Bug #2823

HTTP Forbidden access to PHP webapp after migration

Added by Davide Principi about 7 years ago. Updated almost 7 years ago.

Status:CLOSEDStart date:
Priority:NormalDue date:
Assignee:-% Done:

100%

Category:nethserver-httpd
Target version:v6.5
Security class: Resolution:
Affected version:v6.5-final NEEDINFO:No

Description

Trying to retrieve a *.php file from a shared folder after migration is forbidden (HTTP Status 403).

xxx=ibay
    AclRead=
    AclWrite=
    Description=Sito Web
    GroupAccess=rw
    HttpAccess=public
    HttpAliasType=root
    HttpPasswordStatus=disabled
    HttpPasswordValue={CRYPT}!!
    HttpProfileType=migration
    HttpStatus=enabled
    HttpVirtualHost=www.renierassociati.com
    OtherAccess=r
    OwningGroup=web
    SmbAuditStatus=disabled
    SmbProfileType=migration
    SmbRecycleBinStatus=disabled
    SmbStatus=enabled

The original ibay conf was:

xxx=ibay
    CgiBin=enabled
    Gid=5042
    Group=web
    Name=Sito Web
    PHPBaseDir=/home/e-smith/files/ibays/xxx/html/:/tmp
    PasswordSet=no
    PublicAccess=global
    Uid=5042
    UserAccess=wr-group-rd-everyone

Packages:
  • nethserver-httpd-2.3.1-1.ns6.noarch
  • nethserver-ibays-2.0.3-1.ns6.noarch

Associated revisions

Revision b93009dc
Added by Giacomo Sanchietti almost 7 years ago

Migration: migrate CGI configuration for ibays. Refs #2823

History

#1 Updated by Davide Principi about 7 years ago

Apache configuration for migrated ibays is into /etc/e-smith/templates/httpd/ibay-migration/10base. Seems like the HttpCgiBinStatus prop was not set to enabled during migration.

#2 Updated by Giacomo Sanchietti almost 7 years ago

  • Status changed from TRIAGED to ON_DEV
  • Assignee set to Giacomo Sanchietti
  • % Done changed from 20 to 30

#3 Updated by Giacomo Sanchietti almost 7 years ago

  • Status changed from ON_DEV to MODIFIED
  • % Done changed from 30 to 60

#4 Updated by Giacomo Sanchietti almost 7 years ago

  • Status changed from MODIFIED to ON_QA
  • Assignee deleted (Giacomo Sanchietti)
  • % Done changed from 60 to 70
Package in nethserver-testing:
  • nethserver-httpd-2.3.1-1.0gitb93009dc.ns6.noarch.rpm
Test case
  • On a clean machine explode an existing backup where the Primary ibay has CGI enabled
  • Install the package from testing (make sure to also have nethserver-ibays installed)
  • Launch migration event
  • Create a test PHP script
    echo "<?php phpinfo(); ?>" > /var/lib/nethserver/ibay/Primary/html/test.php
    
  • Open the script in the browser and check it's working: http://&lt;server&gt;/test.php

I can't attach a full backup because it's too big. Please ask for it, if needed for QA process.

#5 Updated by Davide Principi almost 7 years ago

  • Assignee set to Davide Principi

#6 Updated by Davide Principi almost 7 years ago

  • Status changed from ON_QA to VERIFIED
  • Assignee deleted (Davide Principi)
  • % Done changed from 70 to 90

#7 Updated by Davide Principi almost 7 years ago

  • Status changed from VERIFIED to CLOSED
  • % Done changed from 90 to 100

In nethserver-updates:
nethserver-httpd-2.3.2-1.ns6.noarch.rpm

Also available in: Atom PDF