92388 – webapp-config removes write permission of /tmp and other directories

Bug 92388 - webapp-config removes write permission of /tmp and other directories

Summary: webapp-config removes write permission of /tmp and other directories

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	All Linux

Importance:	High critical (vote)
Assignee:	Gentoo Web Application Packages Maintainers

URL:
Whiteboard:
Keywords:

Duplicates (1):	96610 (view as bug list)
Depends on:
Blocks:

Reported:	2005-05-12 09:04 UTC by Michael Voehringer
Modified:	2005-06-20 07:36 UTC (History)
CC List:	2 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Michael Voehringer 2005-05-12 09:04:33 UTC

After upgrading to net-www/webapp-config-1.10-r14 and run "webapp-config --list-installs" the webapp-config changes the permition of the /tmp folder.


My VHOST looks like this:
VHOST_ROOT="/home/${G_HOSTNAME}"

Reproducible: Always
Steps to Reproduce:
1. install net-www/webapp-config-1.10-r14 
2. Change VHOST_ROOT to "/home/${G_HOSTNAME}"
3. run "webapp-config --list-installs"

Actual Results:  
the /tmp dir has the following permission:
"drwxrwxr-t   14 root root  720 May 12 17:54 tmp"


Expected Results:  
webapp-config should not change the permission

Comment 1 Jakub Moc (RETIRED) gentoo-dev

2005-05-12 21:44:35 UTC

# webapp-config --list-installs

<snip>
 * Checking permissions on web site and document root directories ..
 * Removing 'others write' bit from directory /var/tmp
 * Removing 'others write' bit from directory /var/cache/mmcache
</snip>

Grrrr! Why the hell is it messing with thigs that it has nothing in common with?! It breaks turck-mmcache and apache - Apache needs to write there!

Comment 2 John Mylchreest (RETIRED) gentoo-dev

2005-05-13 18:58:31 UTC

then maybe apache should be the group that owns those files?
care to try that?

Comment 3 Jakub Moc (RETIRED) gentoo-dev

2005-05-14 01:15:39 UTC

Comment #2:

# ls -la /var/cache/ | grep mmcache
drwxrwxrwt   2 root   root    291224 May 14 07:07 mmcache

# ls -la /var/ | grep tmp
drwxrwxrwt   7 root   root    208 May 13 05:11 tmp

So no, apache does not own them. And even if it did, I never supposed that there is such a hidden "feature" first. --list-installs should list installs and exit, as its name suggests! If there should be a feature for fixing permissions, then it must be invoked with a separate options like --fix-permissions and even then it should never mess with ebuilds completely unrelated to webapps (like turck-mmcache).

Comment 4 Jeroen Asselman 2005-05-18 03:47:43 UTC

I am having the same problem. It goes 'fixing' all my permissions in /var. I had
to restore them manually. Some directory _do_ need public write permissions.
I'd rather see that it asks before it goes 'fixing' stuff. Because actually it
breaks things atm.

Comment 5 Carsten Lohrke (RETIRED) gentoo-dev

2005-05-19 04:42:45 UTC

You fucked up my /var/* permissions, too. Thanks for extensive testing. Could
you please be a lot more careful before marking webapp-config ebuilds stable!?

Comment 6 Stuart Herbert (RETIRED) gentoo-dev

2005-05-30 02:20:35 UTC

Hi,

First off, chill!  It's a bad bug to add to a stable release, but that's no 
excuse for swearing in your bug reports.  -r14 was done by someone trying to 
get a serious security bug fixed.  Un

I'll be putting out a -r15 which fixes this problem.  I'll post an update as 
soon as it's ready.

Best regards,
Stu

Comment 7 Stuart Herbert (RETIRED) gentoo-dev

2005-05-30 12:59:34 UTC

Hi,

webapp-config v1.11 is now in Portage, and contains a fix for this problem.

Best regards,
Stu

Comment 8 Jakub Moc (RETIRED) gentoo-dev

2005-06-20 07:36:30 UTC

*** Bug 96610 has been marked as a duplicate of this bug. ***