Bug 213906

Summary: www/owncloud - .user.ini and .htaccess should be writable (again)
Product: Ports & Packages Reporter: joshruehlig
Component: Individual Port(s)Assignee: Sunpoet Po-Chuan Hsieh <sunpoet>
Status: New ---    
Severity: Affects Many People CC: w.schwarzenfeld
Priority: --- Flags: bugzilla: maintainer-feedback? (kevlo)
Version: Latest   
Hardware: Any   
OS: Any   

Description joshruehlig 2016-10-30 05:49:21 UTC
ownCloud needs to be able to write to .user.ini to change the upload size if using PHP-FPM

ownCloud 9 appends to it's .htaccess upon installation (during lib/private/setup.php) if it sees the apcahe 'env' and 'rewrite' modules are available. This is needed to get "Pretty URLs" working properly.

The fix should be...
@(%%OWNCLOUD_USERNAME%%,%%OWNCLOUD_GROUPNAME%%,664) %%WWWDIR%%/.htaccess
@(%%OWNCLOUD_USERNAME%%,%%OWNCLOUD_GROUPNAME%%,664) %%WWWDIR%%/.user.ini 

####

This was fixed before here...
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=208311

But, when the port was updated to version 9.0.4 the permission settings were dropped.
https://github.com/freebsd/freebsd-ports/commit/68bf13e9a759b0321398cd3c07b54ea2c50fbd53
Comment 1 Kevin Lo freebsd_committer 2016-10-30 13:40:53 UTC
Please do not allow the webserver user to modifiy the .htaccess file.
If you need to change something in there, use the command line.
The file should be read-only and owned by root.
Comment 2 joshruehlig 2016-10-30 14:32:59 UTC
But owncloud needs to be able to modify the .htaccess enable clean URLs. It dynamically adds something like this based on the base URL

This could be done during installation/upgrade or with occ from the commandline.
https://doc.owncloud.org/server/9.1/admin_manual/configuration_server/index_php_less_urls.html#configuration-steps

I'm not sure if it's ok to run occ with root, but it probably would be fine. But if an owncloud admins didn't have root access they could never use Pretty URLs?


"#### DO NOT CHANGE ANYTHING ABOVE THIS LINE ####

ErrorDocument 403 //core/templates/403.php
ErrorDocument 404 //core/templates/404.php
<IfModule mod_rewrite.c>
  Options -MultiViews
  RewriteRule ^core/js/oc.js$ index.php [PT,E=PATH_INFO:$1]
  RewriteRule ^core/preview.png$ index.php [PT,E=PATH_INFO:$1]
  RewriteCond %{REQUEST_FILENAME} !\.(css|js|svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$
  RewriteCond %{REQUEST_FILENAME} !core/img/favicon.ico$
  RewriteCond %{REQUEST_FILENAME} !/remote.php
  RewriteCond %{REQUEST_FILENAME} !/public.php
  RewriteCond %{REQUEST_FILENAME} !/cron.php
  RewriteCond %{REQUEST_FILENAME} !/core/ajax/update.php
  RewriteCond %{REQUEST_FILENAME} !/status.php
  RewriteCond %{REQUEST_FILENAME} !/ocs/v1.php
  RewriteCond %{REQUEST_FILENAME} !/ocs/v2.php
  RewriteCond %{REQUEST_FILENAME} !/updater/
  RewriteCond %{REQUEST_FILENAME} !/ocs-provider/
  RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge/.*
  RewriteRule . index.php [PT,E=PATH_INFO:$1]
  RewriteBase /
  <IfModule mod_env.c>
    SetEnv front_controller_active true
    <IfModule mod_dir.c>
      DirectorySlash off
    </IfModule>
  </IfModule>
</IfModule>"
Comment 3 joshruehlig 2016-10-30 14:34:32 UTC
Not the above lines are added dynamically by PHP, and can change per version so I think it would be somewhat difficult for a owncloud admin to hand edit these in.
Comment 4 Rene Ladan freebsd_committer 2018-01-12 11:24:16 UTC
Maintainer reset.
Comment 5 Walter Schwarzenfeld freebsd_triage 2019-09-04 20:24:00 UTC
Maintainer feedback, please resp. is this still relevant?