Feature #3097
Allow .htaccess and write permissions overrides
Status: | CLOSED | Start date: | ||
---|---|---|---|---|
Priority: | Normal | Due date: | ||
Assignee: | - | % Done: | 100% | |
Category: | nethserver-httpd | |||
Target version: | v6.6 | |||
Resolution: | NEEDINFO: | No |
Description
Implement .htaccess
and special web server write permissions for shared folders as discussed on Create a new sharedFolder UI plugin for WEB Settings.
.htaccess:
A file named .htaccess on the shared folder root is considered a web
server configuration file. See `Apache .htaccess howto`_.
.htwritable
A file named .htwritable on the shared folder root enables write access
on specific subdirectories. The expected contents of that file are a list
of subdirectories (one fore each line) where the web server is granted
write permission.
Related issues
Associated revisions
Enable .htaccess files with AllowOverrideStatus prop. Refs #3097
Set Posix ACLs from .htwritable files. Refs #3097
ibay-reset-permissions: apply .htwritable ACLs. Refs #3097
History
#1 Updated by Davide Principi over 6 years ago
- Related to Enhancement #3058: Add PHP options to shared folders added
#2 Updated by Davide Principi over 6 years ago
- Status changed from TRIAGED to ON_DEV
- Assignee set to Davide Principi
- % Done changed from 20 to 30
#3 Updated by Davide Principi over 6 years ago
- Related to Feature #3102: Require SSL encrypted connection for shared folder added
#4 Updated by Davide Principi over 6 years ago
- Status changed from ON_DEV to MODIFIED
- Assignee deleted (
Davide Principi) - % Done changed from 30 to 60
MODIFIED
Test case 1
- Create ibay
ibay1
- Add a
phpinfo.php
into it:<?php phpinfo();
- Make sure it is accessible from
http://IPADDR/ibay1/phpinfo.php
- Enable "Allow .htaccess and write permissions overrides" for
ibay1
- Create an
.htaccess
file inibay1
directory:php_value session.save_path /tmp/changed
- Check
phpinfo.php
outuput again: the parameter session.save_path must be changed.
Test case 2
...continues test case 1, where ibay1
is an ibay with "Web access" enabled:
- Create some directories and initialize contents:
cd /var/lib/nethserver/ibay/ibay1 mkdir -p www app/{cache,tmp,templates,css,src} touch app/{cache,tmp,templates,css,src}/content www/page.html
- In Shared folders page,
Reset permissions
foribay1
, then runcd /var/lib/nethserver/ibay/ibay1 echo -e '#test htwritable\napp/cache\napp/tmp' > .htwritable getfacl -R . > acl1.out
- In Shared folders page again,
Reset permissions
foribay1
, then runcd /var/lib/nethserver/ibay/ibay1 getfacl -R . > acl2.out diff -u acl{1,2}.out
- Verify apache has write permissions on
app/cache
andapp/tmp
. The other contents must have not changed. - If "Allow .htaccess and write permissions overrides" is unchecked write permissions must be revoked
- If "Web access" is disabled, any apache ACL must be revoked.
#5 Updated by Davide Principi over 6 years ago
- Status changed from MODIFIED to ON_QA
- % Done changed from 60 to 70
In nethserver-testing 6.6:nethserver-httpd-2.3.3-1.12.gf073355.ns6.noarch.rpm
nethserver-httpd-2.3.3-1.13.g6bff3dc.ns6.noarch.rpm
#6 Updated by Giacomo Sanchietti over 6 years ago
- Assignee set to Giacomo Sanchietti
#7 Updated by Giacomo Sanchietti over 6 years ago
- Status changed from ON_QA to VERIFIED
- Assignee deleted (
Giacomo Sanchietti) - % Done changed from 70 to 90
Test case 1: VERIFIED
Test case 2: VERIFIED
#8 Updated by Davide Principi over 6 years ago
- Status changed from VERIFIED to CLOSED
- % Done changed from 90 to 100
In nethserver-updates 6.6:
nethserver-httpd-2.4.0-1.ns6.noarch.rpm