4483 – [Anolis 23][httpd服务][x86_64]Anolis23 httpd服务安全登录策略——设置用户权限，访问未划为用户权限页面正常，访问用户权限页面，报错为403，设置不生效。

Bug 4483 - [Anolis 23][httpd服务][x86_64]Anolis23 httpd服务安全登录策略——设置用户权限，访问未划为用户权限页面正常，访问用户权限页面，报错为403，设置不生效。

Summary: [Anolis 23][httpd服务][x86_64]Anolis23 httpd服务安全登录策略——设置用户权限，访问未划为用户权限页面正常，访问用户...

Status:	RESOLVED FIXED

Alias:	None

Product:	Anolis OS 23
Classification:	Anolis OS
Component:	BaseOS Packages (show other bugs)	BaseOS Packages
Sub Component:
Version:	23.0
Hardware:	All Linux

Importance:	P3-Medium S3-normal
Target Milestone:	---
Assignee:	xuchunmei
QA Contact:	bolong_tbl

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2023-03-10 17:49 UTC by Banana
Modified:	2023-04-26 17:56 UTC (History)
CC List:	3 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Banana alibaba_cloud_group

2023-03-10 17:49:46 UTC

[问题描述]：
httpd服务安全登录策略——设置用户权限，访问未划为用户权限页面正常，访问用户权限页面，报错为403，设置不生效。  

[环境信息]：
机器类型：ECS

内核信息：
[root@iZbp1gc4szu3xmuejrr3c6Z user]# uname -r
5.17.0-1.an23.x86_64

操作系统信息：
[root@iZbp1gc4szu3xmuejrr3c6Z user]# cat /etc/os-release
NAME="Anolis OS"
VERSION="23"
ID="anolis"
VERSION_ID="23"
PLATFORM_ID="platform:an23"
PRETTY_NAME="Anolis OS 23"
ANSI_COLOR="0;31"
HOME_URL="https://openanolis.cn/"
BUG_REPORT_URL="https://bugzilla.openanolis.cn/"

[问题发生概率]：必现

[复现步骤]：
1、编辑httpd.conf文件，设置用户权限路径
<Directory "/var/www/html/user/">
    Options None
    AllowOverride None
    AuthType Basic
    AuthName "Test user login"
    AuthUserFile "/etc/httpd/.user"
    Require user user1
</Directory>
2、在/var/www/html/user/创建index.html，并在index.html写入hello
3、创建httpd用户
htpasswd -bcm /etc/httpd/.user user1 12345
4、重启httpd服务，systemctl restart httpd
5、访问 curl http://user1:12345@ip/user/index.html

Comment 1 yunmeng365524 2023-03-14 10:28:45 UTC

这个也贴一下an8的结果、日志

Comment 2 Banana alibaba_cloud_group

2023-04-26 17:56:50 UTC

已解决
[root@iZbp1gc4szu3xmuejrr3c6Z /]# uname -r
5.10.134-13.2_alpha1.an23.x86_64

[root@iZbp1gc4szu3xmuejrr3c6Z /]# rpm -qi httpd
Name        : httpd
Version     : 2.4.55
Release     : 1.an23
Architecture: x86_64
Install Date: Wed Apr 26 17:37:22 2023
Group       : Unspecified
Size        : 61293
License     : ASL 2.0
Signature   : RSA/SHA256, Thu Jan 19 00:01:43 2023, Key ID 619140084873f7c5
Source RPM  : httpd-2.4.55-1.an23.src.rpm
Build Date  : Wed Jan 18 12:33:31 2023
Build Host  : anolis-build-01.openanolis.cn
Packager    : OpenAnolis Community
Vendor      : OpenAnolis Community
URL         : https://httpd.apache.org/
Summary     : Apache HTTP Server
Description :
The Apache HTTP Server is a powerful, efficient, and extensible
web server.

[root@iZbp1gc4szu3xmuejrr3c6Z /]# curl -vvv http://user1:12345@172.16.0.246/user/index.html
*   Trying 172.16.0.246:80...
* Connected to 172.16.0.246 (172.16.0.246) port 80 (#0)
* Server auth using Basic with user 'user1'
> GET /user/index.html HTTP/1.1
> Host: 172.16.0.246
> Authorization: Basic dXNlcjE6MTIzNDU=
> User-Agent: curl/8.0.1
> Accept: */*
>
< HTTP/1.1 200 OK
< Date: Wed, 26 Apr 2023 09:42:35 GMT
< Server: Apache/2.4.55 (Anolis OS)
< Last-Modified: Wed, 26 Apr 2023 09:39:40 GMT
< ETag: "18-5fa3a04e138ac"
< Accept-Ranges: bytes
< Content-Length: 24
< Content-Type: text/html; charset=GB2312
<
user access Test
你好
* Connection #0 to host 172.16.0.246 left intact