httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Darryl Philip Baker <>
Subject RE: [users@httpd] Apache (2.4.26) changing permissions on passed file?
Date Tue, 11 Jul 2017 15:56:03 GMT
Is the file owned by the user running Apache?

Darryl Baker

-----Original Message-----
From: Kevin Miles [] 
Sent: July 11, 2017 10:54 AM
Subject: [users@httpd] Apache (2.4.26) changing permissions on passwd file?

I wonder if someone can shed some light on this.

I've been running Apache 2.4.7 on Ubuntu 14.04LTS using a VirtualHost with a passwd file and
all was working fine. I upgraded Apache to 2.4.26 and the site stopped working. The error
being logged is:

[Tue Jul 11 20:58:27.722904 2017] [authn_file:error] [pid 3403] (13)Permission denied: [client
::1:37626] AH01620: Could not open password file: /etc/stm/passwd

Sure enough, when I check /etc/stm/passwd its permissions have been changed from 644 to 600.
When I change them back, everything starts working. But when I reload the system, something
sets them back to 600 and it stops working!

AFAICT it's Apache that is changing the permissions. Audit shows the only process touching
this file is Apache (htpasswd). And if I disable Apache on start-up and perform a system reload,
the permissions are unchanged. Until I start Apache, when they get flipped back to 600.

On the face of it, Apache 2.4.26 appears to be changing the permissions on my passwd file
to a value that prevents it from using it. I can't see anything in the Release Notes that
indicates this is a feature... Can anyone tell me why this is happening, and suggest the best
solution for getting this VirtualHost working again?


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message