65736 – Apache upgrades should not install index.html

Bug 65736 - Apache upgrades should not install index.html

Summary: Apache upgrades should not install index.html

Keywords:
Status:	CLOSED RAWHIDE
Alias:	None
Product:	Red Hat Linux
Classification:	Retired
Component:	apache
Sub Component:
Version:	7.2
Hardware:	i386
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Joe Orton
QA Contact:	Brian Brock
Docs Contact:
URL:
Whiteboard:
Duplicates (2):	67181 68492 (view as bug list)
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2002-05-30 22:55 UTC by Eric Seppanen
Modified:	2007-04-18 16:42 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2002-06-27 15:30:30 UTC
Embargoed:

Attachments	(Terms of Use)

Description Eric Seppanen 2002-05-30 22:55:28 UTC

Description of Problem:
When upgrading apache, a new index.html file is installed if none exists.  This
can break a production site because index.html takes precedence over index.php,
index.php3, index.php4, index.cgi, etc.

The result is that an upgrade will effectively bring down a site's home page,
replacing it with an idiotic "welcome" page and possibly getting yelled at by
one's boss.

Upgrading a 7.2 machine to 1.3.22-2 will cause this.

Is it possible to _not_ install index.html if upgrading an existing
installation, and index.html doesn't exist?  This can only happen if the user
intentionally deleted the original index.html, so it's clearly incorrect to put
one back.

Comment 1 Joseph Tate 2002-06-21 13:45:03 UTC

This can be worked around by putting a redirect directive to your index.php or 
what have you in a blank index.html file.  The other thing you could do is 
reorder the list of default web pages so that index.html is last.  There's 
nothing that can really be done on an upgrade only.

Comment 2 Dave Miller 2002-06-24 02:35:31 UTC

This update also effectively locked out several of our web page editors...

our /var/www/html directory had permissions 2775 with a group set on it for
people who could edit web pages.  The update reset those to 755 root:root.  On
top of that, we use an index.cgi, so we wound up with the default apache start
page in place of our usual home page.

Comment 3 Joe Orton 2002-06-27 11:50:57 UTC

*** Bug 67181 has been marked as a duplicate of this bug. ***

Comment 4 Joe Orton 2002-06-27 12:51:24 UTC

We're going to solve this by removing /var/www/html/index.html from the package
(at least, renaming it out /var/www/html), and having this "Test page" set up as
an ErrorDocument for "/", so it is only displayed if no other index page can be
served.

Could you file the /var/www/html permissions problem as a separate bug?

Comment 5 Dave Miller 2002-06-27 15:30:26 UTC

done.  bug 67565

Comment 6 Joe Orton 2002-07-08 15:47:43 UTC

Thanks.  The Apache 2.0 package (named "httpd") now available in the Limbo beta
implements the scheme I gave in the comment above, hopefully a satisfactory
solution to this problem.

Comment 7 Joe Orton 2002-07-16 08:45:15 UTC

*** Bug 68492 has been marked as a duplicate of this bug. ***

Comment 8 Dave Miller 2003-12-29 00:13:24 UTC

FYI, the apache-1.3.27-3.7.2 update did this AGAIN (created index.html
because it didn't exist, which took down a production site which used
an index.cgi).  This is not fixed.

Comment 9 Joe Orton 2003-12-29 10:37:06 UTC

This is fixed in RHL8 and above; it wasn't feasible to fix it for the
7.x errata.

Note You need to log in before you can comment on or make changes to this bug.