I wonder if someone can shed some light on this.
I've been running Apache 2.4.7 on Ubuntu 14.04LTS using a VirtualHost
with a passwd file and all was working fine. I upgraded Apache to 2.4.26
and the site stopped working. The error being logged is:
[Tue Jul 11 20:58:27.722904 2017] [authn_file:error] [pid 3403]
(13)Permission denied: [client ::1:37626] AH01620: Could not open
password file: /etc/stm/passwd
Sure enough, when I check /etc/stm/passwd its permissions have been
changed from 644 to 600. When I change them back, everything starts
working. But when I reload the system, something sets them back to 600
and it stops working!
AFAICT it's Apache that is changing the permissions. Audit shows the
only process touching this file is Apache (htpasswd). And if I disable
Apache on start-up and perform a system reload, the permissions are
unchanged. Until I start Apache, when they get flipped back to 600.
On the face of it, Apache 2.4.26 appears to be changing the permissions
on my passwd file to a value that prevents it from using it. I can't see
anything in the Release Notes that indicates this is a feature... Can
anyone tell me why this is happening, and suggest the best solution for
getting this VirtualHost working again?
Thanks.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
