[0.8.50] Bug in if?

Marcin "WMP" Janowski janowski.m at gmail.com
Wed Sep 22 01:57:33 MSD 2010


I'm running a small shell server for me and my friends and would like
every user to have his own example.com/user web-accessible,
password-protected directory not available to other users. Preferably,
with authentication against PAM so that one password could be used for
all services.

Currently, this is the configuration I came up with (no PAM authentication yet):

location ~ ^/(.+?)/download(/.*)  {
               auth_basic            "Restricted";
               auth_basic_user_file  /etc/nginx/htpasswd;
               alias /home/$1/download$2;
               autoindex on;
               include mime.types;
               types { }
               default_type application/octet-stream;

and it works as expected. Now, I tried to separate users' access (so
that any given user had access only to his directory) with the if

location ~ ^/(.+?)/download(/.*)  {
               auth_basic            "Restricted";
               auth_basic_user_file  /etc/nginx/htpasswd;
               alias /home/$1/download$2;
               autoindex on;
               include mime.types;
               types { }
               default_type application/octet-stream;
               if ($remote_user != '') { set $hack b; }
               if ($remote_user != $1) { set $hack a$hack; }
               if ($hack = ab) { return 403; }

That caused 404 errors. This is the relevant fragment of the error log:

2010/09/21 23:12:41 [error] 31813#0: *245 "/home/wmp/download/.1
Hostindex.html" is not found (2: No such file or directory), client:, server: domain, request: "GET /wmp/download/
HTTP/1.1", host: "domain:9900"

And this is debug.log: http://pastebin.com/4wUQkXZH

Nginx was compiled with the following options:

--conf-path=/etc/nginx/nginx.conf --pid-path=/var/run/nginx.pid
--http-fastcgi-temp-path=/var/lib/nginx/fastcgi  --with-debug
--with-http_stub_status_module --with-http_flv_module
--with-http_ssl_module --with-http_dav_module
--with-http_gzip_static_module --with-http_realip_module --with-mail
--with-mail_ssl_module --with-ipv6
--with-perl=/usr/bin/perl --sbin-path=/usr/sbin
--http-log-path=/var/log/nginx/access.log --with-http_perl_module

wmp is, obviously, my username

Is what I'm trying to do even possible? If so, how?

I would like to thank kolbyjack from #nginx for his help with this
problem so far.

Marcin Janowski(WMP)

More information about the nginx mailing list