Package: libapache2-mod-auth-mysql Version: 4.3.9-13 Severity: normal
*** /root/body.txt Hello, We've been using Apache MySQL authentication module (mod_auth_mysql) on many of our web servers for quite sometime now. Since a few days, as the load on one of the 'mod_auth_mysql'-protected resource increased, we noticed HTTP 500 and error messages related to MySQL connection problems. The corresponding MySQL servers correspondingly started to exhibit increasing "Abort_clients" and "Abort_connects" values (SHOW STATUS). After capturing the packets between the Apache and MySQL server, it appeared MySQL dropped connections because of "packets out of order". Further looking at the packet traces showed that the Apache servers issued strange MySQL commands given the TCP/IP connections history, like for example issuing a "QUIT" command rigth after establishing the TCP connection (SYN, SYN/ACK, ACK), which did not really make sense. We thus started to suspect that 'mod_auth_mysql' might not be thread-safe and mixed MySQL sessions with TCP/IP connections. This was consistent with the fact that Apache was installed with the MPM worker threading model (package 'apache2-mpm-worker'). We switched Apache to the non-threaded MPM model, by installing the package 'apache2-mpm-prefork', and all MySQL connection errors (spwaned by Apache MySQL authtentication module) disappeared (along the corresponding HTTP 500 errors). Unless our analysis is wrong, we believe 'mod_auth_mysql' is not thread-safe and should not be allowed to be installed along 'apache2-mpm-worker'. We thus suggest that the 'libapache2-mod-auth-mysql' package specifies 'apache2-mpm-worker' in its "Conflicts:" list AND/OR add the appropriate 'apache2-mpm-...' packges in its "Depends:" list (the same way 'libapache2-mod-php5' does, for example). Thank you very much for considering this bug report. Best regards, Cedric -- System Information: Debian Release: 6.0.7 APT prefers oldstable APT policy: (990, 'oldstable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/1 CPU core) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages libapache2-mod-auth-mysql depends on: ii apache2.2-common 2.2.16-6+squeeze11 Apache HTTP Server common files ii libc6 2.11.3-4 Embedded GNU C Library: Shared lib ii libmysqlclient16 5.1.66-0+squeeze1 MySQL database client library libapache2-mod-auth-mysql recommends no packages. libapache2-mod-auth-mysql suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
