问题[webdav](server)

编辑 Nextcloud 构建了自己的 Webdav 实现 Sabredav。

会不会是以下 nginx 模块在干扰？--with-http_dav_module --add-module=/var/tmp/nginx-dav-ext-module

有人知道我应该如何动态编译它们？所以我能够在每个虚拟主机配置的运行时加载/卸载？

谢谢 :) 编辑结束

我Ubuntu server 20.04在个人服务器上运行，在该服务器上部署了手动安装，Nextcloud除了webdav.

整个事情在nginx 1.19.3,php-8.0和下运行FPM。

尝试通过davfs挂载nextcloud私有目录：

# mount -t davfs https://drive.example.com/remote.php/dav/files/myuser/ /mnt
Please enter the username to authenticate with server
https://drive.example.com/remote.php/dav/files/myuser/ or hit enter for none.
  Username: myuser
Please enter the password to authenticate user myuser with server
https://drive.example.com/remote.php/dav/files/myuser/ or hit enter for none.
  Password:
/sbin/mount.davfs: Mounting failed.
Could not authenticate to server: rejected Basic challenge

Nextcloud 与上一条mount命令相关的日志：

# cat /home/nginx/Tools/nextcloud_data/nextcloud.log
{"reqId":"gf8ZgEQVDV7AoHp667YG","level":2,"time":"2022-04-05T17:50:58+00:00","remoteAddr":"x.y.z.w","user":"--","app":"core","method":"OPTIONS","url":"/remote.php/dav/files/myuser/","message":"Login failed: 'myuser' (Remote IP: 'x.y.z.w')","userAgent":"davfs2/1.5.5 neon/0.30.2","version":"23.0.3.2"}

上一条命令相关的Nginx日志mount：

# cat /var/log/nginx/nextcloud.log
x.y.z.w drive.example.com - [05/Apr/2022:13:53:31 -0400] "OPTIONS /remote.php/dav/files/myuser/ HTTP/1.1" 401 569 "-" "davfs2/1.5.5 neon/0.30.2" "-" "-"
x.y.z.w drive.example.com myuser [05/Apr/2022:13:53:57 -0400] "OPTIONS /remote.php/dav/files/myuser/ HTTP/1.1" 401 427 "-" "davfs2/1.5.5 neon/0.30.2" "-" "Basic CRYPTED_PASSWORD"

一些不相​​关的 Ubuntu 信息：

# lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 20.04.4 LTS
Release:    20.04
Codename:   focal

# uname -a
Linux host.example.com 5.4.0-107-generic #121-Ubuntu SMP Thu Mar 24 16:04:27 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux

Nginx 已经从 nginx 官方 repo 的源代码和通过 apt 下载和编译：

# apt source nginx
# cd nginx-0.8.54
# edit debian/rules
# dpkg-buildpackage -b nginx

Nginx版本、特性和编译参数：

# nginx -vV
nginx version: nginx/1.19.3
built by gcc 9.3.0 (Ubuntu 9.3.0-10ubuntu2)
built with OpenSSL 1.1.1g  21 Apr 2020
TLS SNI support enabled
configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-compat --with-file-aio --with-threads --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_flv_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_slice_module --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module --with-http_v2_module --with-mail --with-mail_ssl_module --with-stream --with-stream_realip_module --with-stream_ssl_module --with-stream_ssl_preread_module --with-cc-opt='-g -O2 -fdebug-prefix-map=/var/tmp/nginx-1.19.3=. -fstack-protector-strong -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fPIC' --with-ld-opt='-Wl,-Bsymbolic-functions -Wl,-z,relro -Wl,-z,now -Wl,--as-needed -pie' --add-dynamic-module=/var/tmp/ngx_http_geoip2_module --with-http_geoip_module --with-http_dav_module --add-module=/var/tmp/nginx-dav-ext-module --without-mail_imap_module --without-mail_pop3_module --without-mail_smtp_module --without-http_limit_conn_module --add-module=/var/tmp/incubator-pagespeed-ngx-1.13.35.2-stable/ --add-module=/home/nginx/Tools/openproject/.rbenv/versions/2.6.1//lib/ruby/gems/2.6.0//gems/passenger-6.0.6/src/nginx_module/

PHP信息：

# php8.0 --version
PHP 8.0.15 (cli) (built: Jan 29 2022 07:24:52) ( NTS )
Copyright (c) The PHP Group
Zend Engine v4.0.15, Copyright (c) Zend Technologies
    with Zend OPcache v8.0.15, Copyright (c), by Zend Technologies


# php8.0 -m
[PHP Modules]
apcu
bcmath
bz2
calendar
Core
ctype
curl
date
dom
exif
FFI
fileinfo
filter
ftp
gd
gettext
gmp
hash
iconv
igbinary
imagick
intl
json
libxml
mbstring
memcache
mongodb
mysqli
mysqlnd
openssl
pcntl
pcre
PDO
pdo_mysql
pdo_sqlite
Phar
posix
pspell
readline
redis
Reflection
session
shmop
SimpleXML
soap
sockets
sodium
SPL
sqlite3
standard
sysvmsg
sysvsem
sysvshm
tokenizer
xml
xmlreader
xmlrpc
xmlwriter
xsl
Zend OPcache
zip
zlib

[Zend Modules]
Zend OPcache

Nextcloud信息：

# sudo -u nginx php8.0 /home/nginx/Tools/nextcloud/occ status
  - installed: true
  - version: 23.0.3.2
  - versionstring: 23.0.3
  - edition:
  - maintenance: false
  - needsDbUpgrade: false
  - productname: Nextcloud
  - extendedSupport: false

Nginx 虚拟主机文件：

# cat /etc/nginx/sites-enabled/nextcloud.conf

cat /etc/nginx/sites-enabled/nextcloud.conf
upstream php-handler {
    server unix:/var/run/php/php8.0-fpm.sock;
}

# Set the `immutable` cache control options only for assets with a cache busting `v` argument
map $arg_v $asset_immutable {
    "" "";
    default "immutable";
}

server {
    listen 80;
    listen [::]:80;
    server_name drive.foobar.es drive.foobar.com cloud.foobar.es cloud.foobar.com cloud.example.es cloud.example.com cloud.example.net cloud.example.org cloud.example.info drive.example.es drive.example.com drive.example.org drive.example.net drive.example.info drive.example.cat cloud.example.cat;

    access_log  /var/log/nginx/nextcloud.access.log main;
    error_log   /var/log/nginx/nextcloud.error.log crit;

    return 301 https://$host$request_uri;
#    return 302 https://$host$request_uri;
}

server {
    listen      443 ssl http2;
    listen      [::]:443 ssl http2;
    server_name     drive.foobar.es drive.foobar.com cloud.foobar.es cloud.foobar.com cloud.example.es cloud.example.com cloud.example.net cloud.example.org cloud.example.info drive.example.es drive.example.com drive.example.org drive.example.net drive.example.info drive.example.cat cloud.example.cat;

    ssl_certificate     /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key     /etc/letsencrypt/live/example.com/privkey.pem;
    include         /etc/nginx/conf.d-enabled/ssl-security.conf;
    ssl_trusted_certificate /etc/letsencrypt/live/example.es/cert.pem;

    access_log          /var/log/nginx/nextcloud_ssl.access.log main;
    error_log           /var/log/nginx/nextcloud_ssl.error.log crit;

    # Codi per habilitar la renovació dels certificats Letsencrypt
    include /etc/nginx/snippets/letsencrypt-cert-renewal-dir.conf;

    if ($http_host != "drive.example.com" ) {
    rewrite ^ https://drive.example.com$request_uri permanent;
    break;
    }

    # HSTS settings
    # WARNING: Only add the preload option once you read about
    # the consequences in hstspreload.org. This option
    # will add the domain to a hardcoded list that is shipped
    # in all major browsers and getting removed from this list
    # could take several months.
    #add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;

    location = /robots.txt {
        allow all;
        log_not_found off;
        access_log off;
    }

    # Make a regex exception for `/.well-known` so that clients can still
    # access it despite the existence of the regex rule
    # `location ~ /(\.|autotest|...)` which would otherwise handle requests
    # for `/.well-known`.
    location ^~ /.well-known {
        # The rules in this block are an adaptation of the rules
        # in `.htaccess` that concern `/.well-known`.

        location = /.well-known/carddav { return 301 /remote.php/dav/; }
        location = /.well-known/caldav  { return 301 /remote.php/dav/; }

        location /.well-known/acme-challenge    { try_files $uri $uri/ =404; }
        location /.well-known/pki-validation    { try_files $uri $uri/ =404; }

        # Let Nextcloud's API for `/.well-known` URIs handle all other
        # requests by passing them to the front-end controller.
        return 301 /index.php$request_uri;
    }

#location ^~ / {
    # set max upload size and increase upload timeout:
    client_max_body_size 50G;
    client_body_timeout 300s;
    fastcgi_buffers 64 4K;

    client_body_temp_path /home/nginx/Tools/nextcloud_data/tmp/;
    fastcgi_param PHP_VALUE "upload_tmp_dir=/home/nginx/Tools/nextcloud_data/tmp/;";
    fastcgi_param PHP_VALUE "output_buffering=0;";
    add_header X-Accel-Buffering no;

    # Because php-fpm can’t read PHP settings in .htaccess these settings
    # must be set in the nextcloud/.user.ini
    # fastcgi_param PHP_VALUE "upload_max_filesize=5M;\n error_reporting=E_ALL;";
    fastcgi_param PHP_VALUE "upload_max_filesize=50G;";
    fastcgi_param PHP_VALUE "post_max_size=50G;";
    fastcgi_param PHP_VALUE "max_input_time=4600;";
    fastcgi_param PHP_VALUE "max_execution_time=3600;";
    fastcgi_param PHP_VALUE "request_terminate_timeout=3600;";
    fastcgi_read_timeout 3600;

    # Enable gzip but do not remove ETag headers
    gzip on;
    gzip_vary on;
    gzip_comp_level 4;
    gzip_min_length 256;
    gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
    gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/wasm application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;

    # Pagespeed is not supported by Nextcloud, so if your server is built
    # with the `ngx_pagespeed` module, uncomment this line to disable it.
    pagespeed off;

    # HTTP response headers borrowed from Nextcloud `.htaccess`
    add_header Referrer-Policy                      "no-referrer"   always;
    add_header X-Content-Type-Options               "nosniff"       always;
    add_header X-Download-Options                   "noopen"        always;
    add_header X-Frame-Options                      "SAMEORIGIN"    always;
    add_header X-Permitted-Cross-Domain-Policies    "none"          always;
    add_header X-Robots-Tag                         "none"          always;
    add_header X-XSS-Protection                     "1; mode=block" always;

    # Remove X-Powered-By, which is an information leak
    fastcgi_hide_header X-Powered-By;

    # Path to the root of your installation
    root /home/nginx/Tools/nextcloud/;

    # Specify how to handle directories -- specifying `/index.php$request_uri`
    # here as the fallback means that Nginx always exhibits the desired behaviour
    # when a client requests a path that corresponds to a directory that exists
    # on the server. In particular, if that directory contains an index.php file,
    # that file is correctly served; if it doesn't, then the request is passed to
    # the front-end controller. This consistent behaviour means that we don't need
    # to specify custom rules for certain paths (e.g. images and other assets,
    # `/updater`, `/ocm-provider`, `/ocs-provider`), and thus
    # `try_files $uri $uri/ /index.php$request_uri`
    # always provides the desired behaviour.
    index index.php index.html /index.php$request_uri;

    # Rule borrowed from `.htaccess` to handle Microsoft DAV clients
    location = / {
        if ( $http_user_agent ~ ^DavClnt ) {
            return 302 /remote.php/webdav/$is_args$args;
        }
    }

    # Rules borrowed from `.htaccess` to hide certain paths from clients
    location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)(?:$|/)  { return 404; }
    location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console)                { return 404; }

    # Ensure this block, which passes PHP files to the PHP process, is above the blocks
    # which handle static assets (as seen below). If this block is not declared first,
    # then Nginx will encounter an infinite rewriting loop when it prepends `/index.php`
    # to the URI, resulting in a HTTP 500 error response.
    location ~ \.php(?:$|/) {
        # Required for legacy support
        rewrite ^/(?!index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+|.+\/richdocumentscode\/proxy) /index.php$request_uri;

        fastcgi_split_path_info ^(.+?\.php)(/.*)$;
        set $path_info $fastcgi_path_info;

        try_files $fastcgi_script_name =404;

        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param PATH_INFO $path_info;
        fastcgi_param HTTPS on;

        fastcgi_param modHeadersAvailable true;         # Avoid sending the security headers twice
        fastcgi_param front_controller_active true;     # Enable pretty urls
        fastcgi_pass php-handler;

        fastcgi_intercept_errors on;
        fastcgi_request_buffering off;

        fastcgi_max_temp_file_size 0;
    }

   location ~ \.(?:css|js|svg|gif|png|jpg|ico|wasm|tflite|map)$ {
        try_files $uri /index.php$request_uri;
        add_header Cache-Control "public, max-age=15778463, $asset_immutable";
        access_log off;     # Optional: Don't log access to assets

        location ~ \.wasm$ {
            default_type application/wasm;
        }
    }

    location ~ \.woff2?$ {
        try_files $uri /index.php$request_uri;
        expires 7d;         # Cache-Control policy borrowed from `.htaccess`
        access_log off;     # Optional: Don't log access to assets
    }

    # Suppressing log messages
    # If you’re seeing meaningless messages in your logfile, for example client denied by server configuration: /var/www/data/htaccesstest.txt, add this section to your nginx configuration to suppress them:
    location = /data/htaccesstest.txt {
        allow all;
        log_not_found off;
        access_log off;
    }

    # Rule borrowed from `.htaccess`
    location /remote {
        return 301 /remote.php$request_uri;
    }

    location / {
        try_files $uri $uri/ /index.php$request_uri;
    }
#}
}

Nginx SSL 配置文件包含在nginx virtual host config file：

# cat /etc/nginx/conf.d-enabled/ssl-security.conf
  # enable session resumption to improve https performance
  # vincent.bernat.im/en/blog/2011-ssl-session-reuse-rfc5077.html
  ssl_session_cache shared:SSL:50m;
  ssl_session_timeout 1d;
  ssl_session_tickets off;

  # Diffie-Hellman parameter for DHE ciphersuites, recommended 2048 bits
  #ssl_dhparam /etc/ssl/certs/dhparam.pem;
  # openssl dhparam -dsaparam -out /etc/ssl/private/dhparam.pem 4096
  ssl_dhparam /etc/ssl/certs/dhparam4096.pem;

  # enables server-side protection from BEAST attacks
  # blog.ivanristic.com/2013/09/is-beast-still-a-threat.html
  ssl_prefer_server_ciphers on;

  # disable SSLv3(enabled by default since nginx 0.8.19) since it's less secure then TLS en.wikipedia.org/wiki/Secure_Sockets_Layer#SSL_3.0
  # Disabled protocols: TLSv1 TLSv1.1
  ssl_protocols SSLv3 TLSv1.2 TLSv1.3;
#  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

  # ciphers chosen for forward secrecy and compatibility
  # blog.ivanristic.com/2013/08/configuring-apache-nginx-and-openssl-for-forward-secrecy.html
  ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS';

  # enable ocsp stapling (mechanism by which a site can convey certificate revocation information to visitors in a privacy-preserving, scalable manner)
  # blog.mozilla.org/security/2013/07/29/ocsp-stapling-in-firefox/
  resolver 8.8.8.8 8.8.4.4;
  ssl_stapling on;
  ssl_stapling_verify on;
#  ssl_trusted_certificate /etc/nginx/ssl/star_forgott_com.crt;

  # config to enable HSTS(HTTP Strict Transport Security) developer.mozilla.org/en-US/docs/Security/HTTP_Strict_Transport_Security
  # to avoid ssl stripping en.wikipedia.org/wiki/SSL_stripping#SSL_stripping
  # also hstspreload.org/
  add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload";

# cat /etc/nginx/fastcgi
fastcgi.conf              fastcgi_params            fastcgi_params.dpkg-dist
root@we:~# cat /etc/nginx/fastcgi_params
fastcgi_param  QUERY_STRING       $query_string;
fastcgi_param  REQUEST_METHOD     $request_method;
fastcgi_param  CONTENT_TYPE       $content_type;
fastcgi_param  CONTENT_LENGTH     $content_length;

fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
fastcgi_param  REQUEST_URI        $request_uri;
fastcgi_param  DOCUMENT_URI       $document_uri;
fastcgi_param  DOCUMENT_ROOT      $document_root;
fastcgi_param  SERVER_PROTOCOL    $server_protocol;
fastcgi_param  HTTPS              $https if_not_empty;

fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;

fastcgi_param  REMOTE_ADDR        $remote_addr;
fastcgi_param  REMOTE_PORT        $remote_port;
fastcgi_param  SERVER_ADDR        $server_addr;
fastcgi_param  SERVER_PORT        $server_port;
fastcgi_param  SERVER_NAME        $server_name;

# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param  REDIRECT_STATUS    200;

### SET GEOIP Variables ###
fastcgi_param GEOIP_COUNTRY_CODE $geoip_country_code;
fastcgi_param GEOIP_COUNTRY_CODE3 $geoip_country_code3;
fastcgi_param GEOIP_COUNTRY_NAME $geoip_country_name;

fastcgi_param GEOIP_CITY_COUNTRY_CODE $geoip_city_country_code;
fastcgi_param GEOIP_CITY_COUNTRY_CODE3 $geoip_city_country_code3;
fastcgi_param GEOIP_CITY_COUNTRY_NAME $geoip_city_country_name;
fastcgi_param GEOIP_REGION $geoip_region;
fastcgi_param GEOIP_CITY $geoip_city;
fastcgi_param GEOIP_POSTAL_CODE $geoip_postal_code;
fastcgi_param GEOIP_CITY_CONTINENT_CODE $geoip_city_continent_code;
fastcgi_param GEOIP_LATITUDE $geoip_latitude;
fastcgi_param GEOIP_LONGITUDE $geoip_longitude;

非常感谢你。

希望有人可以提供帮助:)

我正在使用托管在我无权访问的虚拟机 (vm-A) 中的 owncloud 10.0.10 服务器。我可以从我的家用 PC 和我管理的付费提供商 (vm-B) 的虚拟机中使用 webdav 连接到它。一切顺利（读/写文件）。我最近获得了从我的工作 (vm-C) 访问第三个虚拟机的权限。当设置从 vm-C 到 vm-A 中的 webdav 服务器的 webdav 访问时，我可以浏览共享，但写入共享被破坏 - 它仅适用于非常小的文件 (<10kB)。davfs2 和 rclone 都会发生这种情况。
我很困惑，因为 vm-B（工作）和 vm-C（损坏）都是由我设置的，并且它们都是 Debian 稳定系统（使用的所有软件都完全相同 - 配置文件是逐字复制的）。另外 vm-C 仅在与 vm-A “对话”时才会损坏，第二台机器上有一个 webdav 服务器（vm-B - nextcloud - 最新稳定版本），vm-C 向该服务器写入大文件没有问题使用 webdav。
使用 rclone 时，日志显示：

2022/01/10 21:47:31 DEBUG : PUT /remote.php/dav/files/username/testfile HTTP/1.1
Host: host.url
User-Agent: rclone/v1.53.3-DEV
Content-Length: 40960
Authorization: XXXX
Content-Type: application/octet-stream
Oc-Checksum: SHA1:c90116149196cbf74ffb453ecb3b12945372ebfa
Referer: https://host.url/remote.php/dav/files/username/
X-Oc-Mtime: 1641851243
Accept-Encoding: gzip

2022/01/10 21:47:31 DEBUG : >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
2022/01/10 21:47:51 DEBUG : <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
2022/01/10 21:47:51 DEBUG : HTTP RESPONSE (req 0xc000222100)
2022/01/10 21:47:51 DEBUG : Error: read tcp 192.168.193.13:55270->45.61.32.79:443: read: connection reset by peer

2022/01/10 21:53:04 DEBUG : DELETE /remote.php/dav/files/username/testfile HTTP/1.1
2022/01/10 21:53:04 DEBUG : >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
2022/01/10 21:53:05 DEBUG : <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
2022/01/10 21:53:05 DEBUG : HTTP RESPONSE (req 0xc00067ba00)
2022/01/10 21:53:05 DEBUG : HTTP/1.1 404 Not Found

相同的错误消息有时会出现在小文件 (<10kB) 上，但在第二次或第三次重试时上传成功。

我正在尝试在我的 centos 8 上设置一个 webdav 服务器，并且在过去的几个小时里被一条"client denied by server configuration: /srv/webdav/fs"消息卡住了。我已经阅读了几个发生此错误的线程，但没有一个可以帮助我找出问题所在。

这是我的配置文件：

DavLockDB "/etc/httpd/var/davlock"
<VirtualHost *:443>
    ServerName example.com
    ServerAdmin example@mail
    DocumentRoot /srv/webdav
    ErrorLog /var/log/httpd/error.log
    CustomLog /var/log/httpd/access.log combined
    SSLEngine on
    SSLCertificateFile /etc/ssl/certs/apache-selfsigned.crt
    SSLCertificateKeyFile /etc/ssl/private/apache-selfsigned.key
    Alias /fs /srv/webdav/fs
    <Directory /fs>
        AuthType "Basic"
        AuthName "Password Manager"
        AuthBasicProvider file
        AuthUserFile "/etc/httpd/conf/dav_passwords"
        Require valid-user
        DAV On
        Options Indexes
    </Directory>
</VirtualHost>

我创建了一个用户sudo htpasswd -c /etc/httpd/conf/dav_passwords john。 /srv/webdav归 apache:apache 所有。

非常感谢您的帮助。提前致谢！

编辑：

我将日志级别更改为 trace3 并在错误文件中获得了一些更详细的日志。我仍然看不出问题出在哪里：

[Thu May 13 08:11:02.888221 2021] [ssl:trace3] [pid 3464:tid 140514974116160] ssl_engine_init.c(607): Using OpenSSL/system default SSL/TLS protocols
[Thu May 13 08:11:02.888225 2021] [ssl:trace3] [pid 3464:tid 140514974116160] ssl_engine_init.c(628): Creating new SSL context (protocols: default)
[Thu May 13 08:11:02.888535 2021] [ssl:trace1] [pid 3464:tid 140514974116160] ssl_engine_init.c(972): Configuring permitted SSL ciphers [ALL:!COMPLEMENTOFDEFAULT:!eNULL:!aNULL:!eNULL:!EXP]
[Thu May 13 08:11:02.888590 2021] [ssl:debug] [pid 3464:tid 140514974116160] ssl_engine_init.c(520): AH01893: Configuring TLS extension handling
[Thu May 13 08:11:02.888795 2021] [ssl:warn] [pid 3464:tid 140514974116160] AH01906: example.com:443:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Thu May 13 08:11:02.888809 2021] [ssl:trace3] [pid 3464:tid 140514974116160] ssl_util_ssl.c(433): [example.com:443] modssl_X509_match_name: expecting name 'example.com', matched by ID 'example.com'
[Thu May 13 08:11:02.888840 2021] [ssl:debug] [pid 3464:tid 140514974116160] ssl_util_ssl.c(444): AH02412: [example.com:443] Cert matches for name 'example.com' [subject: emailAddress=example@mail,CN=example.com / issuer: emailAddress=example@mail,CN=example.com / serial: 7C1166CC353EC7F29C68B66269042224CEE41E67 / notbefore: May 12 08:52:52 2021 GMT / notafter: May 12 08:52:52 2022 GMT]
[Thu May 13 08:11:02.888846 2021] [ssl:info] [pid 3464:tid 140514974116160] AH02568: Certificate and private key example.com:443:0 configured from /etc/ssl/certs/apache-selfsigned.crt and /etc/ssl/private/apache-selfsigned.key

我有一台运行 WebDAV 服务器的服务器。在我的 ubuntu 的 GUI 上使用 nautilus，我可以连接和读/写文件。我在终端上尝试过使用以下命令：

sudo mount -t davfs http://<host>:<port>/<sharename>/ <destination>

结果是：

/sbin/mount.davfs: mounting failed; the server does not support WebDAV

有没有其他的连接方式？

我有以下目录布局：

/var/www/
    example.com/
        logs/
        html/
        stuff/

Apache 配置为通常从/var/www/example.com/html

我已将 webdav 配置为适用于 urlhttps://example.com/server-admin并允许访问其他目录：

<VirtualHost>
...
    Alias /server-admin /var/www/example.com/  
    <Location /server-admin >  

        Dav on

        AllowOverride None
        ...

我AllowOverride None想禁用 htaccess 文件，这样它们就不会破坏 webdav 操作。

这种作品。但是：如果我上传一个语法错误的 htaccess 文件，一切都会因 500 内部服务器错误而崩溃。我猜即使没有使用该文件，apache仍然会解析它。

因此，我尝试使用AccessFilename .davaccess将其更改为其他名称，哪种有效，但不能<Location>在<VirtualHost>.

那么该怎么办？如何在 a 中禁用 htaccess<Location>或如何更改布局才能使其正常工作？

Windows Server 2012 R2 安装并启用了 IIS 8.5 和 WebDAV 功能。看起来所有的基础都在工作：

$curl --ntlm -u username:password -i -X OPTIONS http://server/file.docx

HTTP/1.1 200 OK
Allow: OPTIONS, TRACE, GET, HEAD, POST, COPY, PROPFIND, DELETE, MOVE, PROPPATCH, PUT, LOCK, UNLOCK
Server: Microsoft-IIS/8.5
Public: OPTIONS, TRACE, GET, HEAD, POST, PROPFIND, PROPPATCH, MKCOL, PUT, DELETE, COPY, MOVE, LOCK, UNLOCK
DAV: 1,2,3
MS-Author-Via: DAV
Persistent-Auth: true
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2016 05:10:15 GMT
Content-Length: 0

还：

$curl --request PROPFIND --ntlm -u username:password  --header "Content-Type: text/xml" --header "Brief:t" --data "<D:propfind xmlns:D='DAV:'><D:prop><D:displayname/><D:getcontentlength/><D:getlastmodified/></D:prop></D:propfind>" http://server/file.docx

<?xml version="1.0" encoding="utf-8"?>
<D:multistatus xmlns:D="DAV:"><D:response>
<D:href>http://server/file.docx</D:href>
<D:propstat><D:status>HTTP/1.1 200 OK</D:status>
<D:prop>
<D:getlastmodified>Wed, 07 Dec 2016 04:26:19 GMT</D:getlastmodified>
<D:displayname>file.docx</D:displayname>
<D:getcontentlength>16265</D:getcontentlength>
</D:prop>
</D:propstat>
</D:response>
</D:multistatus>

更新：还找到了从服务器删除文件和上传文件的 curl 命令，它们也都可以工作：

$curl --ntlm -u username:password -X DELETE http://server/file.docx
$curl --ntlm -u username:password -T file.docx http://server/

根据所有curl测试，基本的 WebDAV 似乎工作正常，但无论我如何尝试在 Microsoft Word 中打开此文件/URL，它都只能以只读方式打开。

我尝试将 URL 粘贴到 MS Word 的“打开文件”对话框中，我已经从命令行启动 Word，并带有该文件的 URL，我什至尝试了一些ms-word:ofe|u|http://server/file.docx来自网页的 MS Office 协议处理程序 ()。

每次我都是只读的。有关如何让 MS Office 正确使用此 WebDAV 的任何建议？我已经将同一个 MS Office 与另一个 WebDAV 实现（Atlassian Confluence）一起使用，所以我希望它只是需要一些 Office 配置或命令行开关。

_{首先让我说这是我在 AskUbuntu 中发布的一个问题的转贴。如果这违反了规则，那么请删除它。老实说，在进一步考虑该主题后，我意识到由于 autofs 在各种发行版中的工作原理基本相同，因此这更像是一个 autofs/linux 问题，而不是特定于 Ubuntu 的问题。当然，这是我的理由，因为我也希望获得更多关于这个问题的曝光：autofs 和 WebDAV 似乎是一个相当不常见的组合，所以我更有机会找到其他成功完成它的人我尝试在这个更通用的论坛中。}

我正在为真实的服务器名称和文件夹使用占位符，但是，我已尝试使它们尽可能代表真实名称，因此请注意我的大小写和标点符号，以防与我的问题有关。

我正在运行Ubuntu 16.04。
我已经安装了autofs和davfs2。

以下命令成功挂载：

mount -t davfs https://servername.mydomain.com:3333/Shared.Folder /testmount

它要求我输入用户名和密码，username@mydomain.com然后myypassword是成功挂载。

这告诉了我几件事：

1. 我的 WebDAV 服务器工作正常且配置正确。
2. HTTPS 工作正常。
3. 我的凭据已成功验证。

所以现在我正试图让它与autofs一起工作。

这是我的文件：

/etc/auto.master

/Server.mount /etc/auto.Servername.mount

/etc/auto.Servername.mount

storage-folder -fstype=davfs,ro :https://servername.mydomain.com:3333/Shared.Folder

/etc/davfs2/secrets

https://servername.mydomain.com:3333/Shared.Folder username@domain.com mypassword

使用此设置，如果我尝试浏览到/Servername.mount/storage-folder，我会得到一个No such file or directory error.

现在我 95% 确定我的问题是语法错误或身份验证错误。对于基于 WebDAV 的 autofs 实现，在 Web 上找不到很多示例，其中一些示例显示了冲突的语法。尽管如此，我已经尝试了我能想到的一切。

我认为auto.Servername.mount文件中的冒号很可能搞砸了解析，所以我尝试了以下所有组合：

storage-folder -fstype=davfs,ro https://servername.mydomain.com:3333/Shared.Folder
storage-folder -fstype=davfs,ro https\://servername.mydomain.com\:3333/Shared.Folder
storage-folder -fstype=davfs,ro :https\://servername.mydomain.com\:3333/Shared.Folder
storage-folder -fstype=davfs,ro https\://servername.mydomain.com\:3333:/Shared.Folder

如果这不是导致问题的原因，那么我认为这可能与secrets文件有关。所以我也为我的secrets：

/Servername.mount/storage-folder username@domain.com mypassword

由于我习惯于将凭据文件与基于 cifs 的 autofs 挂载一起使用，因此我也尝试在我的auto.Servername.mount文件中进行尝试，只是为了好玩：

storage-folder -fstype=davfs,ro,credentials=/etc/credentials.Servername.mount https://servername.mydomain.com:3333/Shared.Folder

简单credentials.Servername.mount地说：

Username=username@mydomain.com  
Password=mypassword  

我还尝试使用“credentials.Servername.mount”作为：

https://servername.mydomain.com:3333/Shared.Folder username@domain.com mypassword

没有任何效果。

所以我觉得我在这里遗漏了一些小而重要的语法或配置。我绝望地来到你身边。任何帮助，将不胜感激！

我已经设置了 Owncloud，我想使用 webdav 来管理和访问文件。由于用户权限，我更喜欢它而不是 sftp 用户的 samba 共享，然后我将拥有 .

它可以接受视频/音频流。我在owncloud 论坛上问过，但他们不确定它是否支持流媒体。

webdav 是否支持流式传输？
PS。如果确实如此，任何人都可以指出我使用 nginx 配置它的方向。

我们希望使用 webdav 服务器来发布一些内部文件共享，并希望使用这些共享上已建立的安全性进行发布。环境是Win 2012/iis8

我已阅读并尝试按照IIS7 和 7.5 的说明进行操作，但出现 500 个错误和 Web 配置错误。

我认为这与身份验证或创作规则有关，因为如果我正在使用用户文件夹进行测试，我可以为凭据或用户设置域管理员并且它将通过 - 但这不是我们想要做的。这似乎让它敞开了。

我不是 IIS 人，我在 IIS8 上搜索信息并没有给我所需的结果。非常感谢任何可能有帮助的方向。

我正在尝试在 Windows 8 上将 WebDAV 共享挂载为驱动器。我尝试在 Windows 2012 和 Debian Linux 上设置 WebDAV 服务器，但在尝试从客户端挂载时都会产生相同的错误。

我已经验证了 Linux WebDAV 通过cadaver -command 工作，它使用给定的凭据成功地进行了身份验证，并且我能够下载文件。我还可以使用浏览器使用这些凭据从客户端成功访问它。所以 WebDAV 服务器似乎可以工作。

但是，Windows 8 客户端给了我这个错误：

C:\>网络使用 * http://10.0.0.5/webdav/
发生系统错误 67。

找不到网络名称。

如果我尝试使用 Windows 资源管理器进行挂载，我会收到同样的错误。“/webdav/”是我为服务器上的 WebDAV 访问配置的子目录。

没有防火墙阻止访问服务器。正如我提到的，我可以使用浏览器进行连接，所以网络不是问题。

是否需要任何其他步骤才能使其正常工作和/或我做错了什么？

编辑： 来自 Apache 的日志显示以下内容（主机名已更改以保护无辜者）：

==> /var/log/apache2/other_vhosts_access.log <==
debian1.my.net:80 10.0.0.4 - - [13/Jul/2013:17:53:00 +0200] "OPTIONS / HTTP/1.1" 200 229 "-" "DavClnt"
debian1.my.net:80 10.0.0.4 - - [13/Jul/2013:17:53:03 +0200] "OPTIONS /WebDAV HTTP/1.1" 200 193 "-" "Microsoft-WebDAV-MiniRedir/6.2.9200 "
debian1.my.net:80 10.0.0.4 - - [13/Jul/2013:17:53:03 +0200] "PROPFIND /WebDAV HTTP/1.1" 405 584 "-" "Microsoft-WebDAV-MiniRedir/6.2.9200 "

我还可以使用 .Net 和SharpBox访问 WebDAV 。