Apache 2.2 + LDAP authentication

Since Apache version 2.2, the LDAP authentication module is no longer called auth_ldap, but rather authnz_ldap. During a migration of an Apache 2.0 to Apache 2.2, I ran into some problems which caused a failure to start Apache.

It seems that the configuration directive AuthLDAPAuthoritative has been renamed to AuthzLDAPAuthoritative, so you will have to replace these in your Apache config(s) - "sed" is your friend.

After replacing every occurrence of "AuthLDAPAuthoritative" in the Apache configuration files, I was able to start Apache, but there still seemed to be another issue. Pointing my browser to any of the vhosts with LDAP authentication enabled returned an internal server error (500). The Apache error log showed this:




Ever tried setting up netconsole under Linux, but never received anything from the kernel log on the machine configured as target in the netconsole module?

Check the kernel.printk setting in sysctl. For me, the following values seem to fix netconsole:
kernel.printk = 7 4 1 7



Syslog-NG: Number of allowed concurrent connections exceeded

When I moved from syslog to syslog-ng on my laptop running Fedora 7, I noticed a lot of these warnings in /var/log/messages:

Jul 10 09:29:34 speedy syslog-ng[2272]: Number of allowed concurrent connections exceeded; num='10', max='10'

Increasing the maximum number of connections for the Unix stream that reads /dev/log seemed to fixed this problem:



Changing the maximum number of open file descriptors

On Linux, there is a global and per-user limit of open file descriptors (read: maximum number of open files). The global limit is distribution and kernel specific, the per-user limit is set to 1024 by default. However, some applications, like Lotus Domino, Oracle, ... require to have more than 1024 open files.

Global limit

The current global limit can be checked with:
cat /proc/sys/fs/file-max

To change the global limit, you can do:
echo 65536 > /proc/sys/fs/file-max

Unfortunately, if you set the limit with the above command, it will not be saved after a reboot. To change this parameter at every boot, you have to add this to /etc/sysctl.conf:
fs.file-max = 65536




Subscribe to RSS - Linux