[pkg-lighttpd] Bug#597381: lighttpd: Too-greedy match for php scripts in 15-fastcgi-php.conf
Alexander E. Patrakov
patrakov at gmail.com
Sun Sep 19 07:46:06 UTC 2010
Package: lighttpd
Version: 1.4.28-1
Severity: normal
To reproduce the issue, suppose that you are a developer of a web
application. Your application is written in PHP, and you use Subversion
to store the sources and the history of changes. You want to provide a
demo site and a bugtracker. For a bugtracker, you choose Trac. And you
decide to power the demo site and the bugtracker with Debian Squeeze and
lighttpd.
So, install lighttpd, trac, python-flup. Create the project environment
with trac-admin. Then save the following configuration snippet as
/etc/lighttpd/conf-available/50-trac.conf:
fastcgi.server += ("/trac" =>
((
"socket" => "/tmp/trac-fastcgi.sock",
"bin-path" => "/usr/share/pyshared/trac/web/fcgi_frontend.py",
"check-local" => "disable",
"max-procs" => 3,
"bin-environment" => ("TRAC_ENV" => "/srv/trac/myproject")
))
)
and enable it with lighttpd-enable-mod fastcgi trac. Restart lighttpd.
Hurrah, Trac works.
Now put your PHP scripts into the document root and enable PHP support
in lighttpd: lighttpd-enable-mod php-fastcgi. Hurrah, the demo site
works. But Trac shows a 404 error when you attempt to browse a source of
a PHP script using its subversion browser, i.e., visit an URL like
http://www.example.com/trac/browser/trunk/www/index.php
The URL looks like a PHP script, but it really isn't and thus should be
passed to Trac, not to PHP. Please make sure that php-cgi eats only real
PHP files, not all URLs ending in .php. Or, if this is impossible to do
generally, add a comment to 15-fastcgi-php.conf with a warning about
this issue and the actions the local admin has to do in order to resolve it.
-- System Information:
Debian Release: squeeze/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32-5-xen-amd64 (SMP w/4 CPU cores)
Locale: LANG=ru_RU.UTF-8, LC_CTYPE=ru_RU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages lighttpd depends on:
ii libattr1 1:2.4.44-2 Extended attribute shared
library
ii libbz2-1.0 1.0.5-4 high-quality block-sorting
file co
ii libc6 2.11.2-5 Embedded GNU C Library:
Shared lib
ii libfam0 2.7.0-17 Client library to control
the FAM
ii libldap-2.4-2 2.4.23-5 OpenLDAP libraries
ii libpcre3 8.02-1.1 Perl 5 Compatible Regular
Expressi
ii libssl0.9.8 0.9.8o-2 SSL shared libraries
ii libterm-readline-perl-p 1.0303-1 Perl implementation of
Readline li
ii lsb-base 3.2-23.1 Linux Standard Base 3.2
init scrip
ii mime-support 3.48-1 MIME files 'mime.types' &
'mailcap
ii zlib1g 1:1.2.3.4.dfsg-3 compression library - runtime
Versions of packages lighttpd recommends:
ii spawn-fcgi 1.6.3-1 A fastcgi process spawner
Versions of packages lighttpd suggests:
ii apache2-utils 2.2.16-2 utility programs for webservers
ii openssl 0.9.8o-2 Secure Socket Layer (SSL)
binary a
pn rrdtool <none> (no description available)
-- Configuration Files:
/etc/lighttpd/conf-available/15-fastcgi-php.conf: [changed only
PHP_FCGI_CHILDREN]
/etc/lighttpd/lighttpd.conf changed [not included]
-- no debconf information
--
Alexander E. Patrakov
More information about the pkg-lighttpd-maintainers
mailing list