Bug#614421: apache2: virtual host rewrite log has owner root and group root
On Monday 21 February 2011, David Christensen wrote: I'm designing a Linux/ Apache/ MySQL/ Perl content management system that I'd like to work in shared hosting environments (among other configurations). Apache typically runs as an unpriviledged user (www-data on Debian, suexec, others?). So, neither my software nor the user will be able to rotate or delete the logs. What is the correct solution? Use logrotate (run as root by cron) or a piped logger like cronolog. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#614421: apache2: virtual host rewrite log has owner root and group root
On 02/21/2011 01:57 PM, Stefan Fritsch wrote: Apache opens the logs as root before changing user. This is intentional and makes sense from a security point of view. Thank you for the prompt response. :-) I'm designing a Linux/ Apache/ MySQL/ Perl content management system that I'd like to work in shared hosting environments (among other configurations). Apache typically runs as an unpriviledged user (www-data on Debian, suexec, others?). So, neither my software nor the user will be able to rotate or delete the logs. What is the correct solution? David -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#614421: apache2: virtual host rewrite log has owner root and group root
Package: apache2.2-common Version: 2.2.16-6 Severity: important Please see debian-user mailing list thread for example and discussion: http://lists.debian.org/debian-user/2011/02/msg02171.html -- Package-specific info: List of enabled modules from 'apache2 -M': alias auth_basic authn_file authz_default authz_groupfile authz_host authz_user autoindex cgid deflate dir env mime negotiation reqtimeout rewrite setenvif status -- System Information: Debian Release: 6.0 APT prefers squeeze-updates APT policy: (500, 'squeeze-updates'), (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.32-5-686 (SMP w/2 CPU cores) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/dash Versions of packages apache2 depends on: ii apache2-mpm-worker2.2.16-6 Apache HTTP Server - high speed th ii apache2.2-common 2.2.16-6 Apache HTTP Server common files apache2 recommends no packages. apache2 suggests no packages. Versions of packages apache2.2-common depends on: ii apache2-utils 2.2.16-6 utility programs for webservers ii apache2.2-bin 2.2.16-6 Apache HTTP Server common binary f ii libmagic1 5.04-5 File type determination library us ii lsb-base3.2-23.2squeeze1 Linux Standard Base 3.2 init scrip ii mime-support3.48-1 MIME files 'mime.types' 'mailcap ii perl5.10.1-17Larry Wall's Practical Extraction ii procps 1:3.2.8-9/proc file system utilities -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
