On 12/28/2016 04:16 AM, Robert Moskowitz wrote:
On 12/27/2016 08:20 PM, John Fawcett wrote:
On 12/28/2016 01:43 AM, John Fawcett wrote:
On 12/28/2016 01:12 AM, Robert Moskowitz wrote:
On 12/27/2016 07:06 PM, John Fawcett wrote:
On 12/28/2016 12:34 AM, Robert Moskowitz wrote:
On 12/27/2016 05:44 PM, John Fawcett wrote: > That error should be caused by having MultiViews options but > incorrect > permissions (711 instead of 755) on the directory. I just did chmod -R 755 /home/rgm/public_html and no change in behavior.
Even tried chmod -R 755 /home/rgm
Are you actually using MultiViews? If you don't need that option, maybe the easiest thing is to take it out and see if the error message changes.
I am using the default conf file for userdir.
/etc/httpd/conf.d/userdir.conf
So I deleted Multiviews and now the error is:
[Tue Dec 27 19:09:31.013176 2016] [autoindex:error] [pid 2138] (13)Permission denied: [client 192.168.160.12:55762] AH01275: Can't open directory for index: /home/rgm/public_html/family/
I know this is not going to help, but that error means that apache does not have access to read the directory /home/rgm/public_html/family/. That doesn't really fit with the rest of the evidence, that you have chmod 755 everything from /home/rgm/public_html downwards and that apache can read specific files from /home/rgm/public_html. John _______________________________________________ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Here is a small test program that you can use to check the permissions.
You can compile it with:
cc -o test test.c
This is on Centos7-arm, so I will have to install all the build stuff, and hopefully won't take too long to compile....
Tomorrow most likely.
then run it with:
./test apache /home/rgm/public_html/family/
where apache is the name of the user that your web server runs under (check it with ps -ef | grep http). You should run it as root (or from sudo).
John
------test.c-------
#include <pwd.h> #include <stdio.h> #include <stdlib.h> #include <unistd.h> #include <errno.h> #include <sys/types.h> #include <dirent.h>
int main(int argc, char *argv[]) { struct passwd pwd; struct passwd *result; char *buf; size_t bufsize; int s;
if (argc != 3) { fprintf(stderr, "Usage: %s username directory\n", argv[0]); exit(EXIT_FAILURE); } bufsize = sysconf(_SC_GETPW_R_SIZE_MAX); if (bufsize == -1) /* Value was indeterminate */ bufsize = 16384; /* Should be more than enough */ buf = malloc(bufsize); if (buf == NULL) { perror("malloc"); exit(EXIT_FAILURE); } s = getpwnam_r(argv[1], &pwd, buf, bufsize, &result); if (result == NULL) { if (s == 0) printf("Not found\n"); else { errno = s; perror("getpwnam_r"); } exit(EXIT_FAILURE); } printf("Name: %s; UID: %ld GID: %ld\n", pwd.pw_gecos, (long)
pwd.pw_uid, (long) pwd.pw_gid);
/* process is running as root, drop privileges */ if (getuid() == 0) { if (setgid(pwd.pw_gid) != 0) { perror("setgid: Unable to drop group privileges"); exit(EXIT_FAILURE); } if (setuid(pwd.pw_uid) != 0) { perror("setuid: Unable to drop user privileges"); exit(EXIT_FAILURE); } printf("dropped privileges\n"); } else { errno = ENOTSUP; perror("process is not running as root cannot change user\n"); exit(EXIT_FAILURE); } /* check privileges really dropped */ if (setuid(0) != -1) { errno = ENOTSUP; perror("ERROR: Managed to regain root privileges"); exit(EXIT_FAILURE); } /* open directory */ DIR * d; d = opendir(argv[2]); printf("Attempting to open directory %s\n",argv[2]); if (d == NULL) { perror("Error opening directory"); exit(EXIT_FAILURE); } else { printf("Success opening directory %s\n",argv[2]); } exit(EXIT_SUCCESS);
}
CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
I'm not sure if it is worth installing a build system just for this unless you need it for other stuff. Maybe other lines of investigation will bring up something.
John