Package: apt-cacher Version: 0.9.1 Severity: normal When a client uses a debian server that is not configured in the allowed_locations config directive, then with debug=0 one has no chance to diagnose the reason for the 403. And even with debug=1, all you find in the logfile is:
Wed May 18 09:36:45 2005|127.0.0.1|debug: Sorry, not allowed to access this location. Ask your system administrator. I'd suggest making this a bit friendlier to the system administrator who will be reading this. Something like Host ftp.de.debian.org is not configured in the allowed_locations directive, access denied. It would not hurt anybody to both write this into the debuglog *and* send it out to the client. Possible patch appended. Thanks, -- andreas --- /usr/share/apt-cacher/apt-cacher.pl~ 2005-05-18 10:01:01.000000000 +0200 +++ /usr/share/apt-cacher/apt-cacher.pl 2005-05-18 10:07:20.000000000 +0200 @@ -391,13 +391,18 @@ my $is_incomplete = 0; # Is the file contents complete? if(defined($config{allowed_locations})) { - goto badguy if ("$host$uri" =~ /\.\./); - for(split(/,/,$config{allowed_locations})) { - goto location_allowed if ("$host$uri" =~ /^$_/); + my $mess; + if ("$host$uri" =~ /\.\./){ + $mess = "'..' contained in URL"; + } else { + for(split(/,/,$config{allowed_locations})) { + goto location_allowed if ("$host$uri" =~ /^$_/); + } + $mess = "Host '$host' is not configured in the allowed_locations directive"; } badguy: - debug_message("Sorry, not allowed to access this location. Ask your system administrator."); - write_to_server("Status: 403 Forbidden. Not allowed to access this location.\n\n"); + debug_message("$mess; access denied"); + write_to_server("Status: 403 Forbidden.\n\n$mess.\n\n"); exit(4); } location_allowed: __END_OF_PATCH__ -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.11.7 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Versions of packages apt-cacher depends on: ii apache [httpd-cgi] 1.3.33-6 versatile, high-performance HTTP s ii apache-perl [httpd-cgi] 1.3.33-6 versatile, high-performance HTTP s ii curl 7.13.2-2 Get a file from an HTTP, HTTPS, FT ii perl 5.8.4-8 Larry Wall's Practical Extraction -- no debconf information -- Dr. Andreas J Koenig . Development CELLULAR GmbH Schmiedehof 15 . 10965 Berlin . Germany Alsterufer 1 . 20354 Hamburg . Germany Phone +49.30.89 06 86 33 . Fax +49.30.89 06 86 55 Email [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]