Bug#223902: apache: suexec is built with www instead of www-data as user
Hi Brian,
thanks for reporting. I have the fix ready in CVS. I expect to
upload a new version within today or tomorrow.
Fabio
On Sat, 13 Dec 2003, Brian McGroarty wrote:
> Package: apache
> Version: 1.3.29.0.1-1
> Severity: normal
> Tags: sid
>
> suexec is broken.
>
> /usr/lib/apache/suexec -V reports:
> -D DOC_ROOT="/usr/local/apache/htdocs"
> -D GID_MIN=100
> -D HTTPD_USER="www"
> -D LOG_EXEC="/var/log/apache/cgi.log"
> -D SAFE_PATH="/usr/local/bin:/usr/bin:/bin"
> -D UID_MIN=1000
> -D USERDIR_SUFFIX="public_html"
>
> The HTTPD_USER option should be www-data.
>
> This prevents the su mechanism from properly working, making all
> relevant cgi scripts fail with an internal server error.
>
> /var/log/apache/cgi.log shows for each:
> crit: calling user mismatch (www-data instead of www)
>
>
> -- System Information:
> Debian Release: testing/unstable
> Architecture: i386
> Kernel: Linux eastbits 2.4.23-rc3-djc3-6um #2 Fri Nov 21 22:48:44 EST 2003 i686
> Locale: LANG=C, LC_CTYPE=C
>
> Versions of packages apache depends on:
> ii apache-common 1.3.29.0.1-1 Support files for all Apache webse
> ii debconf 1.3.22 Debian configuration management sy
> ii dpkg 1.10.18 Package maintenance system for Deb
> ii libc6 2.3.2.ds1-10 GNU C Library: Shared libraries an
> ii libdb4.1 4.1.25-10 Berkeley v4.1 Database Libraries [
> ii libexpat1 1.95.6-6 XML parsing C library - runtime li
> ii libmagic1 4.06-1 File type determination library us
> ii libpam0g 0.76-14 Pluggable Authentication Modules l
> ii logrotate 3.6.5-2 Log rotation utility
> ii mime-support 3.23-1 MIME files 'mime.types' & 'mailcap
> ii perl [perl5] 5.8.2-2 Larry Wall's Practical Extraction
>
> -- debconf information:
> * apache/server-name: www.skittlebrau.org
> * apache/document-root: /var/www
> * apache/server-port: 80
> * apache/enable-suexec: true
> * apache/init: true
> * apache/server-admin: webmaster@skittlebrau.org
>
>
>
>
--
Our mission: make IPv6 the default IP protocol
"We are on a mission from God" - Elwood Blues
http://www.itojun.org/paper/itojun-nanog-200210-ipv6isp/mgp00004.html
Reply to: