Question

I copied a twiki instance from one machine to another, making all necessary modifications (http, path, etc). The twiki instance on the new system only appears to have one problem (it's been running for months). New users can register, getting the appropriate files in data/Main, listed in the TWikiUsers file, and getting a confirmation email. However the data/.htpasswd file doesn't get updated so they cannot login. Once the modification is made manually they can log in. I've made modifications to permissions, testing all settings that were on the old system. The httpd/error_log reveals the following (modified to hide true host and email address): [Thu Feb 09 20:29:10 2006] [error] [client 172.23.194.15] [Thu Feb 9 20:29:10 2006] oops: Can't create file /var/www/twiki/data/Main/ - Is a directory, referer: http://myhost.com/twiki/bin/view/TWiki/TWikiRegistration [Thu Feb 09 20:29:11 2006] [error] [client 172.23.194.15] [Thu Feb 9 20:29:11 2006] view: Can't create file /var/www/BIC/data/Main/ - Is a directory, referer: http://myhost.com/twiki/bin/oops/Main/AlbertEinsteinzzzz?template=oopsregthanks&param1=email@host.com [Thu Feb 09 20:29:11 2006] [error] [client 172.23.194.15] [Thu Feb 9 20:29:11 2006] view: Can't create file /var/www/twiki/data/Main/ - Is a directory, referer: http://myhost.com/twiki/bin/oops/Main/AlbertEinsteinzzzz?template=oopsregthanks&param1=email@host.com [Thu Feb 09 20:29:13 2006] [error] [client 172.23.194.15] [Thu Feb 9 20:29:13 2006] viewauth: Can't create file /var/www/twiki/data/Main/ - Is a directory, referer: http://myhost.com/twiki/bin/oops/Main/AlbertEinsteinzzzz?template=oopsregthanks&param1=email@host.com [Thu Feb 09 20:29:13 2006] [error] [client 172.23.194.15] [Thu Feb 9 20:29:13 2006] viewauth: Can't create file /var/www/twiki/data/Main/ - Is a directory, referer: http://myhost.com/twiki/bin/oops/Main/AlbertEinsteinzzzz?template=oopsregthanks&param1=email@host.com

Environment

-- DanaCarrington - 10 Feb 2006

Answer

If you answer a question - or someone answered one of your questions - please remember to edit the page and set the status to answered. The status selector is below the edit box.

As an update -- I've thoroughly researched this problem. Tried .htpasswd owned by nobody, 666 to open up full access, looking at $remoteUser in register program, made sure to mv TWikiRegistrationPub.txt to TWikiRegistration.txt, limited that file to contain only necessary fields, etc. All to no avail. Please advise.

-- DanaCarrington - 10 Feb 2006

Hi Dana - can you try the new release?

-- MartinCleaver - 10 Feb 2006

Hi Martin -- I really like the new release, unfortunately it looks like some of the plugins aren't working correctly. Small list from one of my users -- edittable and editsection don't seem to render the same as in the old twiki.

-- DanaCarrington - 10 Feb 2006

An admin friend found the problem. Apparently one of the plugins (do not know which one) updated the Store.pm file.

/var/www/twiki/lib/TWiki/Store.pm (Line 981 - "sub saveFile")

The code:

# untainting unless( $name =~ m|^([^.]+)[\.\/](.*)$| ) { die "filename '$name' has invalid characters.\n"; } $name = $1;

... is wiping out the file name (leaving only the dir name) for any file beginning with a dot.

This explains many of the errors in the Apache error_log file.

(The two lines: TWiki::Func::writeDebug( "saveFile1: $name, $text" ); are mine... nuke 'em when done)

Look in /var/www/twiki/data/debug.txt and see all the file names it's butchering. This bug is causing other problems than just registration issues...

-- DanaCarrington - 11 Feb 2006