Apache: The Definitive Guide, 3rd Edition by Ben Laurie, Peter Laurie The unconfirmed error reports are from readers. They have not yet been approved or disproved by the author or editor and represent solely the opinion of the reader. Here's a key to the markup: [page-number]: serious technical mistake {page-number}: minor technical mistake : important language/formatting problem (page-number): language change or minor formatting problem ?page-number?: reader question or request for clarification This page was updated May 13, 2008. UNCONFIRMED errors and comments from readers: [46] The "Running Apache Under Unix" section; The following error prevented me from running apache: "no listening sockets available, shutting down Unable to open logs" To fix it I had to add "Listen 80" to the httpd.conf file, not in the book. {95} Near the middle; I'm sure the problem is my own fault. Just so you know I'm running Apache 1.3.37. I understand that when the book was published that latest stable version of Apache at that time was 1.3.26. On page 95 we're told to type 'go 1' as soon as I do I get the error 'Syntax error on line 7 of /usr/www/APACHE3/site.dynamic/conf/httpd1.conf: Invalid command 'VirtualDocumentRoot', ... I checked, and the files I'm using are the ones i downloaded from O'REIllY. The google research I did suggested that I need Apache 1.3.7 to properly run mod_vhost_alias.. I'm just a little confused. Do i need to upgrade to 1.3.7? and if so how, or did i miss something earlier in the book (which is most likely the case). [101] throughout; The book does not explain the difference between AuthAuthoritative, AuthDBAuthoritative, and AuthDBMAuthoritative. In fact, it uses the exact same text to describe each of the three directives, including one that mentions "regardless of the AuthAuthoritative setting" for each of the three, rather than varying that to be "regardless of the setting". [103] "require" section; The book does not explain what "directory" and ".htaccess" options do for the require directive. Additionally, under file-group, you mention "The block that protects .../cgi-bin", but there is no such block in the site.authent/conf/httpd1.conf file being discussed at the time. Instead, that block is in httpd.conf, which is never mentioned in the chapter. [106] "The Config File"; This section suddenly uses two new directives, AuthDigestDomain and AuthDigestFile, without explaining what they are. The previous section implied that AuthUserFile and AuthGroupFile were always required when AuthType was used, but that's clearly not the case. [106] "The Config File"; The example in both print and electronic form uses the following directive: AuthDigestFile /usr/www/APACHE3/ok_digest/digest_users However, this file does not exist. The actual file is /usr/www/APACHE3/ok_digest/sales {353} First paragraph; The log excerpt saying "[error] malformed header from script. Bad header=suexec running: /home/peter/public_html/badcgi.cgi" is not caused by suEXEC determining that "rm /usr/www/victim/victim1" is unsafe but because it determines that peter doesn't own the cgi-program or directory that contains it or some other of the 20 steps it performs before executing a program. Had suEXEC decided to execute the program the web-page returned would simply contain "Content-type: text/plain" and two linebreaks. The error-log would contain an error message from rm saying it tried but couldn't remove /usr/www/victim/victim1. Our conclusions are based on experiments with Apache 2.0.47, but we believe it applies to Apache 1.3 as well. (486) The top half of the page; In the Apache 1.3 module structure, aHandlers is used for the Handler list. But then in the Apache 2.0 RegisterHooks function, the argument to the ap_hook_handler() function is RevealHandler, but there is no element with a value of RevealHandler in the Apache 1.3 module structure. (Every other function argument for the functions in RegisterHooks has a correspnding value in the 1.3 module structure.) (496-497) Second half of page 496 onto top code section on page 497; In the Apache 1.3 module structure, aHandlers is used for the Handler list. But then in the Apache 2.0 RegisterHooks function, the argument to the ap_hook_handler() function is RevealHandler, but there is no element with a value of RevealHandler in the Apache 1.3 module structure. (Every other function argument for the functions in RegisterHooks has a correspnding value in the 1.3 module structure.) [513-514] "Regular Expression Functions"; Type of Error: Sin of Omission. The "Regular Expression Functions" sub-section of "Appendix: The Apache API" fails to document the complete Apache regular expression API, claiming that "only the functions that allocate memory are wrapped by Apache API functions." The following two functions can both be found in main/util.c, and size_t ap_regerror(int errocde, const regex_t *preg, char *errbug, size_t errbuf_size) int ap_regexec(const regex_t *preg, const char *string, size_t nmatch, regmatch_t pmatch[], int eflags) ap_regexec in particular is used in modules/standard/mod_alias.c, modules/standard/mod_include.c, modules/standard/mod_rewrite.c, and modules/standard/mod_setenvif.c, and is worthy of mention. A cursory find/grep seems to show that ap_regerror is never actually used in Apache's source code.