Is the file owned by the user running Apache? Darryl Baker NIT - CI - PIPS - DAPS X76674
-----Original Message----- From: Kevin Miles [mailto:ke...@delgaldo.co.uk] Sent: July 11, 2017 10:54 AM To: users@httpd.apache.org Subject: [users@httpd] Apache (2.4.26) changing permissions on passwd file? I wonder if someone can shed some light on this. I've been running Apache 2.4.7 on Ubuntu 14.04LTS using a VirtualHost with a passwd file and all was working fine. I upgraded Apache to 2.4.26 and the site stopped working. The error being logged is: [Tue Jul 11 20:58:27.722904 2017] [authn_file:error] [pid 3403] (13)Permission denied: [client ::1:37626] AH01620: Could not open password file: /etc/stm/passwd Sure enough, when I check /etc/stm/passwd its permissions have been changed from 644 to 600. When I change them back, everything starts working. But when I reload the system, something sets them back to 600 and it stops working! AFAICT it's Apache that is changing the permissions. Audit shows the only process touching this file is Apache (htpasswd). And if I disable Apache on start-up and perform a system reload, the permissions are unchanged. Until I start Apache, when they get flipped back to 600. On the face of it, Apache 2.4.26 appears to be changing the permissions on my passwd file to a value that prevents it from using it. I can't see anything in the Release Notes that indicates this is a feature... Can anyone tell me why this is happening, and suggest the best solution for getting this VirtualHost working again? Thanks. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
