Bug#652843: Patch

To: "william felipe_welter" <wfelipew@gmail.com>, 652843@bugs.debian.org
Subject: Bug#652843: Patch
From: Stefan Fritsch <sf@sfritsch.de>
Date: Tue, 3 Jan 2012 07:58:30 +0100
Message-id: <[🔎] 201201030758.30702.sf@sfritsch.de>
Reply-to: Stefan Fritsch <sf@sfritsch.de>, 652843@bugs.debian.org
In-reply-to: <CAOhBbokZsF+nU9TQa1z+qKVMA3HP-fwJ8y8Ki5_+0Tz9B7F1YQ@mail.gmail.com>
References: <CAOhBbokZsF+nU9TQa1z+qKVMA3HP-fwJ8y8Ki5_+0Tz9B7F1YQ@mail.gmail.com>

On Thursday 29 December 2011, william felipe_welter wrote:
> There is a simple patch for the initialization script  that resolve
> this issue:
> 
> 173a174
> 
> > 		APACHE_LOG_DIR=$(. $APACHE_ENVVARS && echo $APACHE_LOG_DIR)
> 
> 174a176,182
> 
> > 		if  [ ! -d $APACHE_LOG_DIR ] ; then
> > 		
> > 			log_daemon_msg "Creating Log directory on: 
$APACHE_LOG_DIR"
> > 			"apache2" APACHE_RUN_USER=$(. $APACHE_ENVVARS && echo
> > 			$APACHE_RUN_USER)
> > 			
> > 	                APACHE_RUN_GROUP=$(. $APACHE_ENVVARS && echo
> > 	                $APACHE_RUN_GROUP)
> > 			
> > 			mkdir $APACHE_LOG_DIR;
> > 			chown $APACHE_RUN_USER.$APACHE_RUN_GROUP $APACHE_LOG_DIR;
> > 		
> > 		fi

The log directory doesn't need to be writable by the run user. Apache 
opens the log files as root. And having the directory not writable by 
the run user can be a security feature, also due to the way logrotate 
handles rotation. The directory should get the same permissions that 
the log dir in the package has (root:adm 0750).

And please use unified diff format (i.e. diff -u) for patches, it's 
more readable and robust.

Reply to:

Prev by Date: apache2 is now in git
Next by Date: Bug#620398: solution by setting REFERRALS off
Previous by thread: Re: Planning for 2.3/2.4
Next by thread: Bug#620398: solution by setting REFERRALS off
Index(es):
- Date
- Thread