Problem: CGI scripts installed by webapp-config in /var/www/localhost/cgi-bin fail to run with a 403 Forbidden error. Reason: webapp-config "installs" files in /var/www/localhost/cgi-bin by symlinking them to /usr/share/webapps/$PN/$PV/hostroot/cgi-bin. However, by default apache2 refuses to follow symlinks in /var/www/localhost/cgi-bin, so it borks with a 403 error and this in the logs: [Mon May 31 13:33:39 2004] [error] [client 127.0.0.1] Symbolic link not allowed: /var/www/localhost/cgi-bin/<script> Solution: Enable FollowSymLinks for /var/www/localhost/cgi-bin in /etc/apache2/conf/commonapache2.conf ### ### This is intended for your world-accessible CGI programs. ### <Directory /var/www/localhost/cgi-bin> AllowOverride All - Options ExecCGI + Options ExecCGI FollowSymLinks <IfModule mod_access.c> Order allow,deny Allow from all </IfModule> </Directory> Problems with the solution: This might be a (minor) security risk. But the alternative it is broken cgi-bin with webapp-config :-(
Versions: webapp-config 1.9-r3 apache 2.0.49-r2
This should be fixed in the next version of webapp-config. For now please add FollowSymlinks manually. Thanks
I'm reopening this bug so you can resolved it as FIXED when it's fixed -- it's not RESOLVED WONTFIX because you've just said you're going to fix it :-) Re-opening it also allows bugs that depend on it to be notified when the fix is available. Cheers, Tom
Of course, it's web-apps, not apache-bugs who are going to fix it :-)
I'll be putting a ~x86 version of webapp-config-1.10 into Portage later tonight for testing purposes. This now uses hard links by default, which should address this bug. Best regards, Stu
Hi, I've committed v1.10 of webapp-config, which no longer uses symlinks. This should address your problem. Please test, and let me know how you get on. Best regards, Stu
Closing old bug.