Please don't change permissions of /var/log/lighttpd during upgrade

I think you need to remove apache2...

There is no apache at all.But I tracked problem down and fixed it.Here it comes.

I did run lighttpd under custom non-default user I'd created myself.All worked fine, startup script launches lighttpd as root but I pointed out to server to change to restricted user upon startup (in it's config file I used server.username and server.groupname to switch to restricted user).

During upgrade, owner and group of (existing and not empty!) lighttpd logs folder (/var/log/lighttpd) were changed for unknown reason to another user (intended to run www server but hey, I already had another user for this purpose!).Once server worked as restricted user and logs folder has been assigned to another owner\group, server was unable to write log file due to lack of permissions and exited due to this fact.

So, I have to ask: why updater has to alter owner and group of already existing and non-empty folder during system upgrade?Imho it should be left as is (or at least, you have to change owner after confirmation since this potentially may affect server's operations).

Anyway, not a serious issue - those who run servers have to be smart a bit or better do not run servers othervice.

Thanks for this additional information.

I reassign to libhttpd as this package is responsible for any changes in /var/log/lighttpd

I set this to invalid...because:
user www-data, group www-data is the default user/group for webservers in debian/ubuntu.
Changing this is an individual task and the server administrator should know about this issue and handle updates/upgrades more carefully.

Regards,

\sh

Reopened, sorry.Resolution not seems to be acceptable for me, that's why...

1) I see no any valid reasons why updater should want to touch my (pre-existing and non-empty) logs directory (/var/logs/lighttpd) on working server.It already exists.It works.Logs are not part of package but a runtime-generated data and if server works, things are definitely tuned to do work right.Why the hell should updater then mess things up?I can understand if I'm installing package from scratch and there is no directory - ok to create new one with defaults.But changing parameters of pre-existing directories during update without a strong reason is a very bad idea, IMHO.

2) Touching logs directory of working server when it's not empty (during update) in best case will do exactly nothing.In not so lucky case it will sabotage lighttpd server's operation or do whatever else system administrator hardly will like.So, what is gained here, then? I'm thinking this operation on update is utterly stupid.

3) Non-default user may be convenient in some cases.Like it was in my one.

4) As a system administrator I want to trust to Ubuntu's installer and updater, up to level when scheduled updates are applied automatically in some cases when I can't manage things manually immediately.Right now this may lead to very poor experience.Updater is definitely not expected to apply destructive (but useless) changes to my system.

P.S. actually, such behavior caused some real server outage (not critical one, luckily).While I can read any documentation, this will not change the fact that installer does meaningless but destructive action which sabotages server's normal operation.Do you really expect I will use such system with so "competent" repositories maintenance on some critical servers, then?Will try to reopen bug since it's pretty annoying.

Note: this annoying and unfair issue happens each time lighttpd is updated.Not just during OS updates but also during regular package updates during use of Kubuntu 7.04 and 7.10.

This seems to be related: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=406338 ("~ is readable by www-data", complaining about too wide permissions).

Anyway, it might be a good idea to forward this issue to Debian.

The trouble here is that the user lighttpd runs as is configured from lighttpd.conf. The server supports running as the specified user.

For a new installation, I can understand how the package might assume a particular user, but once the system is installed, updates need to honor the configuration. If a package is already installed, it's a good bet that you shouldn't screw with the permissions and users associated with that package, during an upgrade. That means, don't re-create the www-data user, sure as hell don't give it a shell, and don't change the ownership of related files.

The package scripts could always grep out server.username from /etc/lighttpd/lighttpd.conf, but you shouldn't just assume www-data, and stomp all over an existing configuration.

Also, I'd like to propose that since this prevents a server from restarting after a security update in a production environment, that it be promoted from "wishlist" to a real severity. I'm new here, so I won't make that change myself... but I highly encourage someone with real authority to do so.

"chown www-data:www-data /var/log/lighttpd" is done unconditionally in postinst.
It should only be done when that dir is created for the first time, but I've no idea how to implement that.

Fixed in lighttpd tag debian/1.4.28-4

https://salsa.debian.org/debian/lighttpd/-/commit/91f7e8b8adf4cfaa81af858bed959811fbd0151d