https://issues.apache.org/bugzilla/show_bug.cgi?id=50260
Summary: apache www-data user doesn't recognize /etc/group
entries when separated by commas
Product: Apache httpd-2
Version: 2.2.12
Platform: PC
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: All
AssignedTo: [email protected]
ReportedBy: [email protected]
Description of the issue
------------------------
1) Website proj initially served by apache correctly
2) While trying to setup a simple ftp+www system, set the permission of all the
files in folder /home/www/proj to 770 ftpuser:ftpgroup. Added apache to
ftpgroup. Thereafter getting 403 forbidden error.
Steps to reproduce
-------------------
1) Set up a normal virtual host for apache. It can also be the default one ("It
works")
2) Change owner & group for the file index.htm (for example ftpuser:ftpgroup)
3) Add the user www-data to ftpgroup and set permissions accordingly (group
must have at least read permission on the file, and read+exec on the folder). I
set 770, for different reasons and testing.
4) Add one user (NOT www-data) to ftpgroup. I added user "matteo" with "sudo
adduser matteo ftpgroup, but this can be done by editing /etc/groups manually.
5) NOW, add www-data to ftpgroup. Since the user www-data is now in the group
"ftpgroup", it can access the files. This can be tested by switching to user
www-data and manually access the directories and files via console.
6) HOWEVER, when connecting via browser to the site, a 403 forbidden error is
issued.
Workaround
-----------------
1) After many experiments I found out that, if www-data is the only member of
ftpgroup, everything works fine.
2) By manually editing the /etc/group file, and adding a user BEFORE www-data,
and separate the usernames with commas, the error is returned.
3) By manually editing the /etc/group file, and adding a user BEFORE www-data,
and separate the usernames with SPACES, everything works fine.
Possible solution
------------------
1) Probably, only the algorithm for parsing the list of group's users has to be
refined to take comma-separated lists into account.
Comments
--------
Thank you in advance for taking care of the bug.
System infos:
-------------
Linux 2.6.31-22-generic-pae
Ubuntu 9.10 Karmic Server edition
Apache/2.2.12 (Ubuntu)
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
