Chmod is broken with Litespeed

Discussion in 'Bug Reports' started by Jedis, May 1, 2010.

  1. Jedis

    Jedis Member

    My host is telling me that chmod does not work correctly with Litespeed. Is this true?

    I want my directories to be chmod 750 to prevent directory listing. They told me to use htaccess to prevent directory listing, but I don't want this global for my account and do not want to have to create an htaccess for each directory I want directory listing turned on.

    The exact quote from them is the following:

    "If you chmod your directories, you'll get a 404 error, not a permission error. It's the way litespeed is designed."

    Someone please help! I chmod'd to 750 in the shell and directory listing is still working if I navigate there with a browser.

    Any help is greatly appreciated, thank you!
  2. NiteWave

    NiteWave Administrator

    my test: if chmod 750 path/to/mydir
    [ERROR] Can not open directory for URI: path/to/mydir
    >I chmod'd to 750 in the shell and directory listing is still working if I navigate there with a browser.

    litespeed use lsws/share/autoindex/default.php to generate directory index.
    so check if the user/group of lsphp and user/group of the directory matches.

    for example, if lsphp run as nobody/nobody, and the directory's user/group also nobody/nobody, even if the directory's permission is set to 700, directory listing still working. in this case, change directory's user/group to jedis/jedis(for example) and set permission to 750, will prevent the directory listing.
  3. Jedis

    Jedis Member

    Hi NiteWave,

    Thanks for the response. I will do my best to answer your questions.

    I can perform the chmod to the directory and do not get an error, but can still pull a directory list by navigating to that directory via a web browser. Litespeed seems to completely ignore the chmod, as if I never performed it, at least as far as chmod 750 is concerned.

    My home folder permissions are set to myusername/myusername. I cannot seem to find the lsws directory in my jailed shell to check the permissions. It is not in /usr/local.

    Is there anything else I can check on my end? Should I direct my host to this thread to read your response?

    Any additional help you can provide would be greatly appreciated.

    Thank you!
  4. NiteWave

    NiteWave Administrator

    >Is there anything else I can check on my end?

    #ps -ef|grep lsphp
  5. Jedis

    Jedis Member

    654 11237 10958 8 07:35 ? 00:00:01 lsphp5
    654 12428 10958 6 07:35 ? 00:00:00 lsphp5
    599 12434 10958 0 07:35 ? 00:00:00 lsphp5
    myusername 12454 8309 0 07:35 ? 00:00:00 grep lsphp
  6. NiteWave

    NiteWave Administrator

    got to understand your situation.

    your php run in suEXEC mode, which has same uid/gid as your home folder.

    so auto directory indexing happens on a folder which has least 500 permission, include 750. unless you set the directory's permission to 000.

    there is a possible way to implement your requirement: customize your own autoindex script. when directory permission is 750, then the script won't index.

    there is a wiki page regarding customizing auto index script:

    also please refer this forum thread:
  7. mistwang

    mistwang LiteSpeed Staff

    Just turn off directory indexing at the document root directory via .htaccess, all sub directories will be off by default.
  8. Jedis

    Jedis Member

    See above. I don't want a global .htaccess file.

    Chmod really should be made to work correctly with LiteSpeed, like how it does with Apache. I was frustrated enough, I almost had them move me to a server that didn't have LiteSpeed and just had regular old Apache.
  9. NiteWave

    NiteWave Administrator

    please try:
    1. copy the default.php to your home folder
    cp /usr/local/lsws/share/autoindex/default.php /home/myusername/test/myindex.php
    2.edit .htaccess in your document root -- assume it's ~/public_html/.htaccess
    add one line:
    alias /_autoindex/default.php /home/myusername/test/myindex.php
    3.edit /home/myusername/test/myindex.php
    function readDirList( $path, &$excludes, &$map )
            $handle = opendir( $path );
    function readDirList( $path, &$excludes, &$map )
            $perms = fileperms($path);
            if(($perms & 0x0004)==0)
                    return null;
            $handle = opendir( $path );
    Has tested above code sample at my local lsws. Please share with us if it works at your end as well.
  10. Jedis

    Jedis Member

    I can't find that file in my jailed shell. Is it available online somewhere so I can get a copy of default.php?

  11. NiteWave

    NiteWave Administrator

    I can't find that file in my jailed shell. Is it available online somewhere so I can get a copy of default.php?
    download the latest standard version(current 4.0.14) lsws to your site's host(or local PC). extract the .tar.gz file, default.php located at lsws-4.0.14/share/autoindex/default.php
  12. Jedis

    Jedis Member

    Doesn't appear to be working.

    Note that I don't have a /_autoindex/ directory in my jailedshell.
  13. NiteWave

    NiteWave Administrator

    step 2:
    alias /_autoindex/default.php /home/myusername/test/myindex.php
    sorry, alias may not work in .htaccess
    Context: server config, virtual host

    please ask your host provider to add it to your virtual host configuration file if you can't.
  14. Jedis

    Jedis Member

    I was told by my hosting provider that it cannot be done because cPanel will rewrite the VirtualHost every time.
  15. AndrewT

    AndrewT Well-Known Member

    Tell your host to create an include file for this and uncomment the relevant include line in the virtualhost for the domain. These includes exist specifically for things like this. A commented explanation of this is even provided in the httpd.conf by cPanel.
  16. Jedis

    Jedis Member

    I told them and they said they can't (won't) do it because cPanel automatically generates them. Yes, I copied and pasted, word for word, what you said into my support ticket. That was their response.

    They offered to move me to another server that uses Apache instead to get around the issue. I'm just going to drop the matter. Perhaps LiteSpeed can make it easier for users on shared hosting to make this change themself with future versions.

    Thanks for the help here guys. Sorry it was for nothing.
  17. AndrewT

    AndrewT Well-Known Member

    Scroll down to "httpd.conf changes contained in a <VirtualHost>"

    In short, their reasoning is garbage. But I would agree that it isn't very convenient to customize the directory index. Nor is it even remotely compatible with Apache; which is odd given that LiteSpeed's claim to fame is "Apache interchangeable".

Share This Page