Last modified: 2014-02-12 23:35:40 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T46733, the corresponding Phabricator task for complete and up-to-date bug report information.
First Last Prev Next    This bug is not in your last search results.
Bug 44733 - Requires a Manually Created Session file if <webroot>/../tmp does not exist
Requires a Manually Created Session file if <webroot>/../tmp does not exist
Status: UNCONFIRMED
Product: MediaWiki
Classification: Unclassified
Installer (Other open bugs)
1.20.x
PC Linux
: Low normal (vote)
: ---
Assigned To: Nobody - You can work on this!
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2013-02-07 03:31 UTC by Martin Vahi
Modified: 2014-02-12 23:35 UTC (History)
1 user (show)

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Martin Vahi 2013-02-07 03:31:30 UTC 
Environment, where the flaw has been 
repeatedly reproduced:

Folder <webroot>/../tmp does not exist.

A static copy of the phpinfo(); resides at
http://longterm.softf1.com/2013/bug_reports/mediawiki/2013_02_07_flaw_x1/2013_02_07_softf1_com_phpinfo.html


=========================================================

Reproduction sequence:

1) Create a folder (other than the <webroot>/../tmp)
   on a server and unpack the tarball of MediaWiki 1.20.2
   to that folder.

2) Go to the main, index, page of the MediaWiki installation.
   Screenshot:
   http://longterm.softf1.com/2013/bug_reports/mediawiki/2013_02_07_flaw_x1/screenshot_1.png

flaw_occurrence)
   Click on the "set up the wiki" link and a text with a
   structure of

   ---modified-citation--start--
   Error starting session: session_start() [<a href='function.session-start'>function.session-start</a>]:
   open(<webroot/../>tmp/sessions/sess_4eb0a6ec79237ce8110e41f5252f6a1d, O_RDWR) failed: No such file or directory (2)
   ---modified-citation--end--

   appears. Screenshot:
   http://longterm.softf1.com/2013/bug_reports/mediawiki/2013_02_07_flaw_x1/screenshot_2.png


=========================================================

Flaw Workaround:

Manually create an empty text file
with the path of <webroot>/../tmp/sessions/sess_4eb0a6ec79237ce8110e41f5252f6a1d

=========================================================
Comment 1 Andre Klapper 2013-02-07 07:40:51 UTC 
Hi Martin,
thanks for reporting. To clarify: 
The problem only happens when <webroot>/../tmp does not exist?
Comment 2 Martin Vahi 2013-02-07 23:09:57 UTC 
I retested it. In pseudo-Bash, the

    cd <webroot>/../
    mkdir            ./tmp
    chmod -f -R 0777 ./tmp

IS NOT ENOUGH for the workaround. On the other hand,

    cd <webroot>/../
    mkdir -p         ./tmp/sessions
    chmod -f -R 0777 ./tmp
    chmod -f -R 0777 ./tmp/sessions

IS ENOUGH for the workaround and the
session file gets created automatically.

Currently it seems to me that the
sessions folder is not created automatically, but
if it were created automatically, the flaw would not
be visible, provided that the <webroot>/../tmp existed
and were writable for the server process.

The MediaWiki 1.20.2 tarball
installation instructions in the INSTALL file
do not mention anything about the <webroot>/../tmp
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.

Navigation
Links