21845 – Squirrelmail's 1.4.0-r1 ebuild access violation and possible data losing

Bug 21845 - Squirrelmail's 1.4.0-r1 ebuild access violation and possible data losing

Summary: Squirrelmail's 1.4.0-r1 ebuild access violation and possible data losing

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	All Linux

Importance:	High major
Assignee:	Nick Hadaway

URL:	http://bugs.gentoo.org/show_bug.cgi?i...
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2003-05-28 14:31 UTC by Eloi Granado
Modified:	2003-07-08 23:17 UTC (History)
CC List:	10 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Eloi Granado 2003-05-28 14:31:36 UTC

This code in the ebuild ... : 
        cp -r . ${D}/${HTTPD_ROOT}/${PN} 
        cd ${D}/${HTTPD_ROOT} 
        chown -R ${HTTPD_USER}.${HTTPD_GROUP} ${PN}/data 
...produces access denied errors because of the sandbox. Shouldn't them be 
substituted by the portage equivalents (doins, etc...)? 
 
 
Besides this : 
 
In a previous bug I filled some time ago (phpmyadmin that time, bug 20642), some 
developers put clear that ebuilds shouldn't seek for the documentroot in the apache 
config files, but have /home/httpd/htdocs hardcoded. Also, the code to detect the user 
that apache uses differs from that in the apache ebuild, that is to seek for the 
"apache" user and group in the system files. 
 
As I spotted in the other bug report, not everybody is willing to use a separate file por 
vhosts. So it HAPPENS that some of us have more than one line begining with 
DocumentRoot. Has anyone tried what happens with the ebuild in this conditions? 
With phpmyadmin, it trashed the documentroot of my last virtualhost (yes, the root, 
not the phpmyadmin subdir). 
 
Shouldn't it be of utility to write a howto for correctly creating webapp  ebuilds? How 
to make the checks, etc... I don't know too much about writting ebuilds, although I 
suppose I could spend some time learning about it, but yet the veterans could write a 
more detailed and accurate guide. Is this something to start a phorum thread for? 
 
I propose to add this settings to /etc/conf.d/apache, so all ebuilds could go there to 
seek for this data or, as the developers stated, just use an universal predefined builtin 
setting. 
 
I've added the developers that discussed in the other bug report to this one, as the 
same problem could arise. I may thank god for the access violation error.

Comment 1 Eloi Granado 2003-06-12 02:33:49 UTC

Proposed patch : 
 
16,21c16,18 
< HTTPD_ROOT="`grep '^DocumentRoot' /etc/apache/conf/apache.conf | cut -d\  -f2`" 
< HTTPD_USER="`grep '^User' /etc/apache/conf/commonapache.conf | cut -d \  -f2`" 
< HTTPD_GROUP="`grep '^Group' /etc/apache/conf/commonapache.conf | cut -d \  
-f2`" 
< [ -z "${HTTPD_ROOT}" ] && HTTPD_ROOT="/home/httpd/htdocs" 
< [ -z "${HTTPD_USER}" ] && HTTPD_USER="apache" 
< [ -z "${HTTPD_GROUP}" ] && HTTPD_GROUP="apache" 
--- 
> HTTPD_ROOT="/home/httpd/htdocs" 
> HTTPD_USER="apache" 
> HTTPD_GROUP="apache" 
 
 
Also, another question : is there any reason for forcing the user to uninstall previous 
versions before upgrading?

Comment 2 Robin Johnson archtester

2003-06-12 02:39:45 UTC

The DocumentRoot stuff is the subject of a discussion on the gentoo-dev mailing list presently.

Comment 3 Martin Holzer (RETIRED) gentoo-dev

2003-07-08 23:17:20 UTC

fixed