** Description changed:
+ SRU information:
+ ================
+
+ [Impact]
+ This bug stems from web dav modifying files to have permissions 600 instead
of the standard 644. When this happens , it is impossible for Apache to then go
serve out the pages. This basically makes the webdav unusable and makes a nasty
crond chmod script necessary.
+
+ [Development Fix]
+ First fixed upstream, then brought down as part of apache 2.2.15-3
+
+ [Stable Fix]
+ see attached '99-fix-mod-dav-permissions.dpatch'
+
+ [Test Case]
+ 1) Download the original archive from
http://archive.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.14.orig.tar.gz
and build with "./configure --enable-dav-fs=shared --enable-dav-lock=shared
--enable-dav=shared".
+ This should result in a mod_dav_fs.so library in modules/dav/fs/.libs. Place
such a shared library in /usr/lib/apache/modules as a replacement for the one
already there.
+ 2) Set up a DAV location like so:
+ <IfModule dav_fs_module>
+
+ <Location "/test">
+
+ DAV on
+
+ </Location>
+
+ </IfModule>
+ 3) Use "cadaver" to connect to your server and PUT a file in location "test".
The idea is that the permissions come out as 0600 for the standard Lucid
installation and 0644 for the vanilla Apache module.
+
+ [Regression Potential]
+ Low. This has patch has already been applied upstream and is in use by
however many 10.10, 11.04, and 11.10 users. The compiled LTS pachage has also
tested by someone that is experiencing the original problem.
+
+ ================
+ Original report:
+ ================
+
+
Binary package hint: apache2
I am a Git pull/push through Apache https user, and I also use the file-
based protocol. Recently I noticed that the Git repository was filled
with objects of permission -rw------ belonging to www-data, the Apache
server username. After further digging, this is not Git's problem, but
possibly mod_dav_fs's. In fact, any file transferred with a DAV "PUT"
command results in said 0600 permissions.
Although this is arguably a feature of Ubuntu, I found that the behavior
differs from a standard Apache server. To reproduce:
1) Download the original archive from
http://archive.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.14.orig.tar.gz
and build with "./configure --enable-dav-fs=shared --enable-dav-lock=shared
--enable-dav=shared".
This should result in a mod_dav_fs.so library in modules/dav/fs/.libs. Place
such a shared library in /usr/lib/apache/modules as a replacement for the one
already there.
2) Set up a DAV location like so:
- <IfModule dav_fs_module>
+ <IfModule dav_fs_module>
- <Location "/test">
+ <Location "/test">
- DAV on
+ DAV on
- </Location>
+ </Location>
</IfModule>
3) Use "cadaver" to connect to your server and PUT a file in location "test".
The idea is that the permissions come out as 0600 for the standard Lucid
installation and 0644 for the vanilla Apache module.
Further evidence supporting the idea that the problem arises from Ubuntu
packaging is the rather extensive modifications to mod_dav_fs code in
the diff found at
http://archive.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.14-5ubuntu3.diff.gz.
Thank you for your attention!
-Roy
** Changed in: oem-priority/lucid
Status: Triaged => In Progress
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to apache2 in Ubuntu.
https://bugs.launchpad.net/bugs/540747
Title:
Apache Web DAV incorrect permissions
To manage notifications about this bug go to:
https://bugs.launchpad.net/oem-priority/+bug/540747/+subscriptions
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
