具有符号链接的mod_xsendfile [英] mod_xsendfile with symbolic links

问题描述

我在使用Rails 3应用程序时使用xsendfile遇到问题。

I'm running into an issue using xsendfile with my Rails 3 app.

我正在使用capistrano来管理部署，并且在每个发行版中都有一个符号链接到共享/资产目录（例如/ var / www / site / releases / 1234 / assets => / var / www / site / shared / assets）。问题在于XSendFile似乎没有遵循符号链接。在我的apache日志中，我看到以下错误：

I'm using capistrano to manage deployments and in each release, there is a symbolic link to the shared/assets dir (e.g. /var/www/site/releases/1234/assets => /var/www/site/shared/assets). The problem is that that XSendFile doesn't seem to follow the symbolic links. In my apache logs, I'm seeing the following error:

The given path was above the root path: xsendfile: unable to find file: /var/www/site/releases/20110406205607/assets/pdfs/2/original/test.pdf

我将XSendFilePath配置设置为

I have the XSendFilePath config set as

XSendFilePath /var/www/site/shared/assets

如果我将配置切换为：

XSendFilePath /var/www/site/releases

然后一切正常。所以我有几个问题：

Then everything works fine. So I have a couple of questions:

1）有没有办法使XSendFilePath遵循符号链接？

1) Is there a way to make the XSendFilePath follow the symbolic link?

2）将XSendFilePath设置为发布目录是否存在安全风险？换句话说，我是否打开对所有该目录的访问权限？

2) Is there a security risk with setting the XSendFilePath to my releases dir? In other words, do I open up access to all of that dir?

推荐答案

您是否正在使用<$ c创建链接$ c>在 deploy：finalize_update之后任务类似于：

Are you creating the link using an after "deploy:finalize_update" task similar to this:

task :storage_link, :except => { :no_release => true } do
    run "ln -nFs #{deploy_to}/shared/assets #{latest_release}/assets"
end

这使XSendFilePath将链接视为 / var / www / site / current / assets ，将其放在根路径中。

This makes XSendFilePath see the link as /var/www/site/current/assets which puts it inside of the root path.

还要确保运行您的应用的用户拥有/ var / www / site / shared / assets并具有写权限。

Also make sure the user running your app owns and has write permissions on /var/www/site/shared/assets.

这篇关于具有符号链接的mod_xsendfile的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！