#1000627 apache2: missing dependency setting

Package:
apache2
Source:
apache2
Description:
Apache HTTP Server
Submitter:
westlake
Date:
2025-06-06 05:27:01 UTC
Severity:
important
Tags:
#1000627#5
Date:
2021-11-26 02:03:11 UTC
From:
To:
apache2 can fail to start if the user defines a specific interface.

the workaround meanwhile is to add "network-online.target" to the
systemd unit.

The issue noticeably occurs when the user decides to use
"systemd-networkd" for the configuration rather than
/etc/network/interfaces.

A bugreport was initially provided to systemd explaining the problem in
greater detail, however a lead maintainer replied that the bug is to be
forwarded to the server package in question.
  -- a copy of this original bugreport to systemd/systemd-networkd is 
here for further referencing:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1000510

A server should not fail to "start" just because it is using a specific
interface.

I attempted to provide the suggestion for systemd/systemd-networkd
maintainers to give a policy of having "network-online.target" for
server programs but I was told that the issue is the specific
server-package in question. (only two server packages that I use often
have this problem, openssh-server and apache2)

journalctl -xe -u [package]  -- shows nothing revealing than ".. failed
to bind to address x.x.x.x". "networkctl" -- all shows green
highlighting --- the .network definitions are all correct.

the problem seems to me the systemd policy of having
network-online.target as a practice for server unit files is not
enforced enough..

though the traditional ifup-networking scripts doesn't have this issue
afaict.

.. it happens more often when the user opts not to be using the default
networking.service and instead go with the newer systemd-networkd method
for bringing up interfaces during the bootup.

the user here is not at fault, and should be allowed to set specific
interfaces for the apache2 and ssh service.

(fwiw, -- prior setting up the workaround, both ssh and apache2 servers
will both exhibit the same binding-interface error, as shown in
journalctl.

However when starting these services manually: such as,
systemctl start apache2.service, and
systemctl start ssh.service

there is no problem at all starting these up

The interfaces are set at the system-level.  There is no
dbus-triggered/Desktop-login interface settings.

The problem is systemd++network-online.target not set in the unit files.

Systemd and Server package maintainers should enforce a better policy so
that simple changes do not affect the ability to start the service.
)
(this bugreport is getting cc'd to the ssh package -- as the problem
also exists with that package)
thanks

#1000627#10
Date:
2021-11-26 04:50:11 UTC
From:
To:
Le 26/11/2021 à 03:03, westlake a écrit :

Hi,

I've no talent in systemd, how can I do that? With:

  Wants=network-online.target
  After=network-online.target

in debian/apache*.service?

#1000627#15
Date:
2022-06-03 21:53:50 UTC
From:
To:
Binding to a specific interface is not the default Apache or OpenSSH
configuration.

It can thus be argued that if the bug reporter want's to run such a
configuration he can easily create a corresponding drop-in via
systemctl edit apache2.service
or
systemctl edit ssh.service

containing

[Unit]
Wants=network-online.target
After=network-online.target


I'd like to refer to https://systemd.io/NETWORK_ONLINE/ as well.
Especially to "Should network-online.target be used?" which suggest
better and more robust options then using network-online.target

Regards,
Michael

#1000627#20
Date:
2022-12-02 21:33:18 UTC
From:
To:
Hi
https://bz.apache.org/bugzilla/show_bug.cgi?id=58725
This seems to have already been implemented, at least in 2.5/trunk:
https://httpd.apache.org/docs/trunk/mod/mpm_common.html#listen

Since this bug only occurs when the user specifies an IP address to listen on, our default config is not affected AFAIU.
So the easiest way to fix this bug is to wait and maybe add a comment before the default 'Listen' directives to add the freebind option when changing the 'Listen' to a specific IP address.
This can only be done once we package a release containing that option, though.

In the meantime the only workaround seems to be to wait for the network-online.target but since this is not necessary for the stock config, I don’t really want to do that.

#1000627#27
Date:
2025-06-06 04:42:52 UTC
From:
To:
The network-online.target is not an ideal solution, see

https://github.com/eclipse-mosquitto/mosquitto/issues/2878