httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Yehuda Katz <yeh...@ymkatz.net>
Subject Re: [users@httpd] Apache (2.4.26) changing permissions on passwd file?
Date Tue, 11 Jul 2017 16:06:37 GMT
Did you compile Apache yourself or use a package from somewhere?

- Y

Sent from a device with a very small keyboard and hyperactive autocorrect.


On Jul 11, 2017 11:53 AM, "Kevin Miles" <kevin@delgaldo.co.uk> wrote:

I wonder if someone can shed some light on this.

I've been running Apache 2.4.7 on Ubuntu 14.04LTS using a VirtualHost with
a passwd file and all was working fine. I upgraded Apache to 2.4.26 and the
site stopped working. The error being logged is:

[Tue Jul 11 20:58:27.722904 2017] [authn_file:error] [pid 3403]
(13)Permission denied: [client ::1:37626] AH01620: Could not open password
file: /etc/stm/passwd

Sure enough, when I check /etc/stm/passwd its permissions have been changed
from 644 to 600. When I change them back, everything starts working. But
when I reload the system, something sets them back to 600 and it stops
working!

AFAICT it's Apache that is changing the permissions. Audit shows the only
process touching this file is Apache (htpasswd). And if I disable Apache on
start-up and perform a system reload, the permissions are unchanged. Until
I start Apache, when they get flipped back to 600.

On the face of it, Apache 2.4.26 appears to be changing the permissions on
my passwd file to a value that prevents it from using it. I can't see
anything in the Release Notes that indicates this is a feature... Can
anyone tell me why this is happening, and suggest the best solution for
getting this VirtualHost working again?

Thanks.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Mime
View raw message