The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

are there httpd-devel "security and stability" issues?

Discussion in 'Security' started by jayronc, Apr 16, 2008.

  1. jayronc

    jayronc Member

    Joined:
    Oct 23, 2006
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    i need httpd-devel installed on my dedicated server, it is running WHM. when i requested it be installed this is the response i got.

    From: "SYSTEM ADMIN" <xxxxxx@xxxxxxxx.com>

    This will most likely break your server. I've verified this with WHM and
    Cpanel and it may in fact cause both stability and security issues for the
    server, so I won't be able to install this particular package.

    Regards,

    _______________

    xxxxx
    Systems Administrator

    Is this true? i suspect that i am being given the runaround.
     
    #1 jayronc, Apr 16, 2008
    Last edited: Apr 16, 2008
  2. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,461
    Likes Received:
    22
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    If you are attempting to install an application that cites httpd-devel as a requirement, you can likely install the application using the --nodeps flag to RPM. cPanel installs the Apache headers and development tools when Apache is installed, so the application should already have what it needs to function.

    Which application is requiring this?
     
  3. jayronc

    jayronc Member

    Joined:
    Oct 23, 2006
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    A RubyGem called Passenger http://www.modrails.com

    We have several ruby/rails apps running on this server which are being proxied to mongrel. I have tested Passenger over the last week on 3 other servers and am satisifies with the results and am ready to get these low traffic sites switched to a much lower maintenance setup.

    the headers are required to install the gem. My hosting company has a history of using FUD to keep from having to do requested upgrades, even though it is a fully managed server and they are supposed to help us achieve our goals. Seems like every time we ask for an application they counter with "security and stability issues" the latest being when we asked to have munin installed.

    Everyone i have spoken to who is familiar with apachesaid that the claim was bogus as httpd-devel is just a collection of headers and libs required to compile modules for apache and that it has nothing whatsoecver to do with security OR stability

    So there are no security or stability issues pertaining directly to CPANEL and WHM you are aware of either? other than the obvious ones having to do with the apache module i need to compile.

    Thanks!
     
  4. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,461
    Likes Received:
    22
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    By default, cPanel configures yum to exclude all httpd RPM packages from being installed. This is to prevent conflicts between the contents of those packages and cPanel.

    Give me a few moments to try installing this gem and I'll see if there is way around the httpd-devel requirement.
     
  5. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,461
    Likes Received:
    22
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    The following command successfully installed Passenger on my cPanel 11 test machine:

    Code:
    APXS2=/usr/local/apache/bin/apxs  PATH=$PATH:/usr/local/apache/bin ./bin/passenger-install-apache2-module
    
    I installed from the source tarball. I'm not familiar with Rails or Ruby, so specific questions about those, I cannot help you with, sorry.

    Info about the Apache install:

    Code:
    root@mundane [~/passenger-1.0.1]# /usr/local/apache/bin/httpd -v
    Server version: Apache/2.2.8 (Unix)
    Server built:   Jan 23 2008 07:51:01
    Cpanel::Easy::Apache v3.2.0 rev3691
    
    Your Sys admin should be able to accomplish the above.
     
  6. danimal

    danimal Well-Known Member

    Joined:
    Jul 14, 2003
    Messages:
    79
    Likes Received:
    0
    Trophy Points:
    6
    Kenneth,

    Thank you!

    I was having the same problems. The solution was the APXS variable so that passenger could find the apache headers.

    -Danimal :cool:
     
Loading...

Share This Page