Sep 152014
 

Back in April, I upstreamed (that is, reported a bug to Debian) regarding the `nginx-naxsi` packages. The initial bug I upstreamed was about the outdated naxsi version in the naxsi packages. (see this bug in Ubuntu and the related bug in Debian)

The last update on the Debian bug is on September 10, 2014. That update says the following, and was made by Christos Trochalakis:

After discussing it with the fellow maintainers we have decided that it is
better to remove the nginx-naxsi package before jessie is freezed.

Packaging naxsi is not trivial and, unfortunately, none of the maintainers uses
it. That’s the reason nginx-naxsi is not in a good shape and we are not feeling
comfortable to release and support it.

We are sorry for any inconvenience caused.

I asked what the expected timeline was for the packages being dropped. In a response from Christos today, September 15, 2014, it was said:

It ‘ll get merged and released (1.6.1-3) by the end of the month.


In Ubuntu, these changes will likely not make it into 14.10, but future versions of Ubuntu beyond 14.10 (such as 15.04) will likely have this change.

In the PPAs, the naxsi packages will be dropped with stable 1.6.1-3+precise0 +trusty0 +utopic0 and mainline 1.7.4-1+precise0 +trusty0 +utopic0 or will be dropped in later versions if a new point release is made before then.

In Debian, these changes are likely to hit by the end of the month (with 1.6.1-3).

Sep 112014
 

Unlike Debian, Ubuntu seems to not show the changes and not trigger massive notifications when a NEWS article is created in a Debian package. This sometimes lets massive changes slip by, such as the change in the nginx PPAs and Debian prompting this other blog post.

This sometimes prevents users and admins from knowing that major changes that can break functionality are going through. To that end, there is the `apt-listchanges` package. During `upgrade` / `dist-upgrade` updates, it will provide you a full list of the changes in the packages being updated/upgraded. You may install this software with this command:
sudo apt-get update
sudo apt-get install apt-listchanges

Sep 092014
 

Due to changes in NGINX, there are now changes done to the default configurations which will break fastcgi sites.

NGINX in Debian, and as such, the PPAs, were previously shipping different configuration files which differed from NGINX itself. The Debian package has now synced with the nginx configurations upstream, and as such, certain very different changes have happened.

This is the massively-detailed NEWS entry in Debian for these changes:

nginx-common (1.6.1-2) unstable; urgency=medium

As of nginx-1.6.1-2 we have synced all configuration files with upstream and
we plan to keep them in sync from now on.

Unfortunately that might break existing configuration for some users. Please
check the matrix below for more information:

File Changes
———————–
koi-win whitespace
koi-utf whitespace
mime-types whitespace, changed js/rss mime type,
minor other changes & additions
scgi_params whitespace, added HTTPS
uwsgi_params whitespace, added HTTPS, removed UWSGI_SCHEME
fastcgi_params whitespace, removed SCRIPT_FILENAME
fastcgi.conf new upstream configuration file

Fastcgi configuration issues
============================

nginx shipped a modified `fastcgi_params`, which declared `SCRIPT_FILENAME`
fastcgi_param. This line has now been removed. From now on we are also
shipping fastcgi.conf from the upstream repository, which includes a sane
`SCRIPT_FILENAME` parameter value.

So, if you are using fastcgi_params, you can try switching to fastcgi.conf
or manually set the relevant params.

You might also want to read the documentation section before proceeding.

http://nginx.org/en/docs/http/ngx_http_fastcgi_module.html

section: $fastcgi_script_name variable.

You will need to change fastcgi_params to the fastcgi.conf file, or manually set the relevant parameters in your site configs, in order to make things work again.

(This is introduced in the PPAs as 1.6.1-2+precise0 +trusty0 and +utopic0. This is also introduced in the PPAs as 1.7.4-1+precise0 +trusty0 and +utopic0. THis will also be in Ubuntu in versions after 1.6.1-2)