httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kevin Miles <>
Subject [users@httpd] Re: Apache (2.4.26) changing permissions on passwd file?
Date Thu, 13 Jul 2017 08:47:38 GMT
Thanks Jacob and Eric. Switching to 2.4.27 resolved the problem.


On 11/07/2017 16:53, Kevin Miles wrote:
> I wonder if someone can shed some light on this.
> I've been running Apache 2.4.7 on Ubuntu 14.04LTS using a VirtualHost 
> with a passwd file and all was working fine. I upgraded Apache to 2.4.26 
> and the site stopped working. The error being logged is:
> [Tue Jul 11 20:58:27.722904 2017] [authn_file:error] [pid 3403] 
> (13)Permission denied: [client ::1:37626] AH01620: Could not open 
> password file: /etc/stm/passwd
> Sure enough, when I check /etc/stm/passwd its permissions have been 
> changed from 644 to 600. When I change them back, everything starts 
> working. But when I reload the system, something sets them back to 600 
> and it stops working!
> AFAICT it's Apache that is changing the permissions. Audit shows the 
> only process touching this file is Apache (htpasswd). And if I disable 
> Apache on start-up and perform a system reload, the permissions are 
> unchanged. Until I start Apache, when they get flipped back to 600.
> On the face of it, Apache 2.4.26 appears to be changing the permissions 
> on my passwd file to a value that prevents it from using it. I can't see 
> anything in the Release Notes that indicates this is a feature... Can 
> anyone tell me why this is happening, and suggest the best solution for 
> getting this VirtualHost working again?
> Thanks.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message