Apache, SSL recent updates

Top Page
This message is part of the following thread:
M+\the complete thread tree sorted by date
MMMMike Starke at <-
Tony Wasson at ->
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: Bill Jonas
Date:  
Subject: Apache, SSL recent updates
--n8BV0TfTmv8nl9Pc
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Tue, Nov 05, 2002 at 04:28:27PM -0000, Miles Beck wrote:
> When doing apt-get to update apache and ssl because of some recently
> fixed security issues will the present configurtaion files for apache
> be overwritten when I upgrade and do the install?

No. dpkg handles config files intelligently. (Keep in mind that
apt-get is just a front-end for dpkg.) If the package maintainer's
version of the config file hasn't changed since the last time a package
was installed, nothing is done. If the packaged config file *has*
changed, the config file on the system will be replaced if *it* hasn't
been changed. Otherwise, if you've modified the config file and the
package maintainer's version has changed, it will ask you if you want to
replace your config file with a newer version, giving you options of
yes, no, give me a diff of the old and new config files, and give me a
shell and let me work things out myself (IIRC). If you say yes, your
existing config file is saved as filename.cfg.dpkg-old and the new one
is installed as filename.cfg. If you say no, don't replace it,
filename.cfg is left as-is and the maintainer's version is installed as
filename.cfg.dpkg-new.

> Whats the best way to make sure your configuration of apache still works =
after
> doing an update. Or is that not an issue?

Well, the updated version should just be a drop-in replacement, since
fixes are backported to the Debian version rather than the stable
version being updated with a newer version of a package. If you want to
test, though, I'd do things like check http and https, any virtualhosts
you've defined, run CGI scripts (especially those in non-standard (i.e.,
not /usr/lib/cgi-bin) places), etc. That sort of thing. Think about
what your site(s) do(es), and simply try to access that functionality. 

--=20
Bill Jonas    *        *    http://www.billjonas.com/
"They that can give up  essential  liberty to obtain a little temporary
safety deserve neither liberty nor safety."        -- Benjamin Franklin


--n8BV0TfTmv8nl9Pc
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQE9x//jdmHcUxFvDL0RAlDbAKCYubq+GpNhPRlXAx236YEkgC4xTwCgjTtN
xUA/CA4Po3ZlOxrQBkjXMhU=
=Fi4c
-----END PGP SIGNATURE-----

--n8BV0TfTmv8nl9Pc--

This message was posted to the following mailing lists:
Plug Discuss
Mailing List Info | Nearby Messages		<-Apache, SSL recent updatesAccessing Outlook from RedHat->
Some Mailing List Archive administrated by UnconfiguredLurker (version 2.3)