Permissions problem I am still struggling with.

chickenminnie · 12-28-2009, 12:12 PM

I am seeing this error in my error logs when I attempt to upload a file using webDAV to a folder:

Mon Dec 28 10:32:01 2009] [error] [client 163.153.xxx.xxx] The locks could not be queried for verification against a possible "If:" header. [500, #0]
[Mon Dec 28 10:32:01 2009] [error] [client 163.153.xxx.xxx] Could not open the lock database. [500, #400]
[Mon Dec 28 10:32:01 2009] [error] [client 163.153.xxx.xxx] (13)Permission denied: Could not open property database. [500, #1]

I noticed that my attempted upload did not write anything to the DAV directory (which I believe is what this error is referring to). The DAV directory is writable by the apache service. Can anyone shed some light on this? This is a SLES 10 server. Thanks.

rweaver · 12-28-2009, 04:43 PM

What uid is apache running as, what are the permissions on the directory/files? Are you running anything like suphp or fastcgi/suexec?

chickenminnie · 12-29-2009, 10:21 AM

If I type ps -ef at the command line I see several lines like this:

wwwrun 914 912 0 Dec28 ? 00:00:01 /usr/sbin/httpd2-prefork -f /etc/apache2/httpd.conf -DSSL

Am I correct in concluding that apache is running as wwwrun?

The DAV directory has these permissions:
drwxrwxrwx 2 root root 4096 Dec 23 13:34 DAV

And if I do a ls -l on the DAV directory I get this:
-rwxrwxrwx 1 wwwrun www 3 Dec 23 13:26 .dir
-rwxrwxrwx 1 wwwrun www 3 Dec 23 13:34 .pag

As far as I know I do not have suphp or fastcgi/suexec running on this server.

chickenminnie · 12-31-2009, 11:14 AM

Addendum to my answer to rweaver: I am seeing a reference to suexec in the apache logs. I happened to notice this after restarting apache: suexec mechanism enabled (wrapper: /usr/sbin/suexec2. Could that be imposing some sort of file restrictions I am unaware of? Thanks.

rweaver · 12-31-2009, 12:49 PM

It would depend how it is executing, could you post up the logs?

allanf · 12-31-2009, 04:33 PM

Quote:

Originally Posted by chickenminnie

If I type ps -ef at the command line I see several lines like this:

wwwrun 914 912 0 Dec28 ? 00:00:01 /usr/sbin/httpd2-prefork -f /etc/apache2/httpd.conf -DSSL

Am I correct in concluding that apache is running as wwwrun?

The DAV directory has these permissions:
drwxrwxrwx 2 root root 4096 Dec 23 13:34 DAV

And if I do a ls -l on the DAV directory I get this:
-rwxrwxrwx 1 wwwrun www 3 Dec 23 13:26 .dir
-rwxrwxrwx 1 wwwrun www 3 Dec 23 13:34 .pag

As far as I know I do not have suphp or fastcgi/suexec running on this server.

The configuration file, /etc/apache2/httpd.conf (as seen in your results), controls the user and group that apache runs as.

chickenminnie · 01-03-2010, 10:39 AM

For rweaver: I did a find on anything related to suexec that would be a log file, but turned up nothing. Shouldn't it be logging something if it's running?

For allanf: Apache is running as wwwrun (user) www (group).

allanf · 01-16-2010, 10:05 PM

I use apache (and have for a long time) but i do not use WEBDAV. Seeing this information it says that apache is indeed
username: wwwrun
group: www
Given that and your permissions above, I would:
chgrp www DAV
which will change the owning group for DAV to be that of the the running apache server. The internals directories you show are already owned by username, wwwrun, and group, www.