Project

General

Profile

Bug #1463

Permissions in logs

Added by turicas over 12 years ago. Updated almost 12 years ago.

Status:
Invalid
Priority:
High
Category:
core
Target version:
ASK QUESTIONS IN Forums:

Description

Hello,
I want to configure my lighty to run with the site's owner user.
In my case, user 'turicas' is the owner of 'justen.eng.br' and 'elidiane' is owner of 'elidiane.justen.eng.br'. I want to write logs in home dirs of these users too.

So, I configured in /etc/lighttpd/conf-available/justen.eng.br.conf:
$HTTPhost =~ "^(www\.)?justen\.eng\.br$" {
server.name = "www.justen.eng.br"
server.document-root = "/home/turicas/public_html/"
server.username = "turicas"
server.groupname = "turicas"
accesslog.filename = "/home/turicas/justen.eng.br-access.log"
server.errorlog = "/home/turicas/justen.eng.br-error.log"
}

$HTTPhost =~ "^(www\.)?elidiane\.justen\.eng\.br$" {
server.name = "www.elidiane.justen.eng.br"
server.document-root = "/home/elidiane/public_html/"
server.username = "elidiane"
server.groupname = "elidiane"
accesslog.filename = "/home/elidiane/elidiane.justen.eng.br-access.log"
server.errorlog = "/home/elidiane/elidiane.justen.eng.br-error.log"
}

In /etc/lighttpd/lighttpd.conf:
server.username = "www-data"
server.groupname = "www-data"
accesslog.filename = "/var/log/lighttpd/access.log"
server.errorlog = "/var/log/lighttpd/error.log"

But when I try to start lighty:

protozoa:/etc/lighttpd# /etc/init.d/lighttpd start
Starting web server: lighttpd2007-11-25 17:13:37: (mod_accesslog.c.514) opening access-log failed: Permission denied /var/log/lighttpd/access.log
2007-11-25 17:13:37: (server.c.849) Configuration of plugins failed. Going down.
.

User www-data can write /var/log/lighttpd/access.log:

protozoa:/etc/lighttpd# ls lha /var/log/lighttpd/access.log
-rw-r--r-
1 www-data www-data 0 Nov 25 17:01 /var/log/lighttpd/access.log

I've tested switching server.username and I think that lighty is trying to write /var/log/lighttpd/access.log with usernames turicas and elidiane when it starts when it has to write:
1- /var/log/lighttpd/{access,error}.log with user 'www-data',
2- /home/turicas/justen.eng.br-{access,error}.log with user 'turicas' and
3- /home/elidiane/elidiane.justen.eng.br-{access,error}.log with user 'elidiane'.

#1

Updated by stbuehler almost 12 years ago

  • Status changed from New to Fixed
  • Resolution set to invalid

server.username and server.groupname are global only options, your process can only run as one user...

#2

Updated by stbuehler almost 12 years ago

  • Status changed from Fixed to Invalid

Also available in: Atom