Apache automatically stops each sunday. Why?
Every sunday at 3 Apache restarts. Problem is: there is a ceritificate on the server with an encrypted private key. Being the password not provided during automatic restart, apache stops and all my websites go down.
I want to stop Apache from restarting every week. How? Here is the apache log at that time. Before [notice] caught SIGTERM, shutting down
there's nothing relevant, if you are wondering...
[Sun Feb 15 03:37:12 2015] [notice] caught SIGTERM, shutting down
[Sun Feb 15 03:37:12 2015] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Sun Feb 15 03:37:13 2015] [error] Init: Unable to read pass phrase [Hint: key introduced or changed before restart?]
[Sun Feb 15 03:37:13 2015] [error] SSL Library Error: 218529960 error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Sun Feb 15 03:37:13 2015] [error] SSL Library Error: 218640442 error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error
[Sun Feb 15 03:37:13 2015] [error] SSL Library Error: 218529960 error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Sun Feb 15 03:37:13 2015] [error] SSL Library Error: 218595386 error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error
[Sun Feb 15 03:37:13 2015] [error] SSL Library Error: 67710980 error:04093004:rsa routines:OLD_RSA_PRIV_DECODE:RSA lib
[Sun Feb 15 03:37:13 2015] [error] SSL Library Error: 218529960 error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Sun Feb 15 03:37:13 2015] [error] SSL Library Error: 218595386 error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error
[Sun Feb 15 11:09:41 2015] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Sun Feb 15 11:09:44 2015] [notice] Digest: generating secret for digest authentication ...
[Sun Feb 15 11:09:44 2015] [notice] Digest: done
[Sun Feb 15 11:09:44 2015] [notice] FastCGI: wrapper mechanism enabled (wrapper: /usr/sbin/suexec)
[Sun Feb 15 11:09:44 2015] [notice] FastCGI: process manager initialized (pid 11309)
[Sun Feb 15 11:09:44 2015] [notice] Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 configured -- resuming normal operations
Additional info:
-
Cron Jobs:
/usr/sbin/raid-check
this is the only cron job that runs at sunday night (1AM), but if i run it manually nothing happens to Apache...
Solution 1:
Probable cause is the postscript in logrotate script. Thats the script that runs after the logrotation. File should be called /etc/logrotate.d/apache2 or /etc/logrotate.d/httpd (depending od distro) and look something like:
/var/log/httpd/*log {
missingok
notifempty
sharedscripts
postrotate
/sbin/service httpd reload > /dev/null 2>/dev/null || true
endscript
}
Relevant part is 'service httpd reload'. One way to solve it is to just remove last 4 lines (from sharedscripts till endscript, including those two). Also, add copytruncate option, so your logrotate script becomes:
/var/log/httpd/*log {
copytruncate
missingok
notifempty
}
copytruncate will eliminate need for apache restart because it will copy the contents of a log file, and then zero it, so file descriptor will remain the same and apache process won't notice any changes.
To test the logrotate, run:
logrotate -f /etc/logrotate.d/httpd
Also, consider setting up private key without password because this is bad practice, and obviously you see it now why :)