RE: [PLUG] Apache problem

Chris Sandy on 27 Jul 2006 15:24:28 -0000

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

RE: [PLUG] Apache problem

From: "Chris Sandy" <chris@jynx.net>

To: "'Philadelphia Linux User's Group Discussion List'" <plug@lists.phillylinux.org>

Subject: RE: [PLUG] Apache problem

Date: Thu, 27 Jul 2006 11:24:04 -0400

Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>

Sender: plug-bounces@lists.phillylinux.org

Thread-index: AcaxjzON/VUAIu3uQb+hhtF/iO6BogAAWPQw

Silly question, but is there an index in ~greg I noticed you don't have listing enabled so you will get a 403 if theres no index Chris S chris@jynx.net www.jynx.net -----Original Message----- From: plug-bounces@lists.phillylinux.org [mailto:plug-bounces@lists.phillylinux.org] On Behalf Of Greg Lopp Sent: Thursday, July 27, 2006 11:09 AM To: Philadelphia Linux User's Group Discussion List Subject: [PLUG] Apache problem Here at work, I've been provided with an install of RedHat Enterprise Linux v4. I would like to get user directories working, but it is failing for some reason. When I try to get http://127.0.0.1/~greg/, it gives me a 403 page that says: ####################### Forbidden You don't have permission to access /~greg/ on this server. Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request. ------------------------------------------------------------------------ Apache/2.0.52 (Red Hat) Server at 127.0.0.1 Port 80 ######################## Sounds like a simple configuration problem, right? Well, my /etc/httpd/httpd.conf says: ######################## <IfModule mod_userdir.c> # # UserDir is disabled by default since it can confirm the presence # of a username on the system (depending on home directory # permissions). # #UserDir disable # # To enable requests to /~user/ to serve the user's public_html # directory, remove the "UserDir disable" line above, and uncomment # the following line instead: # UserDir public_html </IfModule> # # Control access to UserDir directories. The following is an example # for a site where these directories are restricted to read-only. # <Directory /home/*/public_html/> AllowOverride FileInfo AuthConfig Limit Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec <Limit GET POST OPTIONS> Order allow,deny Allow from all </Limit> <LimitExcept GET POST OPTIONS> Order deny,allow Deny from all </LimitExcept> </Directory> ######################## I don't know my Apache directives all that well, so I could be missing something there. All I've done is make that small change to enable UserDir. Everything else is the default config. What about file permissions? This is the thing that has me confused. I set strace on one of the httpd processes and watched it process the request: ######################## accept(3, {sa_family=AF_INET6, sin6_port=htons(33156), inet_pton(AF_INET6, "::ffff:127.0.0.1", &sin6_addr), sin6_flowinfo=0, sin6_scope_id=0}, [28]) = 12 semop(294919, 0x142746, 1) = 0 getsockname(12, {sa_family=AF_INET6, sin6_port=htons(80), inet_pton(AF_INET6, "::ffff:127.0.0.1", &sin6_addr), sin6_flowinfo=0, sin6_scope_id=0}, [28]) = 0 fcntl64(12, F_GETFL) = 0x2 (flags O_RDWR) fcntl64(12, F_SETFL, O_RDWR|O_NONBLOCK) = 0 read(12, "GET /~greg/ HTTP/1.1\r\nHost: 127."..., 8000) = 425 gettimeofday({1154012279, 325121}, NULL) = 0 open("/etc/passwd", O_RDONLY) = 13 fcntl64(13, F_GETFD) = 0 fcntl64(13, F_SETFD, FD_CLOEXEC) = 0 fstat64(13, {st_mode=S_IFREG|0644, st_size=1955, ...}) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7fff000 read(13, "root:x:0:0:root:/root:/bin/bash\n"..., 4096) = 1955 close(13) = 0 munmap(0xb7fff000, 4096) = 0 stat64("/home/greg/public_html/", 0xbff34564) = -1 EACCES (Permission denied) lstat64("/home", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0 lstat64("/home/greg", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0 lstat64("/home/greg/public_html", 0xbff34544) = -1 EACCES (Permission denied) gettimeofday({1154012279, 355964}, NULL) = 0 write(7, "[Thu Jul 27 09:57:59 2006] [erro"..., 102) = 102 writev(12, [{"HTTP/1.1 403 Forbidden\r\nDate: Th"..., 181}, {"<!DOCTYPE HTML PUBLIC \"-//IETF//"..., 403}], 2) = 584 write(9, "127.0.0.1 - - [27/Jul/2006:09:57"..., 163) = 163 shutdown(12, 1 /* send */) = 0 ######################## As seen above and confirmed elsewhere, /home has 755 permissions and /home/greg has 755 permissions. Apache chokes, however, when it tries to lstat64() /home/greg/public_html, but that directory also has 755. The strace suggests that this is a simple file permissions problem, but I don't understand why it would get that EACCES failure. What am I missing? ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug

References:

[PLUG] Apache problem
From: Greg Lopp <lopp@pobox.com>

Prev by Date: Re: [PLUG] Linux Port

Next by Date: Re: [PLUG] Re: Verizon FIOS..Any thoughts?

Previous by thread: Re: [PLUG] Apache problem

Next by thread: [PLUG] Disaster Recovery and user accounts

Index(es):

Date

Thread