LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 08-29-2011, 07:18 PM   #1
Zippy1970
Member
 
Registered: Sep 2007
Posts: 117

Rep: Reputation: 17
Question Updating Apache2 on Debian Etch


I'm running a production webserver on Debian Etch. I have never done a dist-upgrade simply because I'm afraid of doing so and because the server is otherwise running incredibly stable.

Anyway, I saw a security advisory today for Apache2. I'm currently running 2.2.3 so I would really like to upgrade to the latest stable version with the vulnerability - as mentioned in the advisory - patched.

Problem is, I don't know how.

My thought was to download the 2.2.19 sources (the latest stable version) and compile it on my system. Then somehow patch it. But again, I really wouldn't know if that's the way to go.

Could someone please advise how I can get the latest stable and patched version of apache2 running on my Etch system?

Thanks in advance.
 
Old 08-29-2011, 08:51 PM   #2
jlinkels
Senior Member
 
Registered: Oct 2003
Location: Bonaire
Distribution: Debian Lenny/Squeeze/Wheezy/Sid
Posts: 4,103

Rep: Reputation: 494Reputation: 494Reputation: 494Reputation: 494Reputation: 494
You won't be happy with this answer.

I seriously warn against upgrading your Etch system to the current stable (Squeeze) when you are not sitting next to your server. As a matter of fact last weekend I did a kernel upgrade from Etch to Squeeze on my server (in my room!) and never mind any trick to set a default in Grub it wouldn't work. Instead, at boot, I was asked to "press a key to continue". Whatever caused this, you don't want to happen this on a server 2 hours driving away from you.

Then about compiling a new Apache version from source: you have a fair chance that too many dependencies fail. Nice libraries like libc6-dev or so where all packages on your system depend upon. Etch is simply too old.

My favorite way for such a fundamental upgrade on a production machine is to install a new machine with the current version of Debian, get the old system's package list with dpkg --get-selections and install those packages on the new computer. Since you are running a server packages exclude complications like sound and video drivers, so you could prepare a new hard disk at home on arbitrary hardware, and then drive down to tje coloc and swap the hard disk. Be prepared for quite some manual tuning of config files though.

Another option is to clone your server to a machine at home, do the dist-upgrades at home, and swap those hard drives when finished.

jlinkels
 
1 members found this post helpful.
Old 08-30-2011, 04:28 AM   #3
Zippy1970
Member
 
Registered: Sep 2007
Posts: 117

Original Poster
Rep: Reputation: 17
First of all, thank you for your answer.

Quote:
Originally Posted by jlinkels View Post
I seriously warn against upgrading your Etch system to the current stable (Squeeze) when you are not sitting next to your server. As a matter of fact last weekend I did a kernel upgrade from Etch to Squeeze on my server (in my room!) and never mind any trick to set a default in Grub it wouldn't work. Instead, at boot, I was asked to "press a key to continue". Whatever caused this, you don't want to happen this on a server 2 hours driving away from you.
Which is exactly the reason I haven't tried it yet. Although I could handle the "press any key to continue" since I built this server with remote KVM. I could even make BIOS changes remotely if I wanted to. Even so, there are many things that could happen that can't be solved with just a few key presses...

Quote:
Then about compiling a new Apache version from source: you have a fair chance that too many dependencies fail. Nice libraries like libc6-dev or so where all packages on your system depend upon. Etch is simply too old.
I was afraid of that.

Quote:
Another option is to clone your server to a machine at home, do the dist-upgrades at home, and swap those hard drives when finished.
I actually tried creating a clone for use in a VM but have been unsuccessful so far.

I'm trying to avoid building a second server (it's not really money well spent). If the hardware was at the end of its life I wouldn't mind building a new server but its still more than sufficient for what I use it for (Core 2 Duo E6750, 2GB, 2x160GB HDD (RAID 1) as main storage, 500GB HDD for in-system backups, Remote KVM, Remote ON/OFF, built-in 5 Gb switch, etc). Also, Etch is running rock stable but as you said, it's getting too old and security is becoming a concern.

Last edited by Zippy1970; 08-30-2011 at 04:30 AM.
 
Old 08-30-2011, 05:42 AM   #4
jlinkels
Senior Member
 
Registered: Oct 2003
Location: Bonaire
Distribution: Debian Lenny/Squeeze/Wheezy/Sid
Posts: 4,103

Rep: Reputation: 494Reputation: 494Reputation: 494Reputation: 494Reputation: 494
Quote:
Originally Posted by Zippy1970 View Post
I'm trying to avoid building a second server (it's not really money well spent). If the hardware was at the end of its life I wouldn't mind building a new server but its still more than sufficient for what I use it for (Core 2 Duo E6750, 2GB, 2x160GB HDD (RAID 1) as main storage, 500GB HDD for in-system backups, Remote KVM, Remote ON/OFF, built-in 5 Gb switch, etc). Also, Etch is running rock stable but as you said, it's getting too old and security is becoming a concern.
What I proposed was to put a new hard disk in a temporary machine at home and make at home a clone of your server. Then take out the disk and bring it to your production server.

I have no experience with cloning into a VM image. But ordinary cloning is as easy as setting up the partitions on the empty disk, mount them in a running system and perform rsync. Once done chroot into the copied system and install grub. In your case you would have to create a RAID1 array out of that afterwards (also at home). That used to be easy in Etch and Lenny, but I haven't tried it yet in Squeeze. The difference is grub2.

You are right not wanting to replace the server hardware, but maybe just replacing the disks is an option for you.

jlinkels
 
  


Reply

Tags
apache2, etch, security


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Apache2 on Debian Etch not working finferflu Linux - Server 28 02-24-2011 05:03 AM
Setting up Python 2.5 on Apache2 in Debian Etch michux Linux - Server 3 09-10-2008 10:21 AM
Apache2 issue in Debian etch. Hammad101 Linux - Server 1 09-10-2008 08:15 AM
Subversion server with Apache2 on Debian Etch indienick Linux - Server 1 09-02-2008 11:03 AM
Apache2 and CGI problem on Debian Etch jwaters504 Linux - Server 2 09-19-2007 08:28 PM


All times are GMT -5. The time now is 03:30 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration