[apache2] 01/02: Change the default document root to /var/www/html
Arno Töll
atoell-guest at moszumanska.debian.org
Sun Nov 24 15:11:13 UTC 2013
This is an automated email from the git hooks/post-receive script.
atoell-guest pushed a commit to branch master
in repository apache2.
commit a6fd25c46f4e27ef2923977beb0c18e505176395
Author: Arno Töll <arno at debian.org>
Date: Sun Nov 24 16:09:43 2013 +0100
Change the default document root to /var/www/html
---
debian/apache2.NEWS | 8 ++++++++
debian/apache2.dirs | 2 +-
debian/apache2.postinst | 2 +-
debian/changelog | 4 +++-
debian/config-dir/sites-available/000-default.conf | 2 +-
debian/config-dir/sites-available/default-ssl.conf | 2 +-
debian/index.html | 8 ++++----
7 files changed, 19 insertions(+), 9 deletions(-)
diff --git a/debian/apache2.NEWS b/debian/apache2.NEWS
index 75be4ce..b414151 100644
--- a/debian/apache2.NEWS
+++ b/debian/apache2.NEWS
@@ -34,6 +34,14 @@ apache2 (2.4.1-1) unstable; urgency=low
allow access to your served directory explicity in the corresponding virtual
host, or by allowing access in apache2.conf as proposed.
+ Along the security model, we did also change the default Document Root, files
+ are served from. Previous releases served /var/www by default when no other
+ virtual host matched the request. Starting with this release, we changed the
+ default document root to /var/www/html, so that sensitive files from other
+ virtual hosts wich are typically put into some directory below /var/www are
+ not exposed by the default virtual host. This change further improves the out
+ of box security.
+
Moreover, the configuration mechanism in Debian has changed. All
configurations in sites-enabled and conf-enabled need a ".conf" suffix now.
The latter replaces the deprecated /etc/apache2/conf.d/ directory (which is
diff --git a/debian/apache2.dirs b/debian/apache2.dirs
index 9ef4c24..531c08f 100644
--- a/debian/apache2.dirs
+++ b/debian/apache2.dirs
@@ -8,5 +8,5 @@ usr/share/lintian/overrides
var/cache/apache2
var/cache/apache2/mod_cache_disk
var/log/apache2
-var/www
+var/www/html
usr/share/bug/apache2
diff --git a/debian/apache2.postinst b/debian/apache2.postinst
index f32cc54..3704f77 100644
--- a/debian/apache2.postinst
+++ b/debian/apache2.postinst
@@ -283,7 +283,7 @@ install_default_files()
! -e /var/www/index.php -a \
! -e /var/www/index.xhtml -a \
! -e /var/www/index.htm ] ; then
- cp /usr/share/apache2/default-site/index.html /var/www/index.html
+ cp /usr/share/apache2/default-site/index.html /var/www/html/index.html
fi
fi
}
diff --git a/debian/changelog b/debian/changelog
index fbfa0ee..e9f2949 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -32,9 +32,11 @@ apache2 (2.4.6-4) UNRELEASED; urgency=low
* Remove Steinar H. Gunderson from uploaders, he will continue to support
itk in his own package in future. The remaining Apache team thanks Steinar
for all the work in the past.
+ * Change the Default Document root directory where files are served from
+ (Closes: #730372).
- -- Arno Töll <arno at debian.org> Thu, 07 Nov 2013 22:46:29 +0100
+ -- Arno Töll <arno at debian.org> Sun, 24 Nov 2013 16:04:50 +0100
apache2 (2.4.6-3) unstable; urgency=low
diff --git a/debian/config-dir/sites-available/000-default.conf b/debian/config-dir/sites-available/000-default.conf
index e3c973d..cfe8df5 100644
--- a/debian/config-dir/sites-available/000-default.conf
+++ b/debian/config-dir/sites-available/000-default.conf
@@ -9,7 +9,7 @@
#ServerName www.example.com
ServerAdmin webmaster at localhost
- DocumentRoot /var/www
+ DocumentRoot /var/www/html
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
diff --git a/debian/config-dir/sites-available/default-ssl.conf b/debian/config-dir/sites-available/default-ssl.conf
index 25b20ca..432b965 100644
--- a/debian/config-dir/sites-available/default-ssl.conf
+++ b/debian/config-dir/sites-available/default-ssl.conf
@@ -2,7 +2,7 @@
<VirtualHost _default_:443>
ServerAdmin webmaster at localhost
- DocumentRoot /var/www
+ DocumentRoot /var/www/html
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
diff --git a/debian/index.html b/debian/index.html
index 5cad971..854d44f 100644
--- a/debian/index.html
+++ b/debian/index.html
@@ -224,7 +224,7 @@
operation of the Apache2 server after it has been installed on Debian systems.
If you can read this page, it means that the Apache HTTP server installed at
this site is working properly. You should <b>replace this file</b> (located at
- <tt>/var/www/index.html</tt>) before continuing to operate your HTTP server.
+ <tt>/var/www/html/index.html</tt>) before continuing to operate your HTTP server.
</p>
</div>
<div class="section_header">
@@ -324,9 +324,9 @@
document root directory in <tt>/etc/apache2/apach2.conf</tt>.
</p>
<p>
- XXX: Write here where to place additional doc roots/explain the
- /var/www issue. This needs a decision on the doc root first,
- though.
+ The default Debian document root is <tt>/var/www/html</tt>. You
+ can make your own virtual hosts under /var/www. This is different
+ to previous releases to provide better security out of the box.
</p>
</div>
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-apache/apache2.git
More information about the Pkg-apache-commits
mailing list