The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Daily httpd restart changes AllowOverride None to All in httpd.conf

Discussion in 'General Discussion' started by Lasers, Feb 26, 2007.

  1. Lasers

    Lasers Registered

    Joined:
    Sep 1, 2006
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    How do I disable the daily changes to httpd.conf? All occurrences of "AllowOverride None" are changed to "AllowOverride All" allowing use of .htaccess and increasing disk activity, which I don't want.

    I've only noticed this occurring recently. I tried disabling all WHM updates to no avail. Tried making httpd.conf read-only by chmodding it to 0400, it automatically was made writable.
     
  2. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,458
    Likes Received:
    22
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    which version of cPanel?
     
  3. Lasers

    Lasers Registered

    Joined:
    Sep 1, 2006
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    WHM 10.8.0 cPanel 10.9.0-C138
     
  4. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,458
    Likes Received:
    22
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    When /scripts/upcp runs, it executes /scripts/checkallowoverride, unfortunately there is no (official) way to disable it. However you can do:

    Code:
    mv /scripts/checkallowoverride /scripts/.checkallowoverride
    touch /scripts/checkallowoverride
    chattr +x /scripts/checkallowoverride
    
    Which will prevent it from happening. I'll see what can be done to make the application of checkallowoverride configurable. It's probably a legacy thing that someone requested long ago. It likely still serves a useful purpose for some, but should at least be configurable (meaning: run or don't run this script).
     
  5. Lasers

    Lasers Registered

    Joined:
    Sep 1, 2006
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    Thanks for being specific in your reply. However...

    chattr +x /scripts/checkallowoverride

    Returned "usage: chattr [-RV] [-+=AacDdijsSu] [-v version] files...". So, did a "chmod 0755 /scripts/checkallowoverride", which is the same value as /scripts/.checkallowoverride. I assume that has the same effect, making the file executable.
     
  6. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,458
    Likes Received:
    22
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    Yeah, it means I typed to fast and didn't double-check. Sorry, it's supposed to be:
    Code:
    chattr +i /scripts/checkallowoverride
    
    The idea is to make it immutable (unchangeable).
     
  7. Lasers

    Lasers Registered

    Joined:
    Sep 1, 2006
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    It's alright. Thanks for the clarification. Good that I noticed the chmod difference.
     
  8. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,458
    Likes Received:
    22
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    The idea is to make the file unchangeable, since the next time /scripts/upcp runs, that file will be replaced since it no longer matches the integrity check. Hence the use of chattr +i to make it unchangeable.

    A question for you, if you will. I checked /scripts/checkallowoverride and it's only supposed to change the AllowOverride directive when it finds the following:

    Code:
    <Directory />
    AllowOverride None
    # more directives
    </Directory>
    
    The key is the <Directory /> If the file path in the opening Directory statement is merely a slash (and only a slash), then the AllowOverride checks are performed (and possible changing your directive to All). If the AllowOverride statement is not in a Directory block, nor is merely a slash, the AllowOverride statement is skipped.

    If the AllowOverride statement(s) in your httpd.conf do not match those two stipulations, and they are changed, would you mind posting those portions of httpd.conf here (or PM them to me) so I coudl examine them (feel free to appropriately sanitize them)? Thank you.
     
Loading...

Share This Page