How to diagnose an "AH00111: Config variable is not defined" when the system env var is defined

apache-2.4 ubuntu-14.04

5,174

You need to tell apache which system environment variables to import via PassEnv, see https://httpd.apache.org/docs/2.4/mod/mod_env.html#passenv for the documentation.

Basically, put this before using the variable:

PassEnv PORTAL_SERVER

Beware that sudo filters what environment variables get passed through to the command being run, so that may explain why this variable is not seen in apache.

5,174

AbVog

Updated on September 18, 2022

Comments

AbVog almost 2 years
I am setting up an Apache 2.4.7 server on a Ubuntu 14.04.5 LTS machine, with the intention of replacing another instance. Basically, the new instance is a pristine Ubuntu 14.4 install, with only Apache installed. I have copied and pasted my entire /etc/apache2 folder from the old machine to the new one.

I am getting this error:

AH00111: Config variable ${PORTAL_SERVER} is not defined

There are other questions about this error, such as this one or this one. However, the solutions or answers leave me puzzled because on both machines:
- PORTAL_SERVER is defined in /etc/environment
- echo $PORTAL_SERVER gives me the expected value
- printenv lists the environment variable with the expected value
- the contents of /etc/apache2 is exactly the same, in particular, that of /etc/apache2/envvars.
Only, on the new machine, sudo apachectl -V gives me an AH00111 error.

The service gets started, but obviously, not as I wanted it.

sudo apachectl graceful gives me the same message, which feels normal. sudo service apache2 restart does the same.

My question is why doesn't the apache user "see" the environment variable?

EDIT: Here is the entire custom configuration (in a single conf file enabled in sites-enabled), where the ... represent the multiple ProxyPass directives that constitute the rest of the file. The standard Apache configuration files were not edited.
```
<VirtualHost *:443>
        # This virtual host will answer requests on port 443 (https) for the domain defined hereafter
        # NOTE: The PORTAL_SERVER environment variable is defined in /etc/environment.
        ServerName ${PORTAL_SERVER}

        # Define error page 503 (site under maintenance) : reached when a server doesn't answer ajp requests
        DocumentRoot /var/www
        Alias "/errors" "/var/www/errors"
        <Directory  "/var/www/errors/">
                Options FollowSymLinks MultiViews
                order deny,allow
                allow from all
        </Directory>
        ErrorDocument 503 /errors/error-503.html

        # Redirect https://${PORTAL_SERVER}/ on https://${PORTAL_SERVER}/portal/
        Redirect /index.html https://${PORTAL_SERVER}/portal/

        # Activate SSL and define certificat
        SSLEngine on
        SSLProtocol all
        SSLCertificateFile    /etc/ssl/certs/ssl_certificate.crt
        SSLCertificateKeyFile /etc/ssl/private/ssl_server.key
        SSLCertificateChainFile /etc/ssl/certs/IntermediateCA.crt

        # Configure mod_proxy
        ProxyRequests Off
        ProxyPreserveHost Off
        # Default timeout before ajp requests are considered as timed out
        ProxyTimeout 10

        ...
        ...

</VirtualHost>
```
- Gerard H. Pille over 6 years
  
  Your sudo may have been configured not to pass your environment.
- AbVog over 6 years
  
  @GerardH.Pille That was indeed an assumption I made after reading this page, which led me to defining the environment variable in the first place. I had checked it by running sudo visudo but the files were identical again so I didn't go that path. By adding Defaults env_keep += "PORTAL_SERVER" in there following your comment, the warning disappeared from the new server. I'm still puzzled. Please post your comment as an answer and I'll accept it.
wurtel over 6 years

Perhaps it'll helpful to show your config, e.g. in pastebin
AbVog over 6 years

There's an explanation as to why PassEnv had no effect. The Apache documentation has this: "Only shell environment variables defined before the server is started can be used in expansions. Environment variables defined in the configuration file itself, for example with SetEnv, take effect too late to be used for expansions in the configuration file."
wurtel over 6 years

If PORTAL_SERVER is defined in /etc/environment as you say, then it should be available in the server environment when the apache server is started, if you use PassEnv.
AbVog over 6 years

It is indeed defined in the shell: I can type echo $PORTAL_SERVER and see the value. Funny enough, I can even get autocompletion on it using the TAB key. I understand from the quote that env vars handled by mod_env take effect too late. If I use PassEnv is not correct as it's not used on the current server I'm trying to migrate and the variable is seen by Apache nonetheless; probably a sudo config problem. I have added the configuration file to my question. I'll have the server admin escalate to the root account and see whether she has the same warnings when starting the server.
wurtel over 6 years

Ah, you didn't mention sudo before. Sudo has a list of environment variables it is allowed to pass, the rest are cleared. Edit: @Gerard H. Pille makes a good point below
Gerard H. Pille over 6 years

apachectl itself clears the environment also. There is a file "envvars" in APACHE_CONFDIR, where you can define Apache's environment.