How to diagnose an "AH00111: Config variable is not defined" when the system env var is defined

Question

I am setting up an Apache 2.4.7 server on a Ubuntu 14.04.5 LTS machine, with the intention of replacing another instance. Basically, the new instance is a pristine Ubuntu 14.4 install, with only Apache installed. I have copied and pasted my entire /etc/apache2 folder from the old machine to the new one.

I am getting this error:

AH00111: Config variable ${PORTAL_SERVER} is not defined

There are other questions about this error, such as this one or this one. However, the solutions or answers leave me puzzled because on both machines:

PORTAL_SERVER is defined in /etc/environment
echo $PORTAL_SERVER gives me the expected value
printenv lists the environment variable with the expected value
the contents of /etc/apache2 is exactly the same, in particular, that of /etc/apache2/envvars.

Only, on the new machine, sudo apachectl -V gives me an AH00111 error.

The service gets started, but obviously, not as I wanted it.

sudo apachectl graceful gives me the same message, which feels normal. sudo service apache2 restart does the same.

My question is why doesn't the apache user "see" the environment variable?

EDIT: Here is the entire custom configuration (in a single conf file enabled in sites-enabled), where the ... represent the multiple ProxyPass directives that constitute the rest of the file. The standard Apache configuration files were not edited.

<VirtualHost *:443>
        # This virtual host will answer requests on port 443 (https) for the domain defined hereafter
        # NOTE: The PORTAL_SERVER environment variable is defined in /etc/environment.
        ServerName ${PORTAL_SERVER}

        # Define error page 503 (site under maintenance) : reached when a server doesn't answer ajp requests
        DocumentRoot /var/www
        Alias "/errors" "/var/www/errors"
        <Directory  "/var/www/errors/">
                Options FollowSymLinks MultiViews
                order deny,allow
                allow from all
        </Directory>
        ErrorDocument 503 /errors/error-503.html

        # Redirect https://${PORTAL_SERVER}/ on https://${PORTAL_SERVER}/portal/
        Redirect /index.html https://${PORTAL_SERVER}/portal/

        # Activate SSL and define certificat
        SSLEngine on
        SSLProtocol all
        SSLCertificateFile    /etc/ssl/certs/ssl_certificate.crt
        SSLCertificateKeyFile /etc/ssl/private/ssl_server.key
        SSLCertificateChainFile /etc/ssl/certs/IntermediateCA.crt

        # Configure mod_proxy
        ProxyRequests Off
        ProxyPreserveHost Off
        # Default timeout before ajp requests are considered as timed out
        ProxyTimeout 10

        ...
        ...

</VirtualHost>

Your sudo may have been configured not to pass your environment. — Gerard H. Pille, Feb 02 '18 at 12:25
@GerardH.Pille That was indeed an assumption I made after reading [this page](https://help.ubuntu.com/community/EnvironmentVariables#A.2Fetc.2Fenvironment), which led me to defining the environment variable in the first place. I had checked it by running `sudo visudo` but the files were identical again so I didn't go that path. By adding `Defaults env_keep += "PORTAL_SERVER"` in there following your comment, the warning disappeared from the new server. I'm still puzzled. Please post your comment as an answer and I'll accept it. — AbVog, Feb 02 '18 at 17:17
I do not like to post this as an answer. It helps with the commands you pass through sudo, but what with the normal statrtup of your system on boot. I suppose you wish to start Apache automatically. In that case, your environment en sudo settings will be ignored. See my comment regarding the envvars file. BTW, this isn't Oracle's Portal we're talking about? — Gerard H. Pille, Feb 02 '18 at 18:14

wurtel · Answer 1 · 2018-02-02T13:00:04.323

1

You need to tell apache which system environment variables to import via PassEnv, see https://httpd.apache.org/docs/2.4/mod/mod_env.html#passenv for the documentation.

Basically, put this before using the variable:

PassEnv PORTAL_SERVER

Beware that sudo filters what environment variables get passed through to the command being run, so that may explain why this variable is not seen in apache.

edited Feb 02 '18 at 13:00

answered Feb 02 '18 at 10:34

wurtel

3,806
12
15

This is indeed a good idea. Unfortunately, 1- the AH00111 warning is still there and 2- this directive is not used in the configuration of the current/old server. – AbVog Feb 02 '18 at 11:15
Perhaps it'll helpful to show your config, e.g. in pastebin – wurtel Feb 02 '18 at 11:34
There's an explanation as to why `PassEnv` had no effect. The [Apache documentation](https://httpd.apache.org/docs/2.4/configuring.html#syntax) has this: "Only shell environment variables defined before the server is started can be used in expansions. Environment variables defined in the configuration file itself, for example with SetEnv, take effect too late to be used for expansions in the configuration file." – AbVog Feb 02 '18 at 11:57
If `PORTAL_SERVER` is defined in `/etc/environment` as you say, then it should be available in the server environment when the apache server is started, *if* you use `PassEnv`. – wurtel Feb 02 '18 at 12:04
It is indeed defined in the shell: I can type `echo $PORTAL_SERVER` and see the value. Funny enough, I can even get autocompletion on it using the TAB key. I understand from the quote that env vars handled by mod_env take effect too late. *If* I use `PassEnv` is not correct as it's not used on the current server I'm trying to migrate and the variable is seen by Apache nonetheless; probably a `sudo` config problem. I have added the configuration file to my question. I'll have the server admin escalate to the root account and see whether she has the same warnings when starting the server. – AbVog Feb 02 '18 at 12:20
Ah, you didn't mention sudo before. Sudo has a list of environment variables it is allowed to pass, the rest are cleared. Edit: @Gerard H. Pille makes a good point below – wurtel Feb 02 '18 at 12:29
apachectl itself clears the environment also. There is a file "envvars" in APACHE_CONFDIR, where you can define Apache's environment. – Gerard H. Pille Feb 02 '18 at 12:32
1

@wurtel I quote from OP: "sudo apachectl graceful" ;-) – Gerard H. Pille Feb 02 '18 at 12:33

How to diagnose an "AH00111: Config variable is not defined" when the system env var is defined

1 Answers1