Greg Lopp on 27 Jul 2006 15:09:42 -0000 |
Here at work, I've been provided with an install of RedHat Enterprise Linux v4. I would like to get user directories working, but it is failing for some reason. When I try to get http://127.0.0.1/~greg/, it gives me a 403 page that says: ####################### Forbidden You don't have permission to access /~greg/ on this server. Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request. ------------------------------------------------------------------------ Apache/2.0.52 (Red Hat) Server at 127.0.0.1 Port 80 ######################## Sounds like a simple configuration problem, right? Well, my /etc/httpd/httpd.conf says: ######################## <IfModule mod_userdir.c> # # UserDir is disabled by default since it can confirm the presence # of a username on the system (depending on home directory # permissions). # #UserDir disable # # To enable requests to /~user/ to serve the user's public_html # directory, remove the "UserDir disable" line above, and uncomment # the following line instead: # UserDir public_html </IfModule> # # Control access to UserDir directories. The following is an example # for a site where these directories are restricted to read-only. # <Directory /home/*/public_html/> AllowOverride FileInfo AuthConfig Limit Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec <Limit GET POST OPTIONS> Order allow,deny Allow from all </Limit> <LimitExcept GET POST OPTIONS> Order deny,allow Deny from all </LimitExcept> </Directory> ######################## I don't know my Apache directives all that well, so I could be missing something there. All I've done is make that small change to enable UserDir. Everything else is the default config. What about file permissions? This is the thing that has me confused. I set strace on one of the httpd processes and watched it process the request: ######################## accept(3, {sa_family=AF_INET6, sin6_port=htons(33156), inet_pton(AF_INET6, "::ffff:127.0.0.1", &sin6_addr), sin6_flowinfo=0, sin6_scope_id=0}, [28]) = 12 semop(294919, 0x142746, 1) = 0 getsockname(12, {sa_family=AF_INET6, sin6_port=htons(80), inet_pton(AF_INET6, "::ffff:127.0.0.1", &sin6_addr), sin6_flowinfo=0, sin6_scope_id=0}, [28]) = 0 fcntl64(12, F_GETFL) = 0x2 (flags O_RDWR) fcntl64(12, F_SETFL, O_RDWR|O_NONBLOCK) = 0 read(12, "GET /~greg/ HTTP/1.1\r\nHost: 127."..., 8000) = 425 gettimeofday({1154012279, 325121}, NULL) = 0 open("/etc/passwd", O_RDONLY) = 13 fcntl64(13, F_GETFD) = 0 fcntl64(13, F_SETFD, FD_CLOEXEC) = 0 fstat64(13, {st_mode=S_IFREG|0644, st_size=1955, ...}) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7fff000 read(13, "root:x:0:0:root:/root:/bin/bash\n"..., 4096) = 1955 close(13) = 0 munmap(0xb7fff000, 4096) = 0 stat64("/home/greg/public_html/", 0xbff34564) = -1 EACCES (Permission denied) lstat64("/home", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0 lstat64("/home/greg", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0 lstat64("/home/greg/public_html", 0xbff34544) = -1 EACCES (Permission denied) gettimeofday({1154012279, 355964}, NULL) = 0 write(7, "[Thu Jul 27 09:57:59 2006] [erro"..., 102) = 102 writev(12, [{"HTTP/1.1 403 Forbidden\r\nDate: Th"..., 181}, {"<!DOCTYPE HTML PUBLIC \"-//IETF//"..., 403}], 2) = 584 write(9, "127.0.0.1 - - [27/Jul/2006:09:57"..., 163) = 163 shutdown(12, 1 /* send */) = 0 ######################## As seen above and confirmed elsewhere, /home has 755 permissions and /home/greg has 755 permissions. Apache chokes, however, when it tries to lstat64() /home/greg/public_html, but that directory also has 755. The strace suggests that this is a simple file permissions problem, but I don't understand why it would get that EACCES failure. What am I missing? ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|