Summary: | webapp-config removes write permission of /tmp and other directories | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Michael Voehringer <voehringer> |
Component: | Current packages | Assignee: | Gentoo Web Application Packages Maintainers <web-apps> |
Status: | RESOLVED FIXED | ||
Severity: | critical | CC: | carlo, mal |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Michael Voehringer
2005-05-12 09:04:33 UTC
# webapp-config --list-installs <snip> * Checking permissions on web site and document root directories .. * Removing 'others write' bit from directory /var/tmp * Removing 'others write' bit from directory /var/cache/mmcache </snip> Grrrr! Why the hell is it messing with thigs that it has nothing in common with?! It breaks turck-mmcache and apache - Apache needs to write there! then maybe apache should be the group that owns those files? care to try that? Comment #2: # ls -la /var/cache/ | grep mmcache drwxrwxrwt 2 root root 291224 May 14 07:07 mmcache # ls -la /var/ | grep tmp drwxrwxrwt 7 root root 208 May 13 05:11 tmp So no, apache does not own them. And even if it did, I never supposed that there is such a hidden "feature" first. --list-installs should list installs and exit, as its name suggests! If there should be a feature for fixing permissions, then it must be invoked with a separate options like --fix-permissions and even then it should never mess with ebuilds completely unrelated to webapps (like turck-mmcache). I am having the same problem. It goes 'fixing' all my permissions in /var. I had to restore them manually. Some directory _do_ need public write permissions. I'd rather see that it asks before it goes 'fixing' stuff. Because actually it breaks things atm. You fucked up my /var/* permissions, too. Thanks for extensive testing. Could you please be a lot more careful before marking webapp-config ebuilds stable!? Hi, First off, chill! It's a bad bug to add to a stable release, but that's no excuse for swearing in your bug reports. -r14 was done by someone trying to get a serious security bug fixed. Un I'll be putting out a -r15 which fixes this problem. I'll post an update as soon as it's ready. Best regards, Stu Hi, webapp-config v1.11 is now in Portage, and contains a fix for this problem. Best regards, Stu |