httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kevin Miles <>
Subject [users@httpd] Apache (2.4.26) changing permissions on passwd file?
Date Tue, 11 Jul 2017 15:53:48 GMT
I wonder if someone can shed some light on this.

I've been running Apache 2.4.7 on Ubuntu 14.04LTS using a VirtualHost 
with a passwd file and all was working fine. I upgraded Apache to 2.4.26 
and the site stopped working. The error being logged is:

[Tue Jul 11 20:58:27.722904 2017] [authn_file:error] [pid 3403] 
(13)Permission denied: [client ::1:37626] AH01620: Could not open 
password file: /etc/stm/passwd

Sure enough, when I check /etc/stm/passwd its permissions have been 
changed from 644 to 600. When I change them back, everything starts 
working. But when I reload the system, something sets them back to 600 
and it stops working!

AFAICT it's Apache that is changing the permissions. Audit shows the 
only process touching this file is Apache (htpasswd). And if I disable 
Apache on start-up and perform a system reload, the permissions are 
unchanged. Until I start Apache, when they get flipped back to 600.

On the face of it, Apache 2.4.26 appears to be changing the permissions 
on my passwd file to a value that prevents it from using it. I can't see 
anything in the Release Notes that indicates this is a feature... Can 
anyone tell me why this is happening, and suggest the best solution for 
getting this VirtualHost working again?


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message