dolphin in focal can't delete webdav directories running on focal's apache

Hello Ross and thanks for this bug report. Did you actually verify that adding a

  BrowserMatch " Konqueror/5" redirect-carefully

line to setenvif.conf resolves the issue?

Anyway the file belongs to the packaging and not to the upstream source, so the fix belongs to Ubuntu. Waiting for your feedback on the " Konqueror/5" test I'm marking this bug report as Incomplete. Please change its status back to New after commenting back and we'll look at it again. Thanks!

Yes,

BrowserMatch " Konqueror/5" redirect-carefully

does fix the bug.

While you're at it: kinda the same happens in jammy (as of 22.04.2). This time the user agent for dolphin is:

    Mozilla/5.0 (X11; Linux x86_64) KIO/5.92 dolphin/21.12.3

With stock apache conf when trying to delete a dir over webdav, it results in a 301 redirect: '"DELETE /webdav/test HTTP/1.1" 301 578' => /webdav/test/

With such custom line in setenvif.conf it works as supposed:

    BrowserMatch " dolphin/" redirect-carefully

Thanks for update :)

@Adam

Given the file belongs to the packaging and not to the upstream source, we should expect the Delta to be a long-term one.
That, combined with the fact that this bug is present in Debian too, and Ubuntu currently doesn't make any changes over the Debian package --> this bug would be best fixed directly in Debian, and then Ubuntu will pick up the fix automatically.

So the best way is to file a Debian bug report.

Michal,

This bug seems to affect Focal/Jammy, and therefore the fix needs to be done in Ubuntu. You also need to check if the issue is still present in Mantic, or if it has already been fixed there.

Hey you two,
thanks for picking this one up after such a long time.

@Michal - while you are right that the particular config file does not have any changes, the reasoning for "Ubuntu currently doesn't make any changes over the Debian" is usually for auto-sync and apache clearly has changes in general (just not in that file). Therefore that is not a problem.

@Sergio - agreed, for an SRU this needs a test case anyway, which means Michal can start in Mantic and testing it through all releases.

@All
While looking at it quickly I found that there are two files with such a config

From upstream we have this for DAV related usage in
apache2-doc: /usr/share/doc/apache2/examples/apache2/extra/httpd-dav.conf

$ cat docs/conf/extra/httpd-dav.conf.in
...
BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
BrowserMatch "MS FrontPage" redirect-carefully
BrowserMatch "^WebDrive" redirect-carefully
BrowserMatch "^WebDAVFS/1.[01234]" redirect-carefully
BrowserMatch "^gnome-vfs/1.0" redirect-carefully
BrowserMatch "^XML Spy" redirect-carefully
BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully
BrowserMatch " Konqueror/4" redirect-carefully

Then the file we got asked here is in
apache2: /etc/apache2/mods-available/setenvif.conf

$ cat /etc/apache2/mods-available/setenvif.conf
BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
BrowserMatch "MS FrontPage" redirect-carefully
BrowserMatch "^WebDrive" redirect-carefully
BrowserMatch "^WebDAVFS/1\.[012]" redirect-carefully
BrowserMatch "^gnome-vfs/1\.0" redirect-carefully
BrowserMatch "^gvfs/1" redirect-carefully
BrowserMatch "^XML Spy" redirect-carefully
BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully
BrowserMatch " Konqueror/4" redirect-carefull

This is already diverging.
The latter is Ubuntu/Debian delta over upstream.

Now those two are out of sync a lot IMHO
1. [1] fixed escaping, but not upstream?
2. gvfs [2] was added in Debian but never upstream AFAICS
3. Konquerer/4 was added upstream [3] and in Debian [4]

Now here in the bug we have the report of
a) Konqueror/5
b) dolphin/
which both are missing.

I conclude from the findings that:

I. All Debian changes [1][2] not yet there should also get upstream [in docs/conf/extra/httpd-dav.conf.in] (that way we also ensure to get their opinion in about the change in general)

II. The suggestions here seem right, that should go upstream to the same file as well

III. Once discussed accepted there we can be sure this does not back-fire, bring it up with Debian [for docs/conf/extra/httpd-dav.conf.in but there also debian/config-dir/mods-available/setenvif.conf]

IV. At the same time you can start to bring it into mantic [for docs/conf/extra/httpd-dav.conf.in but there also debian/config-dir/mods-available/setenvif.conf] and from there SRU

[1]: https://salsa.debian.org/apache-team/apache2/-/commit/6645d3763038a344f7baa6cb7206d52e7a3b1f5f
[2]: https://salsa.debian.org/apache-team/apache2/-/commit/0d38509c2338f0006130d8d41c334c44d5a98b25
[3]: https://github.com/apache/httpd/commit/c4471432a3925208238473189b4b6f981946a722
[4]: https://salsa.debian.org/apache-team/apache2/-/commit/bf...

Hi @Adam,

I tried to figure out how to create a Test Plan for it. And I think I did, but at the end, I had a problem adding a network folder in the Dolphin GUI.

What I did:

1. I started with focal VM, and I created it.
2. I've installed apache2 and the required modules as follows:
- a2enmod dav dav_fs
3. I've created a conf file under
/etc/apache2/sites-available/

and I have added it inside:

<VirtualHost *:80>
    ServerName localhost
    DocumentRoot /var/www/webdav

    Alias /webdav /var/www/webdav
    <Directory /var/www/webdav>
        DAV On
        AllowOverride None
        Require all granted
    </Directory>
</VirtualHost>

4. Then I enabled the new configuration and restarted apache2.

I have created a WebDAV directory and changed ownership:

sudo mkdir -p /var/www/webdav
sudo chown www-data:www-data /var/www/webdav

5. And then I installed Dolphin and wanted to access WebDAV with it, but I was denied access by Dolphin.

I think it might be another bug found along the way, or it might be a problem I only encountered.

Could you please help me a bit and maybe provide me with your steps to reproduce the issue?
I would be really grateful :)

I've just replicated your steps with a vm booted into ubuntu-20.04.6-desktop-amd64.iso and there are no problems with webdav for me aside for the bug reported:

(I ssh into the vm so when I say "copy-paste" it is literally that)

### install the stuff
- enable the universe repo in /etc/apt/sources.list
- sudo apt update
- sudo apt install apache2 dolphin
### configure apache
- sudo a2enmod dav dav_fs
- copy-paste your apache vhost config into /etc/apache2/sites-available/test.conf
- sudo a2ensite test.conf
- sudo systemctl restart apache2
### webdav dir
- sudo mkdir -p /var/www/webdav
- sudo chown www-data: /var/www/webdav

Now in dolphin, press C-l and enter path "webdav://localhost". There I can create files and dirs, delete files, but not delete dirs.

--

Try enabling the logs. Put these lines (as per /etc/apache2/sites-enabled/000-default.conf) into your test.conf:

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

and restart apache. And keep looking under /var/log/apache2/

Thanks Adam!

I will redo my steps again tomorrow, and I hope it will work or at least the logs will be helpful.

FYI, if I still struggle with that test plan, can I ask you to test the PPA for me?
I would simply provide you with the fix in the PPA (link), and you would simply have to try to reproduce the issue.

I'll try to help with testing

Hi Adam,

Finally, I was able to get rid of my "dolphin problem", but honestly, I went through Mantic, Lunar, Jammy and Focal and on none of them could I reproduce the issue.
I could create files and directories, delete files, _and_ delete directories.
I tried to determine if that applies exclusively to empty directories or directories with content inside, but I couldn't reproduce the issue either way.

Moreover out of curiosity, I did the same steps on the workstation I am working on daily (not only VMs), where the focal Ubuntu server is installed and the user is different than root, and I also couldn't reproduce that issue.

Hmmm, I am wondering what might be the reason for that. Having in mind that I followed "your&mine" steps to reproduce it.

> I could create files and directories, delete files, _and_ delete directories.

When you say "delete dirs" have you actually checked if it was removed on disk? In dolphin it disappers from the view, but press F5 to refresh and it's still there.

You can see the problem even without actual dolphin, curl is enough. In focal with apache set up as above:

$> cd /var/www/webdav
$> mkdir a
$> chown www-data: a
$> curl -I -X DELETE http://localhost/a
HTTP/1.1 301 Moved Permanently
Date: Wed, 09 Aug 2023 16:05:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Location: http://localhost/a/
Content-Length: 302
Content-Type: text/html; charset=iso-8859-1
$> curl -I -X DELETE -A 'prefix Konqueror/5' http://localhost/a
HTTP/1.1 301 Moved Permanently
Date: Wed, 09 Aug 2023 16:06:04 GMT
Server: Apache/2.4.41 (Ubuntu)
Location: http://localhost/a/
Content-Length: 302
Content-Type: text/html; charset=iso-8859-1
$> curl -I -X DELETE -A 'prefix Konqueror/4' http://localhost/a
HTTP/1.1 204 No Content
Date: Wed, 09 Aug 2023 16:09:28 GMT
Server: Apache/2.4.41 (Ubuntu)

See? It rejects (with redirect) curl's own user agent as well as Konqueror/5, which is dolphin in focal. But Konqueror/4 is OK since it is mentioned in `BrowserMatch " Konqueror/4" redirect-carefully` in /etc/apache2/mods-available/setenvif.conf

Sure, that's true. First I wanted to reproduce it in the simplest way as the bug did not mention explicitly how the directory behaves after deletion, but after I wrote comment #13, I realised that it was not removed from the disk by doing: ls -li /path. Later, I saw your comment, and then I was sure it was a good way of thinking.

I tested it through releases, and Mantic, Lunar, Jammy and Focal are affected by that issue.

My next steps are:
1. Prepare patches for upstream as per comment#7 and test patches using the test case that I created. Then submit and discuss upstream.
2. Then I will take care of Debian and Ubuntu.

P.S. Btw, thank you Adam for being a really helpful and responsive bug reporter. I appreciate it.

Waiting for the answer from upstream: https://bz.apache.org/bugzilla/show_bug.cgi?id=67039

No answer from upstream. MP ready, will be uploaded early in 24.04

I don't doubt that Dolphin has identified itself as "dolphin" as well as "Konqueror/5" but other than this bug report I'm having difficulty finding confirmation of this via an official source. Pointers would be appreciated.

In jammy, source package "kio", kio-5.92.0/src/core/kprotocolmanager.cpp:793

    d->useragent = QLatin1String("Mozilla/5.0 (%1) ").arg(supp)
        + QLatin1String("KIO/%1.%2 ").arg(QString::number(KIO_VERSION_MAJOR), QString::number(KIO_VERSION_MINOR))
        + QLatin1String("%1/%2").arg(appName, appVersion);

In apache log I see "Mozilla/5.0 (X11; Linux x86_64) KIO/5.92 dolphin/21.12.3"

In focal, source package "kio", kio-5.68.0/src/core/kprotocolmanager.cpp:827

        d->useragent =
            QL1S("Mozilla/5.0 (") +
            supp +
            QL1S(") KHTML/") +
            QString::number(KIO_VERSION_MAJOR) +
            QL1C('.') +
            QString::number(KIO_VERSION_MINOR) +
            QL1C('.') +
            QString::number(KIO_VERSION_PATCH) +
            QL1S(" (like Gecko) Konqueror/") +
            QString::number(KIO_VERSION_MAJOR) +
            QL1S(" KIO/") +
            QString::number(KIO_VERSION_MAJOR) +
            QL1C('.') +
            QString::number(KIO_VERSION_MINOR);

@bryce

In the rewritten first message you say "On the client-side, change the user agent in Dophin Settings > Customize > User Agent to Custom and then specify a supported user agent such as "Konqueror/4"

I'm not sure where it comes from. I dont see any way to customize dolphin's user agent in its interface in focal, jammy and mantic. There is no "customize" under settings but only "configure dolphin" and nothing related to user agent futher there. Mby those are some expert level settings I have to unhide first?

I mean here is what I see after selecting "settings > configure dolphin": https://docs.kde.org/stable5/en/dolphin/dolphin/configuring-dolphin.html

The only way I've found to change user agent was in focal: open "system settings > network > settings > browser identification", but it only works for selected sites: there is no way to globally override the default "Konqueror/5" piece. Besides, all options there are predefined, there is no way to enter a custom value and "Konqueror/4" is evidently not listed there.

In system setting for jammy and mantic there is no "browser identification" at all.

This bug was fixed in the package apache2 - 2.4.58-1ubuntu2

---------------
apache2 (2.4.58-1ubuntu2) noble; urgency=medium

  * d/c/m/setenvif.conf, d/p/fix-dolphin-to-delete-webdav-dirs.patch: Add
    dolphin and Konqueror/5 careful redirection so that directories can be
    deleted via webdav.
    (LP: #1927742)

 -- Bryce Harrington <email address hidden> Wed, 24 Jan 2024 14:00:03 -0800

Accepting this into mantic-proposed is blocked on 2.4.57-2ubuntu2.2 which is not yet ready; it is awaiting verification and resolution of autopkgtest failures.

Bryce, Mitchell and I agreed to upload the fix for bug 1927742 on top of the fix for bug 1947459 into mantic-proposed, combining these into a single SRU. This means that the SRU verification state for bug 1947459 in Mantic will be reset and needs to be performed again.

Hello Adam, or anyone else affected,

Accepted apache2 into mantic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/apache2/2.4.57-2ubuntu2.3 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-mantic to verification-done-mantic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-mantic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Hello Adam, or anyone else affected,

Accepted apache2 into jammy-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/apache2/2.4.52-1ubuntu4.8 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-jammy to verification-done-jammy. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-jammy. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

All autopkgtests for the newly accepted apache2 (2.4.57-2ubuntu2.3) for mantic have finished running.
The following regressions have been reported in tests triggered by the package:

libapache2-mod-python/3.5.0+git20211031.e6458ec-1build1 (armhf)
mod-wsgi/4.9.4-1build1 (armhf)
passenger/6.0.17+ds-1build1 (armhf)

Please visit the excuses page listed below and investigate the failures, proceeding afterwards as per the StableReleaseUpdates policy regarding autopkgtest regressions [1].

https://people.canonical.com/~ubuntu-archive/proposed-migration/mantic/update_excuses.html#apache2

[1] https://wiki.ubuntu.com/StableReleaseUpdates#Autopkgtest_Regressions

Thank you!

Autopkgtests should be resolved now.

Adam, if your earlier offer to assist with testing is still valid, now's your chance. :-)

@bryce Just tried apache2=2.4.52-1ubuntu4.8 from proposed in jammy, the problem is solved.

Testing done: dolphin in focal ("Konqueror/5" user agent) and jammy ("dolphin" user agent) can delete dirs over webdav endpoint running jammy with apache2=2.4.52-1ubuntu4.8

@bryce Just tried apache2=2.4.57-2ubuntu2.3 from proposed in mantic, the problem is solved.

Testing done: dolphin in focal ("Konqueror/5" user agent) and jammy ("dolphin" user agent) can delete dirs over webdav endpoint running mantic with apache2=2.4.57-2ubuntu2.3

Hello Adam, or anyone else affected,

Accepted apache2 into focal-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/apache2/2.4.41-4ubuntu3.16 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-focal to verification-done-focal. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-focal. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

@bryce Just tried apache2=2.4.41-4ubuntu3.16 from proposed in focal, the problem is solved.

Testing done: dolphin in focal ("Konqueror/5" user agent) and jammy ("dolphin" user agent) can delete dirs over webdav endpoint running focal with apache2=2.4.41-4ubuntu3.16

Excellent, thank you Adam!

All autopkgtests for the newly accepted apache2 (2.4.41-4ubuntu3.16) for focal have finished running.
The following regressions have been reported in tests triggered by the package:

cinder/2:16.4.2-0ubuntu2.4 (amd64)
gvfs/1.44.1-1ubuntu1.2 (amd64, ppc64el)

Please visit the excuses page listed below and investigate the failures, proceeding afterwards as per the StableReleaseUpdates policy regarding autopkgtest regressions [1].

https://people.canonical.com/~ubuntu-archive/proposed-migration/focal/update_excuses.html#apache2

[1] https://wiki.ubuntu.com/StableReleaseUpdates#Autopkgtest_Regressions

Thank you!

This bug was fixed in the package apache2 - 2.4.57-2ubuntu2.3

---------------
apache2 (2.4.57-2ubuntu2.3) mantic; urgency=medium

  * d/c/m/setenvif.conf, d/p/fix-dolphin-to-delete-webdav-dirs.patch: Add
    dolphin and Konqueror/5 careful redirection so that directories can be
    deleted via webdav.
    (LP: #1927742)

apache2 (2.4.57-2ubuntu2.2) mantic; urgency=medium

  * d/icons/ubuntu-logo.png: add Ubuntu image for welcome page (LP: #1947459).

 -- Bryce Harrington <email address hidden> Wed, 24 Jan 2024 22:51:25 -0800

The verification of the Stable Release Update for apache2 has completed successfully and the package is now being released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

@SRU team: status on the focal and jammy packages?

This bug was fixed in the package apache2 - 2.4.52-1ubuntu4.8

---------------
apache2 (2.4.52-1ubuntu4.8) jammy; urgency=medium

  * d/c/m/setenvif.conf, d/p/fix-dolphin-to-delete-webdav-dirs.patch: Add
    dolphin and Konqueror/5 careful redirection so that directories can be
    deleted via webdav.
    (LP: #1927742)

 -- Bryce Harrington <email address hidden> Tue, 16 Jan 2024 19:00:18 -0800

This bug was fixed in the package apache2 - 2.4.41-4ubuntu3.16

---------------
apache2 (2.4.41-4ubuntu3.16) focal; urgency=medium

  * d/c/m/setenvif.conf, d/p/fix-dolphin-to-delete-webdav-dirs.patch: Add
    dolphin and Konqueror/5 careful redirection so that directories can be
    deleted via webdav.
    (LP: #1927742)

 -- Bryce Harrington <email address hidden> Tue, 16 Jan 2024 19:00:27 -0800