httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 50260] New: apache www-data user doesn't recognize /etc/group entries when separated by commas
Date Fri, 12 Nov 2010 13:14:41 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=50260

           Summary: apache www-data user doesn't recognize /etc/group
                    entries when separated by commas
           Product: Apache httpd-2
           Version: 2.2.12
          Platform: PC
        OS/Version: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: All
        AssignedTo: bugs@httpd.apache.org
        ReportedBy: matpen@dnet.it


Description of the issue
------------------------
1) Website proj initially served by apache correctly
2) While trying to setup a simple ftp+www system, set the permission of all the
files in folder /home/www/proj to 770 ftpuser:ftpgroup. Added apache to
ftpgroup. Thereafter getting 403 forbidden error.

Steps to reproduce
-------------------
1) Set up a normal virtual host for apache. It can also be the default one ("It
works")
2) Change owner & group for the file index.htm (for example ftpuser:ftpgroup)
3) Add the user www-data to ftpgroup and set permissions accordingly (group
must have at least read permission on the file, and read+exec on the folder). I
set 770, for different reasons and testing.
4) Add one user (NOT www-data) to ftpgroup. I added user "matteo" with "sudo
adduser matteo ftpgroup, but this can be done by editing /etc/groups manually.
5) NOW, add www-data to ftpgroup. Since the user www-data is now in the group
"ftpgroup", it can access the files. This can be tested by switching to user
www-data and manually access the directories and files via console.
6) HOWEVER, when connecting via browser to the site, a 403 forbidden error is
issued.

Workaround
-----------------
1) After many experiments I found out that, if www-data is the only member of
ftpgroup, everything works fine.
2) By manually editing the /etc/group file, and adding a user BEFORE www-data,
and separate the usernames with commas, the error is returned.
3) By manually editing the /etc/group file, and adding a user BEFORE www-data,
and separate the usernames with SPACES, everything works fine.

Possible solution
------------------
1) Probably, only the algorithm for parsing the list of group's users has to be
refined to take comma-separated lists into account.

Comments
--------
Thank you in advance for taking care of the bug.


System infos:
-------------
Linux 2.6.31-22-generic-pae
Ubuntu 9.10 Karmic Server edition
Apache/2.2.12 (Ubuntu)

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message