Bug#423436: unsuitable file-permission/-ownership for DAV-lockfile

To: submit@bugs.debian.org
Subject: Bug#423436: unsuitable file-permission/-ownership for DAV-lockfile
From: Achim Seufert <achim.seufert@googlemail.com>
Date: Fri, 11 May 2007 22:07:36 +0200
Message-id: <[🔎] 4644CD08.9030203@googlemail.com>
Reply-to: achim.seufert@googlemail.com, 423436@bugs.debian.org

Package: apache2
Version: 2.2.3-4

Hi there,

I've stumbled upon a problem when activating Apache's DAV-module which
is availabe with the apache2-base-package.

After enabling the dav-module using "a2enmod dav" and setting up a usual
DAV-directory everything seemed to work fine.
Files could be viewed and downloaded from the DAV-directory.
However, write-access wasn't possible. (Strange error messages came up
when trying to upload a file.)

I found out that the module-configuration ("dav_fs.conf") located in
/etc/apache2/mods-enabled had the following entry:

     DAVLockDB /var/lock/apache2/DAVLock

That "DAVLock"-file in /var/lock/apache2 was owned exclusively by
"root:root".

     -rw-r--r-- 1 root root 12288 2007-05-10 15:02 DAVLock

Since the Apache2-server is run by "www-data" a more suitable ownership
and/or different file access permission should be applied.

Changing the above to

     -rw-rw-r-- 1 root www-data 12288 2007-05-10 15:02 DAVLock

worked just fine.

I'm using Debian 4.0 (Etch); Kernel 2.6.18-4-686.

Thanks a lot and keep on maintaining such a wonderful system like Debian!

Achim

Reply to:

Prev by Date: Processed: bug 235653 is forwarded to http://issues.apache.org/bugzilla/show_bug.cgi?id=18712
Next by Date: libapache-mod-perl-doc 1.29.0.2-5cvs20040129 MIGRATED to testing
Previous by thread: Processed: bug 235653 is forwarded to http://issues.apache.org/bugzilla/show_bug.cgi?id=18712
Next by thread: libapache-mod-perl-doc 1.29.0.2-5cvs20040129 MIGRATED to testing
Index(es):
- Date
- Thread