When using this file structure:
/home/me/build/drupal (drupal root)
/home/me/build/drupal-private/default (private data directory)
Running "drush bb db" will fail because it badly munges the file path (error output below). This symptom is similar to https://drupal.org/node/1997354 (except that issue was closed because too many people reported similar-but-different problems) and to https://drupal.org/node/2144239 (except that issue deals with a different directory structure).
The attached patch fixes this by tightening the string comparison in dir_in_webroot().
------------------ Error output ---------
$ drush bb db
file_put_contents(private/default/backup_migrate/manual/.htaccess): failed to open stream: No such file or directory file.inc:494 [warning]
WD security: Security warning: Couldn't write .htaccess file. Please create a .htaccess file in your private/default/backup_migrate/manual directory which contains [error]
the following lines: Deny from all
# Turn off all options we don't need.
Options None
Options +FollowSymLinks
# Set the catch-all handler to prevent scripts from being executed.
SetHandler Drupal_Security_Do_Not_Remove_See_SA_2006_006
# Override the handler again if we're run later in the evaluation list.
SetHandler Drupal_Security_Do_Not_Remove_See_SA_2013_003
# If we know how to do it safely, disable the PHP engine entirely.
php_flag engine off
fopen(private/default/backup_migrate/manual/test.txt): failed to open stream: No such file or directory destinations.file.inc:210 [warning]
file_put_contents(private/default/backup_migrate/manual/.htaccess): failed to open stream: No such file or directory file.inc:494 [warning]
WD security: Security warning: Couldn't write .htaccess file. Please create a .htaccess file in your private/default/backup_migrate/manual directory which contains [error]
the following lines: Deny from all
# Turn off all options we don't need.
Options None
Options +FollowSymLinks
# Set the catch-all handler to prevent scripts from being executed.
SetHandler Drupal_Security_Do_Not_Remove_See_SA_2006_006
# Override the handler again if we're run later in the evaluation list.
SetHandler Drupal_Security_Do_Not_Remove_See_SA_2013_003
# If we know how to do it safely, disable the PHP engine entirely.
php_flag engine off
fopen(private/default/backup_migrate/manual/test.txt): failed to open stream: No such file or directory destinations.file.inc:210 [warning]
Could not run backup because the file could not be saved to the destination. [error]
WD backup_migrate: Could not run backup because the file could not be saved to the destination. [error]
Security notice: Backup and Migrate was unable to write a test text file to the destination directory private/default/backup_migrate/manual, and is therefore unable[error]
to check the security of the backup destination. Backups to the server will be disabled until the destination becomes writable and secure.
Security notice: Backup and Migrate was unable to write a test text file to the destination directory private/default/backup_migrate/manual, and is therefore unable[error]
to check the security of the backup destination. Backups to the server will be disabled until the destination becomes writable and secure.
Comment | File | Size | Author |
---|---|---|---|
destinations-file-inc.patch | 580 bytes | totten | |
Comments
Comment #1
totten CreditAttribution: totten commentedComment #2
Les LimLooks good; this also fixes false negatives when DRUPAL_ROOT is determined to be a symlinked path instead of the canonical path.
Comment #3
jsquyres CreditAttribution: jsquyres commentedI'm having this issue as well, and would love to see this patch included in a release.
Comment #4
ronan CreditAttribution: ronan commentedLooks good. Committed with a slight style change. Thanks all!