On Thursday 29 December 2011, william felipe_welter wrote: > There is a simple patch for the initialization script that resolve > this issue: > > 173a174 > > > APACHE_LOG_DIR=$(. $APACHE_ENVVARS && echo $APACHE_LOG_DIR) > > 174a176,182 > > > if [ ! -d $APACHE_LOG_DIR ] ; then > > > > log_daemon_msg "Creating Log directory on: $APACHE_LOG_DIR" > > "apache2" APACHE_RUN_USER=$(. $APACHE_ENVVARS && echo > > $APACHE_RUN_USER) > > > > APACHE_RUN_GROUP=$(. $APACHE_ENVVARS && echo > > $APACHE_RUN_GROUP) > > > > mkdir $APACHE_LOG_DIR; > > chown $APACHE_RUN_USER.$APACHE_RUN_GROUP > > $APACHE_LOG_DIR; > > > > fi
The log directory doesn't need to be writable by the run user. Apache opens the log files as root. And having the directory not writable by the run user can be a security feature, also due to the way logrotate handles rotation. The directory should get the same permissions that the log dir in the package has (root:adm 0750). And please use unified diff format (i.e. diff -u) for patches, it's more readable and robust. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
