xfs
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Apache and XFS ACLs

from [Andrew Gildfind] [Permanent Link][Original]
To: Gwenael.Letellier@xxxxxxxxxxxxx
Subject: Re: Apache and XFS ACLs
From: Andrew Gildfind <ajag@xxxxxxxxxxxxxxxxxxxxxxx>
Date: Thu, 10 May 2001 09:34:49 +1000
Cc: linux-xfs@xxxxxxxxxxx
In-reply-to: <BEC329079D7AD4119FA7000102A316EF0573FC@flic.corp.INTRINsec.com>; from Gwenael.Letellier@INTRINsec.com on Wed, May 09, 2001 at 12:50:32PM +0200
References: <BEC329079D7AD4119FA7000102A316EF0573FC@flic.corp.INTRINsec.com>
Sender: owner-linux-xfs@xxxxxxxxxxx 
On Wed, May 09, 2001 at 12:50:32PM +0200, Gwenael.Letellier@xxxxxxxxxxxxx wrote:
> Hi,
> 
> This bug report is being submitted both to XFS and Apache bug reporting
> systems.
> 
> First thank you all at SGI for the great work. RH-71 with XFS root installed
> nicely on my laptop.
> 
> Now my problem : I have been taking a look at XFS ACLs, and there seem to be
> a problem with apache not taking XFS ACLs into account.
> 
> Details :
> 
> Software versions : stock RH-71 with XFS-1.0 install disk, Apache-1.3.19
> 
> Problem : say I have a user called gwen, with home directory /home/gwen.
> Apache is running under apache.apache and user home directories are
> configured to be readable as ~gwen for /home/gwen/public_html. Apache
> indexes on index.html.
> 
> If I set the following perms, without any ACLs, everything is working fine :
> drwxr-xr-x    root    root    /home
> drwx-----x    gwen    gwen    /home/gwen
> drwx---r-x    gwen    gwen    /home/gwen/public_html
> -rwx---r--    gwen    gwen    /home/gwen/public_html/index.html
> 
> I have access to index.html, which prints out a nice "Hello, World!" ;-).
> 
> 
> If I want to be more restrictive, and use ACLs to allow access to this file
> only to the user named apache, and/or (tried both) to the group named
> apache, I get a 403 Forbidden error from apache.
> 
> Permissions are set the following way :
> drwxr-xr-x    root    root    /home
> drwx------    gwen    gwen    /home/gwen
> drwx------    gwen    gwen    /home/gwen/public_html
> -rwx------    gwen    gwen    /home/gwen/public_html/index.html
> 
> and the following ACLs are set too, for the user apache, group apache :
> d--x--x---    apache  apache  /home/gwen
> dr-xr-x---    apache  apache  /home/gwen/public_html
> -r-xr-x---    apache  apache  /home/gwen/public_html/index.html

What's the output from chacl -l for each of these files?

> I don't know whether I did something wrong in ACL settings. I think it has
> to do with the way Apache checks for perms.

Well it's not Apache that's enforcing these permissions, it's the 
ACL code in the kernel. 

Andrew

-- 
Andrew Gildfind - R&D Software Engineer - SGI Melbourne Australia
email: ajag@xxxxxxx - work: +61.3.9834.8200 mobile: 0412.834.183
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: kupdate - excessive CPU usage, Austin Gonyou
Next by Date:  RE: Browsing xfs-TEST, McMechan, Jim
Previous by Thread:  Apache and XFS ACLs, Gwenael . Letellier
Next by Thread:  Patch for mkbootdisk and large floppy support, Seth Mos
Indexes:  [Date] [Thread] [Top] [All Lists]