Backup error: apache_owned_files.list : file didn't pass safety check

[btaylor]

Hi, I am getting an error when running a user backup.

All the sites for this particular user are backing up without issue except one which is giving me:
"Error writing /backup/user_backups/../apache_owned_files.list : file didn't pass safety check"

Iv gone through the directory and changed some files owned by apache that probably shouldn't have been but I am still getting the error.

Iv already googled and searched around the forums and kb but was not able to find the same issue.

Any help is appreciated

 

[zEitEr]

Hello

This will be enabled by default, set to 1 internally.
To disable it, set:

backup_apache_files_list=0

in the directadmin.conf, and restart DA.

http://www.directadmin.com/features.php?id=956

Additionally to disabling the feature, you might need to use mod_ruid2 or mod_suphp.

 

[btaylor]

Thanks much! http://www.directadmin.com/features.php?id=956 worked like a charm!

However just for anyone else that may have this issue my directadmin.conf file did not contain the line "backup_apache_files_list=0" but adding the line to the end of the file worked just the same

 

[sokolovas]

Disabling this feature is not a solution

I think disabling this feature is NOT a solution on CLI php, so, getting back to the question:

"Error writing /backup/user_backups/../apache_owned_files.list : file didn't pass safety check"

1. Which file did not pass the safety check: user file owned by apache, or apache_owned_files.list itself?
2. What kind of security check is it? Permissions? Virus? (I have clamd installed)
3. What to do, if user whines about this error during backup, what to tell him?

Thanks!

 

[seanmiller]

Is there a way of finding out WHAT file it has objected to, please?

The apache_owned_files.list is, I believe, created by the backup script.

If it is complaining that something isn't safe I don't think it's that file, is it? It must be some other file on the site.

Seems rather a waste of time to tell us there's a bad file, but then not tell us how to find it.

Any help anybody can give would be gratefully received -- I don't think disabling the feature is really an option, as there may be "something bad out there"... we had a user register for the forums on that site with the database name as their username, which worried me... so that might be connected.

Thanks,

Sean

 

[zEitEr]

Try this http://www.directadmin.com/forum/showthread.php?t=37888&p=188443#post188443 then.

Also you can use

# find

to search files owned by Apache in users' public_html.

 

[seanmiller]

That is equally "getting around the issue", not establishing what the issue is.

I have plenty of sites with files owned by Apache... it happens... yes, by changing them all to be owned by the site owner I may get rid of the error in the backup, but there must be something in one of the files owned by apache that the script is saying "hang on! that looks suspicious"

I want to know which file it is that it's objecting to.

What is the point of programming a "safety check" into the backup if it at the end of it you are none the wiser as to what file it was that was "unsafe"? And, of course, the most "unsafe" thing is that you have no backup!!!

Sean

 

[SeLLeRoNe]

When not usign suPHP or mod_ruid2 all file uploaded from website (like on forum you can upload your own avatar) those file will be owned by apache and that file will cause issue on backups.

I suggest you to use mod_ruid2 so every file uploaded by a website will be owned by the user owner of the website, backup will success and a big security issue will be solved.

Regards

 

[zEitEr]

That is equally "getting around the issue", not establishing what the issue is.

I have plenty of sites with files owned by Apache... it happens... yes, by changing them all to be owned by the site owner I may get rid of the error in the backup, but there must be something in one of the files owned by apache that the script is saying "hang on! that looks suspicious"

I want to know which file it is that it's objecting to.

What is the point of programming a "safety check" into the backup if it at the end of it you are none the wiser as to what file it was that was "unsafe"? And, of course, the most "unsafe" thing is that you have no backup!!!

Sean

Use debug mode for dataskq then:

Set a task for backups with "now" -> debug dataskq from shell

Search the forums and help section to get information how to do it.

 

[DirectAdmin Support]

Hello,

Jeff directed me to this thread.

The error "file didn't pass safety check" relates to the writing of a config file, specifically the contents of the file

Check:
/var/log/directadmin/security.log

for info on exactly what it triggering the message. The message will likely start with "***HACKER WARNING".
Looking at the code, a newline character in the value could trigger it... which my only guess right now would be if a filename somehow managed to get a \n or \r character in it.

John

 

[seanmiller]

That's exactly what it was, John.

I had guessed it might be that, as one file looked suspicious, but forgot that I'd backed up the directory into another directory before I did some hacks a week or so ago - so there was a "forum.backup" directory that still had the dodgy file in it.

That's great, anyway - because now I know where to look !!

Thanks for your help,

Sean