Bug#503069: marked as done (mod_rewrite bug with file-system path as substitution)
Your message dated Mon, 08 Nov 2010 11:33:31 +0100 with message-id f8a8e3d82ef05100229a380c54b95...@mail.fgv6.net and subject line Works for me now has caused the Debian Bug report #503069, regarding mod_rewrite bug with file-system path as substitution to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 503069: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503069 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: apache2-mpm-worker Version: 2.2.3-4+etch5 Severity: important According to http://httpd.apache.org/docs/2.2/mod/mod_rewrite.html#rewriterule http://httpd.apache.org/docs/2.2/mod/mod_rewrite.html#rewriterule : The Substitution of a rewrite rule is the string that replaces the original URL-path that was matched by Pattern. The Substitution may be a: [...] *file-system path* Designates the location on the file-system of the resource to be delivered to the client. URL-path A DocumentRoot-relative path to the resource to be served. *Note that mod_rewrite tries to guess whether you have specified a file-system path or a URL-path by checking to see if the first segment of the path exists at the root of the file-system.* For example, if you specify a Substitution string of /www/file.html, then this will be treated as a URL-path unless a directory named www exists at the root or your file-system, in which case it will be treated as a file-system path. If you wish other URL-mapping directives (such as Alias) to be applied to the resulting URL-path, use the [PT] flag as described below. [...] TEST CASE: 1. In apache2.conf, add the following section FilesMatch \.test$ Options FollowSymLinks RewriteEngine On RewriteRule ^(.*)$ $1.gz [L,PT] /FilesMatch 2. touch DocumentRoot/bar.test.gz 3. Access http://localhost/bar.test http://localhost/foo ACTUAL RESULT: You get an error page The requested URL DocumentRoot/bar.test.gz was not found on this server., because the substitution gets interpreted as URL relative to DocumentRoot For example, if the document root is /var/www/example/ you'll find in the error log File does not exist: /var/www/example/var EXPECTED: The file DocumentRoot/bar.test.gz should be served. A similar bug has already be filed on Ubuntu's bugtracking by someone else here : https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/174282 I guess it is related but the bug has been closed because it lacks the information we need to investigate the problem. By advance, thanks. François. ---End Message--- ---BeginMessage--- Hi, Adding a / does the magic! But better : it works even without the / now! What happened? Has the bug been silently fixed? Did I drink too much? Was it a special case that I can't reproduce... Anyway, works for me now... Regards, François. ---End Message---
Re: /etc/apache2/conf.d/security default for the release after lenny
On Friday 05 November 2010, Teodor MICU wrote: I've noticed that this paragraph is still a comment in the default conf.d/security file: # This currently breaks the configurations that come with some web application # Debian packages. It will be made the default for the release after lenny. # #Directory / # AllowOverride None # Order Deny,Allow # Deny from all #/Directory Are there any plans to enable this for squeeze? I know that I've manually removed the # for my own installs and it didn't had any side effects. No, the comment is outdated. I forgot that I put such a definite statement about squeeze in there. The reason I have not changed it is that I am no longer so sure it would be a good idea: Webapps that ship their files in some directory outside of /var/www would have to have an Allow from all snippet in their configuration to work by default. Now, if the admin doesn't want allow from all but e.g. allow from 192.168.0.0/24, he would have to change many distinct configuration sections, which is a pain. If there is another update for apache2 in squeeze, I will change the comment. Thanks for bringing this to my attention. Cheers, Stefan -- To UNSUBSCRIBE, email to debian-apache-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201011082117.50301...@sfritsch.de
Processed: your mail
Processing commands for cont...@bugs.debian.org: submitter 582153 jul...@debian.org Bug #582153 [debian-maintainers] debian-maintainers: Annual ping Changed Bug submitter to 'jul...@debian.org' from 'jul...@kirya.net' submitter 586585 jul...@debian.org Bug #586585 [gnome-control-center] gnome-control-center: gnome-mouse-properties touchpad scrolling issues Changed Bug submitter to 'jul...@debian.org' from 'jul...@kirya.net' submitter 532669 jul...@debian.org Bug #532669 [gnome-session-canberra] gnome-session-canberra: desktop-{login,logout} files not present Changed Bug submitter to 'jul...@debian.org' from 'Julien Valroff jul...@kirya.net' submitter 408377 jul...@debian.org Bug #408377 [rhythmbox] rhythmbox: Please allow rb to open the last read songs after shutting down Bug #295688 [rhythmbox] rhythmbox could save state between sessions Changed Bug submitter to 'jul...@debian.org' from 'Julien Valroff jul...@kirya.net' submitter 600954 jul...@debian.org Bug #600954 [debian-keyring] debian-keyring: Please add debian-maintainers.gpg to README Changed Bug submitter to 'jul...@debian.org' from 'jul...@kirya.net' submitter 576398 jul...@debian.org Bug #576398 {Done: Laurent Bigonville bi...@debian.org} [empathy] empathy: No means to configure or clear conversation history Changed Bug submitter to 'jul...@debian.org' from 'Julien Valroff jul...@kirya.net' submitter 555129 jul...@debian.org Bug #555129 [apache2-suexec] Should not set document root to /var/www - violates the FHS Changed Bug submitter to 'jul...@debian.org' from 'jul...@kirya.net' submitter 515901 jul...@debian.org Bug #515901 [evolution] evolution: Resent-To header not taken into account in sent items view Changed Bug submitter to 'jul...@debian.org' from 'Julien Valroff jul...@kirya.net' submitter 564252 jul...@debian.org Bug #564252 [grub-pc] grub-pc: non blocking error no such disk Changed Bug submitter to 'jul...@debian.org' from 'jul...@kirya.net' submitter 592398 jul...@debian.org Bug #592398 [rhythmbox-plugins] rhythmbox-plugins: Please add the Radio Browser plugin Changed Bug submitter to 'jul...@debian.org' from 'jul...@kirya.net' submitter 420992 jul...@debian.org Bug #420992 [nautilus] evolution: Desktop icon much too small Changed Bug submitter to 'jul...@debian.org' from 'Julien Valroff jul...@kirya.net' submitter 522604 jul...@debian.org Bug #522604 [hpijs] hpijs: Cannot print borderless on 4x6 paper anymore Changed Bug submitter to 'jul...@debian.org' from 'Julien Valroff jul...@kirya.net' submitter 539183 jul...@debian.org Bug #539183 {Done: Julien Valroff jul...@kirya.net} [wnpp] ITP: rapid-photo-downloader -- Photo downloader (importer) from cameras, memory cards other devices Changed Bug submitter to 'jul...@debian.org' from 'Julien Valroff jul...@kirya.net' submitter 516080 jul...@debian.org Bug #516080 [gnome-control-center] gnome-control-center: Sound preferences greyed out Changed Bug submitter to 'jul...@debian.org' from 'Julien Valroff jul...@kirya.net' submitter 413217 jul...@debian.org Bug #413217 [rhythmbox] rhythmbox: Cannot burn audio cd from play queue Changed Bug submitter to 'jul...@debian.org' from 'jul...@kirya.net' submitter 584768 jul...@debian.org Bug #584768 [timidity-daemon] timidity-daemon: Doesn't start as timidity user Changed Bug submitter to 'jul...@debian.org' from 'jul...@kirya.net' submitter 518909 jul...@debian.org Bug #518909 {Done: Julien Cristau jcris...@debian.org} [compiz] compiz: Fails to build from source: config.status: error: po/Makefile.in.in was not created by intltoolize. Changed Bug submitter to 'jul...@debian.org' from 'Julien Valroff jul...@kirya.net' submitter 516081 jul...@debian.org Bug #516081 [libesd-alsa0] esound: System sounds not working with libesd-alsa0 Changed Bug submitter to 'jul...@debian.org' from 'Julien Valroff jul...@kirya.net' submitter 506246 jul...@debian.org Bug #506246 [vlogger] vlogger: Sometimes fails to retrieve vhost name with lighttpd Changed Bug submitter to 'jul...@debian.org' from 'Julien Valroff jul...@kirya.net' submitter 600754 jul...@debian.org Bug #600754 {Done: Mehdi Dogguy me...@dogguy.org} [release.debian.org] unblock: phpldapadmin/1.2.0.5-2 Changed Bug submitter to 'jul...@debian.org' from 'jul...@kirya.net' submitter 539579 jul...@debian.org Bug #539579 [pulseaudio] alsa-utils: Master channel muted after each boot Bug #544237 [pulseaudio] pulseaudio: Muted after boot Changed Bug submitter to 'jul...@debian.org' from 'Julien Valroff jul...@kirya.net' submitter 549541 jul...@debian.org Bug #549541 [network-manager-gnome] network-manager-gnome: nm-applet icon not shown after login Changed Bug submitter to 'jul...@debian.org' from 'jul...@kirya.net' submitter 516471 jul...@debian.org Bug #516471 [gnome-volume-manager] gnome-volume-manager: Memory Stick Duo cards not detected Changed Bug submitter to 'jul...@debian.org' from 'Julien Valroff jul...@kirya.net' submitter 563401 jul...@debian.org