R=permanent,L]
+RewriteRule ^@XYMONCGIURL@/hobbitcolumn.sh @XYMONCGIURL@/columndoc.sh [R=permanent,L]
+RewriteRule ^@XYMONCGIURL@/bb-datepage.sh @XYMONCGIURL@/datepage.sh [R=permanent,L]
+RewriteRule ^@XYMONCGIURL@/hobbitgraph.sh @XYMONCGIURL@/showgraph.sh [R=permanent,L]
+RewriteRule ^@XYMONCGIURL@/bb-hostsvc.sh @XYMONCGIURL@/svcstatus.sh [R=permanent,L]
+RewriteRule ^@XYMONCGIURL@/bb-histlog.sh @XYMONCGIURL@/historylog.sh [R=permanent,L]
+RewriteRule ^@XYMONCGIURL@/hobbit-confreport.sh @XYMONCGIURL@/confreport.sh [R=permanent,L]
+RewriteRule ^@XYMONCGIURL@/hobbit-confreport-critical.sh @XYMONCGIURL@/confreport-critical.sh [R=permanent,L]
+RewriteRule ^@XYMONCGIURL@/hobbit-nkview.sh @XYMONCGIURL@/criticalview.sh [R=permanent,L]
+RewriteRule ^@XYMONCGIURL@/hobbit-certreport.sh @XYMONCGIURL@/certreport.sh [R=permanent,L]
+RewriteRule ^@XYMONCGIURL@/hobbit-nongreen.sh @XYMONCGIURL@/nongreen.sh [R=permanent,L]
+RewriteRule ^@XYMONCGIURL@/hobbit-hostgraphs.sh @XYMONCGIURL@/hostgraphs.sh [R=permanent,L]
+RewriteRule ^@XYMONCGIURL@/hobbit-ghosts.sh @XYMONCGIURL@/ghostlist.sh [R=permanent,L]
+RewriteRule ^@XYMONCGIURL@/hobbit-notifylog.sh @XYMONCGIURL@/notifications.sh [R=permanent,L]
+RewriteRule ^@XYMONCGIURL@/hobbit-hostlist.sh @XYMONCGIURL@/hostlist.sh [R=permanent,L]
+RewriteRule ^@XYMONCGIURL@/hobbit-perfdata.sh @XYMONCGIURL@/perfdata.sh [R=permanent,L]
+RewriteRule ^@XYMONCGIURL@/hobbit-topchanges.sh @XYMONCGIURL@/topchanges.sh [R=permanent,L]
+
+RewriteRule ^@SECUREXYMONCGIURL@/bb-ack.sh @SECUREXYMONCGIURL@/acknowledge.sh [R=permanent,L]
+RewriteRule ^@SECUREXYMONCGIURL@/hobbit-enadis.sh @SECUREXYMONCGIURL@/enadis.sh [R=permanent,L]
+RewriteRule ^@SECUREXYMONCGIURL@/hobbit-nkedit.sh @SECUREXYMONCGIURL@/criticaleditor.sh [R=permanent,L]
+RewriteRule ^@SECUREXYMONCGIURL@/hobbit-ackinfo.sh @SECUREXYMONCGIURL@/ackinfo.sh [R=permanent,L]
+RewriteRule ^@SECUREXYMONCGIURL@/hobbit-useradm.sh @SECUREXYMONCGIURL@/useradm.sh [R=permanent,L]
Are there any other files in apache's /conf.d/ directory that might be taking precedence here?
Here are the conf files that are active
/etc/apache2/conf-enabled$ ls -al
total 8
drwxr-xr-x 2 root root 4096 May 19 10:27 .
drwxr-xr-x 8 root root 4096 May 19 10:12 ..
lrwxrwxrwx 1 root root 34 May 19 10:14 apache2-doc.conf -> ../conf-available/apache2-doc.conf
lrwxrwxrwx 1 root root 30 May 19 10:12 charset.conf -> ../conf-available/charset.conf
lrwxrwxrwx 1 root root 44 May 19 10:12 localized-error-pages.conf -> ../conf-available/localized-error-pages.conf
lrwxrwxrwx 1 root root 46 May 19 10:12 other-vhosts-access-log.conf -> ../conf-available/other-vhosts-access-log.conf
lrwxrwxrwx 1 root root 31 May 19 10:12 security.conf -> ../conf-available/security.conf
lrwxrwxrwx 1 root root 36 May 19 10:12 serve-cgi-bin.conf -> ../conf-available/serve-cgi-bin.conf
/etc/apache2/conf-enabled$ egrep -v "^$|^#|^ *#" apache2-doc.conf
Alias /manual /usr/share/doc/apache2-doc/manual/
<Directory "/usr/share/doc/apache2-doc/manual/">
Options Indexes FollowSymlinks
AllowOverride None
Require all granted
AddDefaultCharset off
</Directory>
/etc/apache2/conf-enabled$ egrep -v "^$|^#|^ *#" charset.conf
/etc/apache2/conf-enabled$ egrep -v "^$|^#|^ *#" localized-error-pages.conf
/etc/apache2/conf-enabled$ egrep -v "^$|^#|^ *#" other-vhosts-access-log.conf
CustomLog ${APACHE_LOG_DIR}/other_vhosts_access.log vhost_combined
/etc/apache2/conf-enabled$ egrep -v "^$|^#|^ *#" security.conf
ServerTokens OS
ServerSignature On
TraceEnable Off
/etc/apache2/conf-enabled$ egrep -v "^$|^#|^ *#" serve-cgi-bin.conf
<IfModule mod_alias.c>
<IfModule mod_cgi.c>
Define ENABLE_USR_LIB_CGI_BIN
</IfModule>
<IfModule mod_cgid.c>
Define ENABLE_USR_LIB_CGI_BIN
</IfModule>
<IfDefine ENABLE_USR_LIB_CGI_BIN>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Require all granted
</Directory>
</IfDefine>
</IfModule>
/etc/apache2/conf-enabled$
-jc
--
Asif Iqbal PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? This communication is the property of CenturyLink and may contain confidential or privileged information. Unauthorized use of this communication is strictly prohibited and may be unlawful. If you have received this communication in error, please immediately notify the sender by reply e-mail and destroy all copies of the communication and any attachments.
-- Asif Iqbal PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing?