apache24 and pkg check --recompute
Rafal Lukawiecki
raf at rafal.net
Thu Feb 15 11:35:59 UTC 2018
> On 14 Feb 2018, at 23:18, Dave Horsfall <dave at horsfall.org> wrote:
>
> On Wed, 14 Feb 2018, Rafal Lukawiecki wrote:
>
>> apache24-2.4.29: missing file /usr/local/www/apache24/cgi-bin/printenv
>> apache24-2.4.29: missing file /usr/local/www/apache24/cgi-bin/test-cgi
>> apache24-2.4.29: missing file /usr/local/www/apache24/error/HTTP_BAD_GATEWAY.html.var
>
> Was there some reason to remove those files?
Thanks for helping me, Dave. There were several reasons in this case. First of all, our entire /usr/local/www is managed by another, in-house application, which is in charge of the web heads running my company online presence. Having that Apache “default” web site in there meant we had to start managing it, too—and so adding to the management burden of something unnecessary in our case. Secondly, it feels wrong to carry any web site code that performs no useful function on our servers. Lastly, having that default web site in there extends the attack surface unnecessarily.
Having removed this default web site, I wonder how to make pkg check --recompute (or another utility) stop complaining about the missing files in the daily security report. Am I wrong in thinking that --recompute is supposed to reset what is considered “valid" in terms of pkg database?
Any idea why this has just started happening—we have been running without those files for a year, but the reports only started about a month ago.
Is this the best place to ask this question, or should I post elsewhere—many thanks for your kind suggestions, which are much appreciated.
Regards from Ireland,
Rafal
More information about the freebsd-ports
mailing list