Mass cleansing of Apache module POLA violations

Miroslav Lachman 000.fbsd at quip.cz
Mon Jun 2 19:33:36 UTC 2014


Mark Felder wrote:
> Hi all,
>
> Thanks for maintaining Apache and friends.
>
> I have a request. With my sysadmin hat on, I find maintaining Apache on
> FreeBSD to be the most frustrating Apache experience on the planet. Some
> Apache modules insert LoadModule into your httpd.conf automatically,
> some insert with it commented out (#LoadModule), and some tell you in
> pkg-message what you need to do to activate the module. The
> inconsistency here is embarrassing.
>
> Can we please stop trying to outsmart the sysadmin?
>
> - I do *NOT* want every installed Apache module automatically activated
> on every server. That's bloat and potential security hole. I might not
> actually need it activated.
> - I do *NOT* want pkg automatically manipulating my httpd.conf. It puts
> entries in the wrong spot, sometimes under custom comment sections where
> other LoadModules live.
> - I do *NOT* want pkg and Apache to outsmart me and break my systems.
> - I *do* want kind, helpful instructions in pkg-message or perhaps
> samples that aren't loaded by default waiting for me in
> %%ETCDIR%%/modules.d/

+1

I wrote about this problem more than 16 months ago - without any change :(
It is not only about Apache, this problem is in more ports.

http://lists.freebsd.org/pipermail/freebsd-ports/2013-January/080320.html

Miroslav Lachman


More information about the freebsd-apache mailing list