Hello, I'm trying to set up webdav on apache on centos. My web area has dav on set, it's permissions are 775 owner of the apache user and group of the webdev group which i put users in who can write to the area. As a user locally logged on to the machine i can cd to the area and create content though it is owned and has a group of the user who made it i don't think this is what i want. Whenever i try to connect via webdav i'm informed that a new folder can not be created. Here's some output any help appreciated. Thanks. Dave.
<VirtualHost *:80> ServerName test.example.com ServerAdmin webmaster@example.com DocumentRoot /var/www/test.example.com/data ErrorLog /var/www/test.example.com/logs/error_log TransferLog /var//www/test.example.com/logs/access_log <directory /var/www/test.example.com/data> Options +Includes Indexes FollowSymLinks AddType text/html shtm AddOutputFilter Includes shtm AllowOverride all Dav On AuthType Basic AuthName "Test and Development Area" AuthUserFile /var/www/test.example.com/secure/htpasswd AuthGroupFile /dev/null require valid-user Order allow,deny allow from all satisfy all </directory> DavLockDB "/var/www/test.example.com/dav/davdb" </VirtualHost>
[Tue Aug 18 12:33:19 2009] [error] [client xxx.xxx.xxx.xxx] File does not exist: /var/www/test.example.com/data/New Folder [Tue Aug 18 12:33:20 2009] [error] [client xxx.xxx.xxx.xxx] (13)Permission denied: Unable to create collection. [403, #0] xxx.xxx.xxx.xxx - user [18/Aug/2009:12:33:19 -0500] "HEAD /New%20Folder HTTP/1.1" 404 - xxx.xxx.xxx.xxx - user [18/Aug/2009:12:33:20 -0500] "MKCOL /New%20Folder HTTP/1.1" 403 212
directory permissions: drwxrwxr-x 2 root webdev 4096 Aug 18 12:31 data/
Hi,
On Tue, Aug 18, 2009 at 13:48, Davedave.mehler@gmail.com wrote:
As a user locally logged on to the machine i can cd to the area and create content though it is owned and has a group of the user who made it i don't think this is what i want.
If you want files created under that directory to belong to group "webdev" you should set permissions to 2775 (first "2" is for "g+s" or setgid bit) on the directories under /var/www/test.example.com/data. This will force new files and directories to have the same group as the parent directory, and new subdirectories to have the setgid bit as well (so that files under those will have the same group too).
[Tue Aug 18 12:33:19 2009] [error] [client xxx.xxx.xxx.xxx] File does not exist: /var/www/test.example.com/data/New Folder [Tue Aug 18 12:33:20 2009] [error] [client xxx.xxx.xxx.xxx] (13)Permission denied: Unable to create collection. [403, #0] xxx.xxx.xxx.xxx - user [18/Aug/2009:12:33:19 -0500] "HEAD /New%20Folder HTTP/1.1" 404 - xxx.xxx.xxx.xxx - user [18/Aug/2009:12:33:20 -0500] "MKCOL /New%20Folder HTTP/1.1" 403 212
directory permissions: drwxrwxr-x 2 root webdev 4096 Aug 18 12:31 data/
Does the "apache" user belong to the "webdev" group? What does "id apache" return? Did you restart Apache after adding the user to the "webdev" group?
HTH, Filipe
Hello, Thanks for your reply. I've made the permission change. Apache is not part of the webdev group webdev is just a group i made to put web developers in, that's also why permissions are 775. id apache returns 48 as that's the user and group id apache is running under, it's installed from the rpm. I have restarted apache since adding users to the webdev group. Thanks. Dave.
p? What does "id apache" return? Did you restart Apache after adding the user to the "webdev" group?
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Filipe Brandenburger Sent: Tuesday, August 18, 2009 1:53 PM To: CentOS mailing list Subject: Re: [CentOS] WebDav on CentOS?
Hi,
On Tue, Aug 18, 2009 at 13:48, Davedave.mehler@gmail.com wrote:
As a user locally logged on to the machine i can cd to the area and create content though it is owned and has a group of the user who made it i don't think this is what i want.
If you want files created under that directory to belong to group "webdev" you should set permissions to 2775 (first "2" is for "g+s" or setgid bit) on the directories under /var/www/test.example.com/data. This will force new files and directories to have the same group as the parent directory, and new subdirectories to have the setgid bit as well (so that files under those will have the same group too).
[Tue Aug 18 12:33:19 2009] [error] [client xxx.xxx.xxx.xxx] File does not exist: /var/www/test.example.com/data/New Folder [Tue Aug 18 12:33:20 2009] [error] [client xxx.xxx.xxx.xxx] (13)Permission denied: Unable to create collection. [403, #0] xxx.xxx.xxx.xxx - user [18/Aug/2009:12:33:19 -0500] "HEAD /New%20Folder HTTP/1.1" 404 - xxx.xxx.xxx.xxx - user [18/Aug/2009:12:33:20 -0500] "MKCOL /New%20Folder HTTP/1.1" 403 212
directory permissions: drwxrwxr-x 2 root webdev 4096 Aug 18 12:31 data/
Does the "apache" user belong to the "webdev" group? What does "id apache" return? Did you restart Apache after adding the user to the "webdev" group?
HTH, Filipe _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Hi,
On Tue, Aug 18, 2009 at 14:04, Davedave.mehler@gmail.com wrote:
Apache is not part of the webdev group webdev is just a group i made to put web developers in,
directory permissions: drwxrwxr-x 2 root webdev 4096 Aug 18 12:31 data/
That way Apache will not be able to write to that directory... if you want that to happen, you should either change the permissions to apache:apache or add the user apache to the webdev group.
By the way, please do not top post, see Guidelines for CentOS Mailing List posts here: http://www.centos.org/modules/tinycontent/index.php?id=16
HTH, Filipe
-
Dave -
Filipe Brandenburger