Modify Apache config on MSL Server 2

[TLDuk]

I`m trying to change some setting in the Appache config /etc/httpd/conf/httpd.conf on an MSL server but soon as I save the changes the file gets over written by the original version..

To be fair the config file does state..

#------------------------------------------------------------
# !!DO NOT MODIFY THIS FILE!!
#
# Manual changes will be lost when this file is regenerated.
#
# Copyright (C) 1999-2010 Mitel Networks Corporation
#------------------------------------------------------------

Anyone ever managed to work around this or know a way to make the changes permanent.


If its not broke tweak it..

 

[kwbMitel]

Why would you want to do this is the first question that comes to mind.

**********************************************
What's most important is that you realise ... There is no spoon.

 

[jpruder]

This is all created via template fragments. They would be in etc/e-smith/ likely default-template or something like it. The proper way is to find which fragment has the part you are looking to modify, copy it into the full path under templates-custom and then edit this file. When done, issue the command expand-template /etc/httpd/conf/httpd.conf this will created the file with your modification. This can be undone by deleting the file or copying the original back over and issuing the expand-template command again. The modification will survive an upgrade. You would also likely want to restart httpd-e-smith

 

[TLDuk]

Thanks that great info.. I have made changes in e-smith before for a cron job for an MSL memory leak never occurred to me it could be in their. Thanks a lot.



If its not broke tweak it..

 

[TLDuk]

Why would you want to do this is the first question that comes to mind.

Customers security compliance vendor now considers HTTP OPTION methods as a Medium vulnerability so now they are failing whatever test they have, struggling to get past Mitel 1st line with this as the moment so investigating it myself..

If its not broke tweak it..

 

[kwbMitel]

Thanks for the clarification TLDuk.

I understand that TLS 1.0 is no longer supported in the latest releases and the 2.0 is now the standard.

Unless I'm misunderstanding your meaning.

**********************************************
Any intelligent fool can make things bigger and more complex… It takes a touch of genius – and a lot of courage to move in the opposite direction.

 

[TLDuk]

nothing to do with TSL take a read here might explain it better than I could..

https://developer.mozilla.org/en-US/docs/Web/HTTP/Methods/OPTIONS

Anyway turns out MSL has something called a REST API used for Oauth1.0 and this requires http options for token exchange so it can not be disabled..

If its not broke tweak it..

 

[kwbMitel]

Thanks again.

That's way above my head unfortunately. I'm only self taught IT, Old school telecom tech. I manage quite well but I know my limits.

**********************************************
Any intelligent fool can make things bigger and more complex… It takes a touch of genius – and a lot of courage to move in the opposite direction.

 

[jpruder]

I thought Oauth1 was deprecated

 

[TLDuk]

I thought Oauth1 was deprecated

Sorry it is oauth2.0 its something to do with Oria the HTPP OPTIONS

If its not broke tweak it..

 

[jpruder]

Oauth 1 or 2 is google integration