On Thursday 29 December 2011, william felipe_welter wrote:
> There is a simple patch for the initialization script that resolve
> this issue:
>
> 173a174
>
> > APACHE_LOG_DIR=$(. $APACHE_ENVVARS && echo $APACHE_LOG_DIR)
>
> 174a176,182
>
> > if [ ! -d $APACHE_LOG_DIR ] ; then
> >
> > log_daemon_msg "Creating Log directory on:
$APACHE_LOG_DIR"
> > "apache2" APACHE_RUN_USER=$(. $APACHE_ENVVARS && echo
> > $APACHE_RUN_USER)
> >
> > APACHE_RUN_GROUP=$(. $APACHE_ENVVARS && echo
> > $APACHE_RUN_GROUP)
> >
> > mkdir $APACHE_LOG_DIR;
> > chown $APACHE_RUN_USER.$APACHE_RUN_GROUP
> > $APACHE_LOG_DIR;
> >
> > fi
The log directory doesn't need to be writable by the run user. Apache
opens the log files as root. And having the directory not writable by
the run user can be a security feature, also due to the way logrotate
handles rotation. The directory should get the same permissions that
the log dir in the package has (root:adm 0750).
And please use unified diff format (i.e. diff -u) for patches, it's
more readable and robust.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
