Ubuntu
apache2 package

Bug #540747
Comment #2

Comment 2 for bug 540747

Revision history for this message

Roy Liu (royliu) wrote on 2010-03-19: Re: [Bug 540747] Re: Apache Web DAV incorrect permissions

Chuck,

What version is Lucid's apache2.2-bin a backport of? I just tried with the
last 2.2.15 version and the permissions are 644 rather than Ubuntu's 600. I
did this by way of replacing mod_dav_fs.so as described below.

Thanks,
Roy

On Fri, Mar 19, 2010 at 6:30 AM, Chuck Short <email address hidden>wrote:

> This is probably due to the one of the mod_dav patches that has been
> backported from svn tree. if you try the latest available version of
> apache you will probably get the same results. If you can verify that it
> is, otherwise its a bug that we have.
>
> Regards
> chuck
>
> ** Changed in: apache2 (Ubuntu)
> Status: New => Incomplete
>
> ** Changed in: apache2 (Ubuntu)
> Importance: Undecided => Medium
>
> --
> Apache Web DAV incorrect permissions
> https://bugs.launchpad.net/bugs/540747
> You received this bug notification because you are a direct subscriber
> of the bug.
>
> Status in “apache2” package in Ubuntu: Incomplete
>
> Bug description:
> Binary package hint: apache2
>
> I am a Git pull/push through Apache https user, and I also use the
> file-based protocol. Recently I noticed that the Git repository was filled
> with objects of permission -rw------ belonging to www-data, the Apache
> server username. After further digging, this is not Git's problem, but
> possibly mod_dav_fs's. In fact, any file transferred with a DAV "PUT"
> command results in said 0600 permissions.
>
> Although this is arguably a feature of Ubuntu, I found that the behavior
> differs from a standard Apache server. To reproduce:
> 1) Download the original archive from
> http://archive.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.14.orig.tar.gzand build with "./configure --enable-dav-fs=shared --enable-dav-lock=shared
> --enable-dav=shared".
> This should result in a mod_dav_fs.so library in modules/dav/fs/.libs.
> Place such a shared library in /usr/lib/apache/modules as a replacement for
> the one already there.
> 2) Set up a DAV location like so:
> <IfModule dav_fs_module>
>
> <Location "/test">
>
> DAV on
>
> </Location>
>
> </IfModule>
> 3) Use "cadaver" to connect to your server and PUT a file in location
> "test". The idea is that the permissions come out as 0600 for the standard
> Lucid installation and 0644 for the vanilla Apache module.
>
> Further evidence supporting the idea that the problem arises from Ubuntu
> packaging is the rather extensive modifications to mod_dav_fs code in the
> diff found at
> http://archive.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.14-5ubuntu3.diff.gz
> .
>
> Thank you for your attention!
> -Roy
>
> To unsubscribe from this bug, go to:
> https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/540747/+subscribe
>

Chuck,

What version is Lucid's apache2.2-bin a backport of?  I just tried with the
last 2.2.15 version and the permissions are 644 rather than Ubuntu's 600.  I
did this by way of replacing mod_dav_fs.so as described below.

Thanks,
Roy

On Fri, Mar 19, 2010 at 6:30 AM, Chuck Short <chuck.short@canonical.com>wrote:

> This is probably due to the one of the mod_dav patches that has been
> backported from svn tree. if you try the latest available version of
> apache you will probably get the same results. If you can verify that it
> is, otherwise its a bug that we have.
>
> Regards
> chuck
>
> ** Changed in: apache2 (Ubuntu)
>       Status: New => Incomplete
>
> ** Changed in: apache2 (Ubuntu)
>   Importance: Undecided => Medium
>
> --
> Apache Web DAV incorrect permissions
> https://bugs.launchpad.net/bugs/540747
> You received this bug notification because you are a direct subscriber
> of the bug.
>
> Status in “apache2” package in Ubuntu: Incomplete
>
> Bug description:
> Binary package hint: apache2
>
> I am a Git pull/push through Apache https user, and I also use the
> file-based protocol.  Recently I noticed that the Git repository was filled
> with objects of permission -rw------ belonging to www-data, the Apache
> server username.  After further digging, this is not Git's problem, but
> possibly mod_dav_fs's.  In fact, any file transferred with a DAV "PUT"
> command results in said 0600 permissions.
>
> Although this is arguably a feature of Ubuntu, I found that the behavior
> differs from a standard Apache server.  To reproduce:
> 1) Download the original archive from
> http://archive.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.14.orig.tar.gzand build with "./configure --enable-dav-fs=shared --enable-dav-lock=shared
> --enable-dav=shared".
> This should result in a mod_dav_fs.so library in modules/dav/fs/.libs.
>  Place such a shared library in /usr/lib/apache/modules as a replacement for
> the one already there.
> 2) Set up a DAV location like so:
>  <IfModule dav_fs_module>
>
>    <Location "/test">
>
>        DAV on
>
>    </Location>
>
> </IfModule>
> 3) Use "cadaver" to connect to your server and PUT a file in location
> "test".  The idea is that the permissions come out as 0600 for the standard
> Lucid installation and 0644 for the vanilla Apache module.
>
> Further evidence supporting the idea that the problem arises from Ubuntu
> packaging is the rather extensive modifications to mod_dav_fs code in the
> diff found at
> http://archive.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.14-5ubuntu3.diff.gz
> .
>
> Thank you for your attention!
> -Roy
>
> To unsubscribe from this bug, go to:
> https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/540747/+subscribe
>

Ubuntuapache2 package

Comment 2 for bug 540747

Ubuntu
apache2 package