[Bug 540747] Re: Apache Web DAV incorrect permissions

James M. Leddy 540747 at bugs.launchpad.net
Wed Jan 4 21:11:32 UTC 2012 

** Description changed:

+ SRU information:
+ ================
+ 
+ [Impact]
+ This bug stems from web dav modifying files to have permissions 600 instead of the standard 644. When this happens , it is impossible for Apache to then go serve out the pages. This basically makes the webdav unusable and makes a nasty crond chmod script necessary.
+ 
+ [Development Fix]
+ First fixed upstream, then brought down as part of apache 2.2.15-3
+ 
+ [Stable Fix]
+ see attached '99-fix-mod-dav-permissions.dpatch'
+ 
+ [Test Case]
+ 1) Download the original archive from http://archive.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.14.orig.tar.gz and build with "./configure --enable-dav-fs=shared --enable-dav-lock=shared --enable-dav=shared".
+ This should result in a mod_dav_fs.so library in modules/dav/fs/.libs. Place such a shared library in /usr/lib/apache/modules as a replacement for the one already there.
+ 2) Set up a DAV location like so:
+  <IfModule dav_fs_module>
+ 
+     <Location "/test">
+ 
+         DAV on
+ 
+     </Location>
+ 
+ </IfModule>
+ 3) Use "cadaver" to connect to your server and PUT a file in location "test". The idea is that the permissions come out as 0600 for the standard Lucid installation and 0644 for the vanilla Apache module.
+ 
+ [Regression Potential]
+ Low. This has patch has already been applied upstream and is in use by however many 10.10, 11.04, and 11.10 users. The compiled LTS pachage has also tested by someone that is experiencing the original problem.
+ 
+ ================
+ Original report:
+ ================
+ 
+ 
  Binary package hint: apache2
  
  I am a Git pull/push through Apache https user, and I also use the file-
  based protocol.  Recently I noticed that the Git repository was filled
  with objects of permission -rw------ belonging to www-data, the Apache
  server username.  After further digging, this is not Git's problem, but
  possibly mod_dav_fs's.  In fact, any file transferred with a DAV "PUT"
  command results in said 0600 permissions.
  
  Although this is arguably a feature of Ubuntu, I found that the behavior differs from a standard Apache server.  To reproduce:
  1) Download the original archive from http://archive.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.14.orig.tar.gz and build with "./configure --enable-dav-fs=shared --enable-dav-lock=shared --enable-dav=shared".
  This should result in a mod_dav_fs.so library in modules/dav/fs/.libs.  Place such a shared library in /usr/lib/apache/modules as a replacement for the one already there.
  2) Set up a DAV location like so:
-  <IfModule dav_fs_module>
+  <IfModule dav_fs_module>
  
-     <Location "/test">
+     <Location "/test">
  
-         DAV on
+         DAV on
  
-     </Location>
+     </Location>
  
  </IfModule>
  3) Use "cadaver" to connect to your server and PUT a file in location "test".  The idea is that the permissions come out as 0600 for the standard Lucid installation and 0644 for the vanilla Apache module.
  
  Further evidence supporting the idea that the problem arises from Ubuntu
  packaging is the rather extensive modifications to mod_dav_fs code in
  the diff found at
  http://archive.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.14-5ubuntu3.diff.gz.
  
  Thank you for your attention!
  -Roy

** Changed in: oem-priority/lucid
       Status: Triaged => In Progress

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to apache2 in Ubuntu.
https://bugs.launchpad.net/bugs/540747

Title:
  Apache Web DAV incorrect permissions

To manage notifications about this bug go to:
https://bugs.launchpad.net/oem-priority/+bug/540747/+subscriptions

More information about the Ubuntu-server-bugs mailing list