Cannot get /dav to accept uploads

Hi,

I am having problems getting dav to work on any domain. Host is Ubuntu 12.04 running latest webmin and virtualmin.

All configuration details seem correct. I can log into the both http://domain/dav and https://domain/dav and see and read the directory contents and files. BUT, I cannot upload any files essentially I get these errors in the Apache Error log. They would normally be related for file and directory permissions but all seem ok. All files are owned by the domain owner as is the /public_html directory that /dav is an alias for and I am authenticating correctly as the domain owner for each domain.

Can anyone suggest a remedy for this as clients want to use webdav (dreamweaver/Nautilus etc.) and this is causing some real headaches that I simply cannot seem o get t work even though everything sees to be automatically configured by vitualmin?

Cheers
Spart

[Tue Dec 03 21:19:12 2013] [error] [client 192.168.0.254] Unable to PUT new contents for /dav/index.html. [403, #0]
[Tue Dec 03 21:19:12 2013] [error] [client 192.168.0.254] (13)Permission denied: An error occurred while opening a resource. [500, #0]

Anyone have any idea?

Maybe some help here?

https://www.google.com/search?q=error+client+Unable+to+PUT+new+contents+for+%2Fdav%2Findex.html+403&ie=utf-8&oe=utf-8&aq=t

https://www.google.com/search?q=error+client+Permission+denied+An+error+occurred+while+opening+a+resource&ie=utf-8&oe=utf-8&aq=t

Yeah DAV can be a bit of a tricky one. So much so that it is usually much simpler to use FTP or SSH :slight_smile:

We don’t typically recommend it, though some people do use it.

The problem is that Apache modules (such as DAV) need to execute with the permissions of Apache – they don’t change permission to run as the Virtual Server owner, like PHP does when using CGI or FCGID.

If I recall correctly, your files and folders would need to be writable by Apache – and I think the easiest way to do that would be to make your files/folders group writable.

For example, if you don’t currently have an index.html file in your public_html folder, try setting public_html to have the permission “775”.

-Eric

These two links are the same thread!

having spent most of the night and most of today trying to get this to work, I am now stumped. This has to be some kind of bug or misconfiguration in apache somewhere! As the entire install is a webmin/virtualmin install all configuration is done using web/virtualmin.

The DAVlock files exist in /var/lock/apache2

8.0K -rwxr-xr-x 1 www-data www-data 12K Dec 4 17:00 DavLock
8.0K -rwxr-xr-x 1 www-data www-data 12K Dec 3 17:37 DAVLock

These are the errors related to the dav write from any client it seems.

[Wed Dec 04 17:00:34 2013] [error] [client x.x.x.x.] Unable to PUT new contents for /dav/ml5.pdf. [403, #0]
[Wed Dec 04 17:00:34 2013] [error] [client x.x.x.x] (13)Permission denied: An error occurred while opening a resource. [500, #0]

This is how Virtualmin sets up dav on any domain that enables it as standard:

<Location /dav>
DAV on
AuthType Basic
AuthName “FQDN”
AuthUserFile /home/domainowner/etc/dav.digest.passwd
Require user domainowner
ForceType text/plain
Satisfy All
RemoveHandler .php
RemoveHandler .php5
RewriteEngine off

Require user domainowner

passwords are correct user is correct all files are existant etc.

All reading suggests this is correct. dav connects and reads directories perfectly. I can open any file and copy it locally. But, I cannot write anything back! Any attempt results in the above apache errors.

I really need someone to help me out here because I seem to have reached my knowledge limit. Does anyone have this working on Ubuntu 12.04 Server with Webmin/Virtualmin and multiple virtual domains hosted?

All help appreciated, believe me I have trawled google to death.

Cheers
Spart

Unbelieveable!!!

Your permission suggestion on the public_html directory solved the problem. Please ignore my rant below…frustration.

Is there another way to do this on the /dav alias using apache directives? so that the whole public_html directory stays with standard permissions of 750 and not 770?

What are the security implications of allowing group write on public_html?

Thank you for your attention to this issue.

Cheers
Spart

After some testing it seems that 770 rwxrwx— seems to work. So I do not have to give the world rx permissions on the public_html directory. Any issues with security from your extensive knowledge?

Thanks for your suggestions but not really helpful in the end. See solution below.

Cheers
Spart

After having spent far too much time with this issue I have found out it is a bug that can’t be solved.

Here you’ll find info about it https://bz.apache.org/bugzilla/show_bug.cgi?id=54914

If you wirte

DirectoryIndex Off

in the .htaccess you will be able to write to the server if you give the folder at least 770-rights. But then you have closed the directory indexing so Apache will not start, it will not find your index.html, index.php etc.

If there is no index.something file on the server, there is not problem, you don’t have to close down the Directory indexing, but as soon you have transfered any file with the name index.something, DAV breaks down. And as said, with DirectoryIndex Off Apache will not read your index files.

The only solution seem to be either to modify .htaccess everytime you want to connect to the server, or to avoid using the name index and instaed using default.html or similar, or to use FTP. I use FTP.

An advice: If you write DirectoryIndex Off somewhere else than in .htaccess you will probably close down all Apache sites on the server.

In the link mentionned above the propose

DirectoryIndex never-encounterable-file-name.html

It is the same as DirectoryIndex Off, so it doesn’t help either.

All the best from a very tired and quite annoyed

Hans